Ga naar inhoud

michael1991

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    322

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door michael1991

    Nieuwe PC nodig- max 600 euro

    in Archief Aan- en verkoopadvies

    Geplaatst:

    Beste,

    Ik heb een pc nodig voor lichte spellen te spelen. Mijn budget is maximum 600 euro. Dat is alleen maar de 'bak zelf''.

    1. Waarvoor heb ik een PC nodig? - Om te gamen, maar niet meteen de zwaarste spellen, er moet wel een optie zijn om hem uit te breiden om zwaardere spellen aan te kunnen
    2. Wat is mijn budget? - Maximum 600 euro.
    3. Een merkcomputer of een samenstelling? - Een samenstelling
    4. Ga ik overklokken? - Neen is niet nodig, misschien in de toekomst
    5. Ga ik later upgraden? - Ja zeker, er mag gerust een redelijk zware voeding er in zitten
    6. Heb ik al die nieuwe functies wel nodig? - USB 3.0 en Wi-fi kaartje is handig
    7. Ga ik zelf assembleren? - Neen, dat laat ik de winkel doen.
    8. Heb ik een besturingssysteem nodig? - Ja, maar ik twijfel hard tussen Windows 7 en 8. Ik laat de specialist beslissen in mijn plaats. Maar ik wil oudere spellen op mijn computer spelen (RCT3, The Sims 2). Dan lijkt Windows 7 het beste??)
    9. Ga ik zelf installeren? - Ja, normaal wijst dat toch zichzelf uit.
    10. Heb ik een voorkeur aan onderdelen? - Neen
    11. Heb ik nog randapparatuur nodig? - Andere producten koop ik in de Media markt
    12. Heb ik specifieke wensen? - Mijn pc komt op mijn kamer, soms wil ik hem laten draaien , dus ik moet de slaap kunnen vatten terwijl hij nog aan is. Hij moet stil zijn
    13. Woon je in Nederland of België, wil je bestellen bij een specifieke (web)winkel? - Alternate aub. ik moet kunnen betalen met bancontact mistercash, of via een overschrijving (heb geen kredietkaart)

    trage pc

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Normaal moet ik met deze probleemloos skype laten draaien, echter ondervind ik problemen..

    Skype start heel moeizaam op

    Videogesprekken lopen moeizaam, haperingen...

    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:39:57, on 9/07/2013

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v10.0 (10.00.9200.16618)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files (x86)\Skype\Phone\Skype.exe

    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

    C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

    O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

    O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

    O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

    O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKCU\..\Run: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized

    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\Run: [FreeCall] "C:\Program Files (x86)\FreeCall.com\FreeCall\freecall.exe" -nosplash -minimized

    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

    O4 - HKCU\..\Run: [ActionVoip] "C:\Program Files (x86)\ActionVoip.com\ActionVoip\actionvoip.exe" -nosplash -minimized

    O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Système')

    O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')

    O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')

    O8 - Extra context menu item: Ajouter à TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: Ajouter à TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll

    O9 - Extra 'Tools' menuitem: Ajouter à TOSHIBA Bulletin Board - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)

    O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe

    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)

    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --

    End of file - 25888 bytes

    speccy:

    http://speccy.piriform.com/results/PBC4jnmH78XxNWOQhHNEwzT

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Zoek.exe Version 4.0.0.2 Updated 12-May-2013

    Tool run by rwema on zo 12/05/2013 at 15:24:20,60.

    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64

    Running in: Normal Mode Internet Access Detected

    ==== Deleting Files \ Folders ======================

    "C:\Program Files (x86)\DealPly" not found

    "C:\users\rwema\AppData\Local\SDB56B.tmp" deleted

    "C:\users\rwema\AppData\Local\WLF54B.tmp" deleted

    "C:\users\rwema\AppData\Local\VWL54A.tmp" deleted

    "C:\users\rwema\AppData\Local\MAN4EB.tmp" deleted

    Hier de logje

    - - - Updated - - -

    Ik heb de map ''C:\Windows\System32\Tasks\Browser Updater;fs'' manueel verwijderd aangezien zoek.exe geen actie heeft ondernomen, is dat goed?

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst: · aangepast door michael1991
    smiley's uitgeschakeld

    Zoek.exe Version 4.0.0.2 Updated 06-May-2013

    Tool run by rwema on do 09/05/2013 at 21:57:51,22.

    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64

    Running in: Normal Mode Internet Access Detected

    ==== Running Processes ======================

    C:\Windows\system32\csrss.exe

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\csrss.exe

    C:\Windows\system32\services.exe

    C:\Windows\system32\lsass.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\winlogon.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k rpcss

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe

    C:\Windows\system32\svchost.exe -k GPSvcGroup

    C:\Windows\system32\SLsvc.exe

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\WLTRYSVC.EXE

    C:\Windows\System32\bcmwltry.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Windows\system32\WLANExt.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe

    C:\Program Files (x86)\Nero\Update\NASvc.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Windows\System32\svchost.exe -k WerSvcGroup

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Windows\PixArt\Pac207\Monitor.exe

    C:\Windows\System32\WLTRAY.EXE

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\igfxpers.exe

    C:\Windows\System32\wpcumi.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Windows\system32\igfxsrvc.exe

    C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe

    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\wuauclt.exe

    C:\Users\rwema\Downloads\zoek.exe

    C:\Windows\SysWOW64\conime.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    ==== Reset Hosts File ======================

    # Copyright © 1993-2006 Microsoft Corp.

    #

    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

    #

    # This file contains the mappings of IP addresses to host names. Each

    # entry should be kept on an individual line. The IP address should

    # be placed in the first column followed by the corresponding host name.

    # The IP address and the host name should be separated by at least one

    # space.

    #

    # Additionally, comments (such as these) may be inserted on individual

    # lines or following the machine name denoted by a '#' symbol.

    #

    # For example:

    #

    # 102.54.94.97 rhino.acme.com # source server

    # 38.25.63.10 x.acme.com # x client host

    127.0.0.1 localhost

    ::1 localhost

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4EA3530E-2812-47CE-8711-198817838C18} deleted successfully

    HKEY_USERS\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AAAD3490-D972-4ECF-8487-DBAE9FECFCFD} deleted successfully

    HKEY_USERS\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E67A2456-43CB-49B3-A147-6FB8A1E71F7C} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    ==== Installed Programs ======================

    æTorrent

    Acrobat.com

    Adobe AIR

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.6) - Nederlands

    Adobe Shockwave Player 12.0

    Advanced Audio FX Engine

    avast Free Antivirus

    Banctec Service Agreement

    CCleaner

    Cisco EAP-FAST Module

    Cisco LEAP Module

    Cisco PEAP Module

    CPUID CPU-Z 1.52.2

    DAEMON Tools Pro

    Dell Edoc Viewer

    Dell Getting Started Guide

    Dell Touchpad

    Dell Video Chat

    Dell Webcam Central

    Dell Wireless WLAN Card Utility

    DVD Flick 1.3.0.7

    Feedback Tool

    Free MP3 Cutter 1.01

    Google Chrome

    Google Update Helper

    GoogleÿEarth

    GTA San Andreas

    GTA2

    High-Definition Video Playback

    HiJackThis

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

    HyperCam 3

    Integrated Webcam Driver (1.02.02.0106)

    Intel® Graphics Media Accelerator Driver

    Java 7 (64-bit)

    K-Lite Codec Pack 9.6.5 (Full)

    League of Legends

    LibreOffice 3.6

    Malwarebytes Anti-Malware versie 1.75.0.1300

    Microsoft .NET Framework 1.1

    Microsoft .NET Framework 1.1 Security Update (KB2656353)

    Microsoft .NET Framework 1.1 Security Update (KB2656370)

    Microsoft .NET Framework 1.1 Security Update (KB979906)

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 4 Client Profile

    Microsoft .NET Framework 4 Client Profile NLD Language Pack

    Microsoft .NET Framework 4 Extended

    Microsoft .NET Framework 4 Extended NLD Language Pack

    Microsoft Office File Validation Add-In

    Microsoft Office Outlook Connector

    Microsoft Office Professional Edition 2003

    Microsoft Search Enhancement Pack

    Microsoft Silverlight

    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

    Microsoft Works

    Mozilla Maintenance Service

    Nero 11

    Nero 11 Disc Menus Basic

    Nero 11 Effects Basic

    Nero 11 Image Samples

    Nero 11 Kwik Themes Basic

    Nero 11 PiP Effects Basic

    Nero Audio Pack 1

    Nero BackItUp 11

    Nero BackItUp 11 Help (CHM)

    Nero Backup Drivers

    Nero Burning ROM 11

    Nero Burning ROM 11 Help (CHM)

    Nero ControlCenter 11

    Nero ControlCenter 11 Help (CHM)

    Nero Core Components 11

    Nero CoverDesigner 11

    Nero CoverDesigner 11 Help (CHM)

    Nero Express 11

    Nero Express 11 Help (CHM)

    Nero Kwik Media

    Nero Kwik Media Help (CHM)

    Nero Recode 11

    Nero Recode 11 Help (CHM)

    Nero RescueAgent 11

    Nero RescueAgent 11 Help (CHM)

    Nero SharedVideoCodecs

    Nero SoundTrax 11

    Nero SoundTrax 11 Help (CHM)

    Nero Update

    Nero Video 11

    Nero Video 11 Help (CHM)

    Nero WaveEditor 11

    Nero WaveEditor 11 Help (CHM)

    nero.prerequisites.msi

    NVIDIA PhysX

    Opera 12.15

    Paint.NET v3.5.10

    PowerDVD

    Quickset

    Razer Game Booster

    RealPlayer

    RealUpgrade 1.0

    RollerCoaster Tycoon 2

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

    Skype Click to Call

    Speccy

    swMSM

    Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

    Taalpakket voor Microsoft .NET Framework 4 Extended - NLD

    Ulead Photo Explorer 7.0 SE

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft .NET Framework 4 Extended (KB2468871)

    Update for Microsoft .NET Framework 4 Extended (KB2533523)

    Update for Microsoft .NET Framework 4 Extended (KB2600217)

    Visual C++ 2008 x86 Runtime - (v9.0.30729)

    Visual C++ 2008 x86 Runtime - v9.0.30729.01

    Visual C++ 8.0 Runtime Setup Package (x64)

    VLC media player 2.0.2

    Welcome App (Start-up experience)

    Winamp

    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Sync

    Windows Media Player Firefox Plugin

    WinRAR 4.01 (32-bit)

    ==== FireFox Fix ======================

    Deleted from C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker\prefs.js:

    user_pref("browser.startup.homepage", "about:home");

    user_pref("browser.newtab.url", "about:newtab");

    Added to C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker\prefs.js:

    user_pref("browser.startup.homepage", "http://www.google.com");

    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.newtab.url", "http://www.google.com/");

    user_pref("browser.search.defaultengine", "Google");

    user_pref("browser.search.defaultenginename", "Google");

    user_pref("browser.search.selectedEngine", "Google");

    user_pref("browser.search.order.1", "Google");

    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.search.suggest.enabled", true);

    user_pref("browser.search.useDBForOrder", true);

    ProfilePath: C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker

    user.js not found

    ---- Lines 33e0daa6-3af3-d8b5-6752-10e949c61516 removed from prefs.js ----

    ---- Lines 33e0daa6-3af3-d8b5-6752-10e949c61516 modified from prefs.js ----

    ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----

    ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----

    user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1250961781223},\"{ABDE892B-13A8-4d1b-88E6-365A6E755758}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Real\\\\RealPlayer\\\\BrowserRecordPlugin\\\\Firefox\\\\Ext\",\"mtime\":1279385194290},\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1345929712758}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Windows iLivid Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1324149852926},\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\",\"mtime\":1319752886293},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1350774361752}}}]");

    ---- FireFox user.js and prefs.js backups ----

    prefs_20130905_2308_.backup

    ==== Deleting Files \ Folders ======================

    "C:\Users\rwema\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

    "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

    "C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\BrowserMngrPreferences" deleted

    "C:\Windows\Launcher.exe" deleted

    "C:\Program Files (x86)\AutocompletePro" deleted

    "C:\Program Files (x86)\NCH_EN" deleted

    "C:\Program Files (x86)\Babylon" deleted

    "C:\Program Files (x86)\myBabylon_English" deleted

    "C:\Program Files (x86)\DVDVideoSoftTB" deleted

    "C:\Program Files (x86)\uTorrentBar_NL" deleted

    "C:\Program Files (x86)\Windows iLivid Toolbar" deleted

    "C:\Program Files (x86)\Protected Search" deleted

    "C:\Program Files (x86)\mixidj" deleted

    "C:\Program Files (x86)\OApps" deleted

    "C:\Program Files (x86)\Conduit" deleted

    "C:\Program Files (x86)\ConduitEngine" deleted

    "C:\ProgramData\boost_interprocess" deleted

    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search" deleted

    "C:\Users\rwema\AppData\Local\CRE" deleted

    "C:\Users\rwema\AppData\LocalLow\DataMngr" deleted

    "C:\Windows\SysWow64\searchplugins" deleted

    "C:\Windows\SysWow64\Extensions" deleted

    "C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}" deleted

    ==== System Specs ======================

    Windows: Windows Vista Home Premium Edition (64-bit) Service Pack 2 (Build 6002)

    Internet Explorer: 9.0.8112.16421

    Memory (RAM): 4054 MB

    CPU Info: Intel® Core2 Duo CPU T6500 @ 2.10GHz

    CPU Speed: 1263,4 MHz

    Sound Card: Speakers / Headphones (IDT High |

    Independent (R.T.C.) Headphones |

    Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver

    Monitors: 1x; Generic PnP Monitor |

    Screen Resolution: 1366 X 768 - 32 bit

    Network: Network Present

    Network Adapters: Dell Wireless 1397 WLAN Mini-Card | Broadcom NetLink Gigabit Ethernet

    CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpDVD+-RW TS-T633A | F: DTSOFT BDROM

    Ports: COM Ports NOT Present. LPT Port NOT Present.

    Mouse: 5 Button Wheel Mouse Present

    Hard Disks: C: 283,4GB | D: 14,6GB

    Hard Disks - Free: C: 61,8GB | D: 7,8GB

    Manufacturer *: Dell Inc.

    BIOS Info: AT/AT COMPATIBLE | 04/23/09 | DELL - 6040000

    Time Zone: West-Europa (standaardtijd)

    Motherboard *: Dell Inc. 0D176M

    Sun Java version: niet

    Sun Java version: opdracht,

    Country: Belgi‰

    Language: NLB

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====

    2013-05-09 01:02:43 BC2337716A473568ACF3CF60A4C5D7EC 28156 ----a-w- C:\Windows\SDB7DE2.tmp

    2013-05-09 01:02:37 E1201299C5B5E986184C15D1CE614A7A 2332 ----a-w- C:\Windows\MAN65FC.tmp

    2013-05-09 01:02:37 C83125DABB93A0EFAE2D73368B6C5EFC 1472 ----a-w- C:\Windows\VWL665B.tmp

    2013-05-09 01:02:37 74F5F65F602B2FA3C94FC1C2F53DC066 51450204 ----a-w- C:\Windows\WLF665C.tmp

    2013-05-08 01:03:52 BC2337716A473568ACF3CF60A4C5D7EC 28156 ----a-w- C:\Windows\SDBB6D1.tmp

    2013-05-08 01:03:47 F6B900501A46C42C20414447CEF861B8 51364710 ----a-w- C:\Windows\WLFA2B4.tmp

    2013-05-08 01:03:47 5A87DBB1928B1109E666609B19185C39 2332 ----a-w- C:\Windows\MANA254.tmp

    2013-05-08 01:03:47 539BD443FF5F0BD3B26C48378ABD662A 1472 ----a-w- C:\Windows\VWLA2B3.tmp

    2013-05-07 00:13:15 46BA8178666CFCD0E8975DDDE9917D06 3243 ----a-w- C:\Windows\DeleteOnReboot.bat

    ====== C:\Users\rwema\AppData\Local\Temp ====

    ====== C:\Windows\SysWOW64 =====

    ====== C:\Windows\SysWOW64\drivers =====

    ====== C:\Windows\Sysnative =====

    2013-05-08 16:13:51 63E4A4FF13932BFE51F209F781714313 377416 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT

    ====== C:\Windows\Sysnative\drivers =====

    2013-05-04 16:18:55 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

    2013-04-18 01:45:06 7E44C2684A6CA779B9D07CB4BD3F649D 178624 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys

    2013-04-18 01:45:05 DE6759B8D8E62BF0FFF2B05F05AFCEE6 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys

    2013-04-10 14:12:07 2ACCAA3C3C55370A32F17B3595E1A217 1513320 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

    ====== C:\Windows\Tasks ======

    ====== C:\Windows\Temp ======

    ======= C:\Program Files =====

    ======= C:\Program Files (x86) =====

    2013-05-06 22:46:06 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater

    2013-05-03 03:16:48 -------- d-----w- C:\Program Files (x86)\Free MP3 Cutter

    2013-05-03 02:38:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

    2013-05-03 02:38:43 -------- d-----w- C:\Program Files (x86)\Winamp

    2013-04-22 15:15:05 -------- d-----w- C:\Program Files (x86)\Razer

    2013-04-21 21:31:38 -------- d-----w- C:\Program Files (x86)\RaidCall

    ======= C: =====

    ====== C:\Users\rwema\AppData\Roaming ======

    2013-05-07 01:23:23 -------- d-----w- C:\users\Guest\AppData\Locallow\Google

    2013-05-07 01:20:26 -------- d-----w- C:\users\Guest\AppData\Local\Google

    2013-05-07 01:18:36 -------- d-s---w- C:\users\Guest\AppData\Locallow\Microsoft

    2013-05-07 01:17:42 -------- d-----w- C:\users\Guest\AppData\Roaming\Real

    2013-05-07 01:17:42 -------- d-----w- C:\users\Guest\AppData\Local\PowerDVD DX

    2013-05-07 01:16:31 BEA07E6D2B8DCE396FE21BAA61B34956 6 --sha-w- C:\users\Guest\AppData\Locallow\desktop.ini

    2013-05-07 01:16:31 -------- d-----r- C:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

    2013-05-07 01:15:32 -------- d-----w- C:\users\Guest\AppData\Roaming\Identities

    2013-05-07 01:15:07 -------- d-----w- C:\users\Guest\AppData\Local\VirtualStore

    2013-05-07 01:14:31 -------- d-sh--we C:\users\Guest\AppData\Local\Temporary Internet Files

    2013-05-07 01:14:31 -------- d-sh--we C:\users\Guest\AppData\Local\Geschiedenis

    2013-05-07 01:14:31 -------- d-sh--we C:\users\Guest\AppData\Local\Application Data

    2013-05-07 01:14:27 -------- d-s---w- C:\users\Guest\AppData\Roaming\Microsoft

    2013-05-07 01:14:27 -------- d-----w- C:\users\Guest\AppData\Roaming\Media Center Programs

    2013-05-07 01:14:27 -------- d-----w- C:\users\Guest\AppData\Local\temp

    2013-05-07 01:14:27 -------- d-----w- C:\users\Guest\AppData\Local\Microsoft

    2013-05-07 01:14:27 -------- d-----r- C:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

    2013-05-07 01:14:27 -------- d-----r- C:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

    2013-05-07 01:14:27 -------- d-----r- C:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

    2013-05-03 02:38:43 -------- d-----w- C:\users\rwema\AppData\Roaming\Winamp

    2013-04-26 01:23:49 BC2337716A473568ACF3CF60A4C5D7EC 28156 ----a-w- C:\users\rwema\AppData\Local\SDB56B.tmp

    2013-04-26 01:23:49 AA622D653C9A083D9578A8F1E26C4812 136740 ----a-w- C:\users\rwema\AppData\Local\WLF54B.tmp

    2013-04-26 01:23:48 53FC4283574D646BBD8B6A1CE96096C3 1506 ----a-w- C:\users\rwema\AppData\Local\VWL54A.tmp

    2013-04-26 01:23:48 030FCC6D18D5D40D88546C98427180C5 2400 ----a-w- C:\users\rwema\AppData\Local\MAN4EB.tmp

    2013-04-22 17:28:27 -------- d-----w- C:\users\rwema\AppData\Roaming\LolClient

    2013-04-22 15:16:17 -------- d-----w- C:\users\rwema\AppData\Local\Razer

    2013-04-21 21:33:15 -------- d-----w- C:\users\rwema\AppData\Roaming\raidcall

    2013-04-21 21:33:15 -------- d-----w- C:\users\rwema\AppData\Locallow\RCTW

    2013-04-21 21:33:15 -------- d-----w- C:\users\rwema\AppData\Locallow\raidcall

    2013-04-20 00:20:22 -------- d-----w- C:\users\rwema\AppData\Roaming\Web Page Maker

    2013-04-18 02:04:00 -------- d-----w- C:\users\rwema\AppData\Local\Abelssoft

    2013-04-16 18:32:12 -------- d-----w- C:\users\rwema\AppData\Local\Nero_AG

    2013-04-16 18:31:52 -------- d-----w- C:\users\rwema\AppData\Local\Nero

    ====== C:\Users\rwema ======

    2013-05-07 01:16:31 -------- d-----r- C:\Users\Guest\Searches

    2013-05-07 01:15:16 -------- d-----r- C:\Users\Guest\Contacts

    2013-05-07 01:14:31 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Guest\ntuser.ini

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Sjablonen

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\SendTo

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Recent

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Netwerkprinteromgeving

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\NetHood

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Mijn documenten

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Menu Start

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Local Settings

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Cookies

    2013-05-07 01:14:31 -------- d-sh--we C:\Users\Guest\Application Data

    2013-05-07 01:14:27 -------- d--h--w- C:\Users\Guest\AppData

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Videos

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Saved Games

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Pictures

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Music

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Links

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Favorites

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Downloads

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Documents

    2013-05-07 01:14:27 -------- d-----r- C:\Users\Guest\Desktop

    2013-05-03 03:16:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 Cutter

    2013-05-03 02:39:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp

    2013-04-24 22:14:43 -------- d-----w- C:\ProgramData\Altova

    2013-04-22 16:51:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1

    2013-04-22 15:21:54 -------- d-----w- C:\Users\rwema\.swt

    2013-04-22 15:15:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

    2013-04-22 15:15:05 -------- d-----w- C:\ProgramData\Razer

    2013-04-21 21:31:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall

    2013-04-20 22:05:28 -------- d-----w- C:\Users\rwema\Nieuwe map

    2013-04-20 00:20:22 -------- d-----w- C:\ProgramData\Web Page Maker

    ====== C: exe-files ==

    2013-05-06 22:46:20 035076B10EC9A07E15B8933E1EF589EB 231437 ----a-w- C:\Program Files (x86)\SoftwareUpdater\uninstall.exe

    2013-05-06 22:44:55 4CC618BF9E6B126CE1AB24EDFBD592A0 2885968 ----a-w- C:\Users\rwema\Downloads\installer_power_mp3_cutter_5_2_Dutch.exe

    2013-05-03 03:16:49 C5A0AA87AEA2D1510DD06747D01F852C 1359872 ----a-w- C:\Program Files (x86)\Free MP3 Cutter\MP3Cutter.exe

    2013-05-03 03:16:48 D85A009386E94EF1ED3011337F758B13 695578 ----a-w- C:\Program Files (x86)\Free MP3 Cutter\unins000.exe

    2013-05-03 03:16:25 8B72455588523BB2DF7095B744254A5A 919504 ----a-w- C:\Users\rwema\Downloads\FreeMP3Cutter.exe

    2013-05-03 03:14:17 D39160AB60A14E420EBDA3C478FDF381 584600 ----a-w- C:\Users\rwema\Downloads\cbsidlm-tr1_13-Free_MP3_Cutter-ORG-75182284.exe

    2013-05-03 02:39:23 B3F5F5B4637662196351ED701908EF5A 373238 ----a-w- C:\Program Files (x86)\Winamp\UninstWA.exe

    2013-05-03 02:38:52 D2728A10CCD2A675638B016D47B1C254 72176 ------w- C:\Program Files (x86)\Common Files\PX Storage Engine\pxhpinst.exe

    2013-05-03 02:38:52 94F95BE2A44C8291132D314582F141F8 126448 ------w- C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsi64.exe

    2013-05-03 02:38:52 6D3630B7F27B3643FDE05D1088F84F2F 68592 ------w- C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsa64.exe

    2013-05-03 02:38:52 50A76D2D5E4BE94556326C4BF748C758 123888 ------w- C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpyi64.exe

    2013-05-03 02:38:52 08D51E037F487F9CA9FD0B0388F4C15A 68080 ------w- C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpya64.exe

    2013-05-03 02:37:39 16DBCBB81C031C2FB7C217CF0DB7ADC9 17335648 ----a-w- C:\Users\rwema\Downloads\winamp563_full_emusic-7plus_all.exe

    === C: other files ==

    2013-05-07 00:13:15 46BA8178666CFCD0E8975DDDE9917D06 3243 ----a-w- C:\Windows\DeleteOnReboot.bat

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

    "ehTray.exe"="C:\Windows\ehome\ehTray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Ulead Memory Card Detector"="C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe"

    "PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

    "Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe /mode2"

    "TkBellExe"="C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot"

    "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

    "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

    "ehTray.exe"="C:\Windows\ehome\ehTray.exe"

    ==== Startup Registry Enabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray64.exe"

    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

    "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"

    "Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe"

    "IgfxTray"="C:\Windows\system32\igfxtray.exe"

    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

    "Persistence"="C:\Windows\system32\igfxpers.exe"

    "WPCUMI"="C:\Windows\system32\WpcUmi.exe"

    ==== Startup Registry Disabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="DAEMON Tools Pro Agent"

    "hkey"="HKCU"

    "command"="\"C:\\Program Files (x86)\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="msnmsgr"

    "hkey"="HKCU"

    "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="NBAgent"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RaidCall]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="RaidCall"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\RaidCall\\raidcall.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="TomTomHOME.exe"

    "hkey"="HKCU"

    "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="WinampAgent"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avg9emc]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avg9wd]

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/04/2013 00:42]

    C:\Windows\tasks\CheckDriveBackgroundGuard.job --a------ C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe []

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undertermined Task]

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/04/2010 12:29]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker

    - AutocompletePro - Your handy search suggestions tool - %ProfilePath%\extensions\support@predictad.com

    AppDir: C:\Program Files (x86)\Mozilla Firefox

    - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker

    33E87713C7FE08C5F861E2819ED33A0E - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

    AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

    ==== Deleting Files \ Folders ======================

    "Your handy search suggestions tool - C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker\extensions\support@predictad.com" not found

    "C:\Users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\38l0tsrw.Standaardgebruiker\extensions\support@predictad.com" deleted

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

    cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\rwema\AppData\Local\Temp\ccex.crx[]

    icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/03/2013 00:29]

    jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[17/07/2010 18:46]

    jllpjckabhalgdienlngoikeehalibei - C:\Users\rwema\AppData\Local\Temp\tbch.crx[]

    lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/04/2012 11:23]

    Docs - Guest - Default\Extensions\aohghmighlieiainnegkcijnfilokake

    avast WebRep - Guest - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

    RealPlayer HTML5Video Downloader Extension - Guest - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

    Skype Click to Call - Guest - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

    avast WebRep - rwema - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

    RealPlayer HTML5Video Downloader Extension - rwema - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

    Skype Click to Call - rwema - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

    ==== Set IE to Default ======================

    Old Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Start Page"="http://www.msn.com/"

    "Start Page Restore"="http://www.google.be/"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    No DefaultScope Set For HKCU

    New Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Start Page"="http://www.msn.com/"

    "Start Page Restore"="http://www.msn.com/"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Reset Google Chrome ======================

    C:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

    C:\users\rwema\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

    C:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

    C:\users\rwema\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

    ==== Reset IE Proxy ======================

    Value(s) before fix:

    "ProxyEnable"=dword:00000000

    Value(s) after fix:

    "ProxyEnable"=dword:00000000

    ==== Uninstall List x64 ======================

    æTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]

    Acrobat.com [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{77DCDCE3-2DED-62F3-8154-05E745472D07}]

    Acrobat.com [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1]

    Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0087DDE-69D0-11E2-AD57-43CA6188709B}]

    Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]

    Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

    Adobe Reader X (10.1.6) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AA1000000001}]

    Adobe Shockwave Player 12.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]

    Advanced Audio FX Engine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Audio FX Engine]

    avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\avast]

    Banctec Service Agreement [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}]

    CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]

    Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{415B2719-AD3A-4944-B404-C472DB6085B3}]

    Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83770D14-21B9-44B3-8689-F7B523F94560}]

    Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}]

    CPUID CPU-Z 1.52.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1]

    DAEMON Tools Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Pro]

    Dell Edoc Viewer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}]

    Dell Getting Started Guide [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}]

    Dell Touchpad [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]

    Dell Video Chat [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dell Video Chat]

    Dell Webcam Central [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dell Webcam Central]

    Dell Wireless WLAN Card Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Broadcom 802.11 Application]

    DVD Flick 1.3.0.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVD Flick_is1]

    Feedback Tool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC}]

    Feedback Tool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90024193-9F13-4877-89D5-A1CDF0CBBF28}]

    Free MP3 Cutter 1.01 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1]

    Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

    GoogleÿEarth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}]

    GTA San Andreas [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}]

    GTA2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}]

    High-Definition Video Playback [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9193490D-5229-4FC4-9BB9-A6D63C09574A}]

    HiJackThis [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}]

    HyperCam 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HyperCam 3]

    Integrated Webcam Driver (1.02.02.0106) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Creative OA008]

    Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI]

    Java 7 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417000FF}]

    K-Lite Codec Pack 9.6.5 (Full) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1]

    League of Legends [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92606477-9366-4D3B-8AE3-6BE4B29727AB}]

    LibreOffice 3.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CBCF6C86-4738-4A84-9C2C-331804DCEB9B}]

    Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

    Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]

    Microsoft .NET Framework 1.1 Security Update (KB2656353) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2656353]

    Microsoft .NET Framework 1.1 Security Update (KB2656370) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2656370]

    Microsoft .NET Framework 1.1 Security Update (KB979906) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M979906]

    Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}]

    Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]

    Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4567EA14-6BCA-3EF9-859B-92CE48B1D704}]

    Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}]

    Microsoft .NET Framework 4 Extended NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{021B6358-4373-3FC0-A0B4-4709B7E0D3E5}]

    Microsoft Office Professional Edition 2003 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90110409-6000-11D3-8CFE-0150048383C9}]

    Microsoft Search Enhancement Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}]

    Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}]

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}]

    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}]

    Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]

    Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]

    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]

    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}]

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}]

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}]

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]

    Microsoft Works [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}]

    Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]

    Nero 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC18AB8F-9BA3-423B-91F2-622990F57978}]

    Nero 11 Disc Menus Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}]

    Nero 11 Effects Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}]

    Nero 11 Image Samples [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F3743A2C-5D5F-4456-8F98-5DF36A954C50}]

    Nero 11 Kwik Themes Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A212B2D-140D-46F4-B625-2D1CA5A00594}]

    Nero 11 PiP Effects Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2CA7225D-CB12-462A-9DD1-50319E158BA5}]

    Nero Audio Pack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}]

    Nero BackItUp 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}]

    Nero BackItUp 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}]

    Nero Backup Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}]

    Nero Burning ROM 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}]

    Nero Burning ROM 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{53F7746A-96AA-49A5-86B8-59989680DAC5}]

    Nero ControlCenter 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}]

    Nero ControlCenter 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D4D66270-9147-4BDF-9946-FCA2B303AA8F}]

    Nero Core Components 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}]

    Nero CoverDesigner 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}]

    Nero CoverDesigner 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{55C2143E-FBA5-442F-9AFA-726FF068F39D}]

    Nero Express 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E10AAE4A-98B8-420A-BD93-E0520C23D624}]

    Nero Express 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}]

    Nero Kwik Media [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FAF448F1-4460-440C-9280-07F66A63D6F5}]

    Nero Kwik Media Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}]

    Nero Recode 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0320AB41-0926-4218-A8A6-68AC84E6BB93}]

    Nero Recode 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{57F80ECF-E27C-4EEE-AB58-E971BACE2639}]

    Nero RescueAgent 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{034DCAF9-96E7-4936-9A07-712F80B5181E}]

    Nero RescueAgent 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D01CE99A-8802-483C-A79F-298B691EB432}]

    Nero SharedVideoCodecs [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}]

    Nero SoundTrax 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}]

    Nero SoundTrax 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{390757AA-8830-43DC-AEE0-4E5B6F8439EB}]

    Nero Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}]

    Nero Video 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D7A4289-99CF-4B8D-B812-86BE50A54552}]

    Nero Video 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}]

    Nero WaveEditor 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}]

    Nero WaveEditor 11 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}]

    nero.prerequisites.msi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01E9B2FF-DAF4-4529-9CC9-2101625517C7}]

    NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1C4551A6-4743-4093-91E4-1477CD655043}]

    Opera 12.15 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Opera 12.15.1748]

    Paint.NET v3.5.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}]

    PowerDVD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}]

    Quickset [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}]

    Razer Game Booster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}]

    RealPlayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 12.0]

    RealUpgrade 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4F4F84E-804F-4E9A-84D7-C34283F0088F}]

    RollerCoaster Tycoon 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}]

    Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]

    Speccy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speccy]

    swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}]

    Ulead Photo Explorer 7.0 SE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7C6D8763-EEB7-433E-A75E-2AB44892FCA2}]

    Visual C++ 2008 x86 Runtime - (v9.0.30729) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}]

    Visual C++ 2008 x86 Runtime - v9.0.30729.01 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01]

    Visual C++ 8.0 Runtime Setup Package (x64) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}]

    VLC media player 2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]

    Welcome App (Start-up experience) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51865D9D-8F63-46F2-87AB-9E72F93B618C}]

    Winamp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp]

    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}]

    Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}]

    Windows Live Sync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}]

    Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}]

    WinRAR 4.01 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jllpjckabhalgdienlngoikeehalibei deleted successfully

    ==== HijackThis Entries ======================

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    ==== Silent Runners ======================

    "Silent Runners.vbs", revision 69.2, Silent Runners - Adware? Disinfect, don't reformat!

    Output limited to non-default values, except where indicated by "{++}"

    Startup items buried in registry:

    ---------------------------------

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

    Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS]

    ehTray.exe = C:\Windows\ehome\ehTray.exe [MS]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

    SysTrayApp = %ProgramFiles%\IDT\WDM\sttray64.exe [iDT, Inc.]

    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [synaptics, Inc.]

    Monitor = C:\Windows\PixArt\PAC207\Monitor.exe [PixArt Imaging Incorporation]

    Broadcom Wireless Manager UI = C:\Windows\system32\WLTRAY.exe [Dell Inc.]

    IgfxTray = C:\Windows\system32\igfxtray.exe [intel Corporation]

    HotKeysCmds = C:\Windows\system32\hkcmd.exe [intel Corporation]

    Persistence = C:\Windows\system32\igfxpers.exe [intel Corporation]

    WPCUMI = C:\Windows\system32\WpcUmi.exe [MS]

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}

    Ulead Memory Card Detector = C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe [ulead Systems, Inc.]

    PDVDDXSrv = "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [CyberLink Corp.]

    Dell Webcam Central = "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 [Creative Technology Ltd.]

    TkBellExe = "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot [RealNetworks, Inc.]

    avast = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [AVAST Software]

    Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\(Default) = (no title provided)

    -> {HKLM...CLSID} = avast! WebRep

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [AVAST Software]

    {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

    -> {HKLM...CLSID} = Java Plug-In 2 SSV Helper

    \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

    -> {HKLM...Wow...CLSID} = Java Plug-In 2 SSV Helper

    \InProcServer32\(Default) = [file not found]

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

    -> {HKLM...CLSID} = Adobe PDF Link Helper

    \InProcServer32\(Default) = [file not found]

    -> {HKLM...Wow...CLSID} = Adobe PDF Link Helper

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

    {3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)

    -> {HKLM...CLSID} = RealPlayer Download and Record Plugin for Internet Explorer

    \InProcServer32\(Default) = [file not found]

    -> {HKLM...Wow...CLSID} = RealPlayer Download and Record Plugin for Internet Explorer

    \InProcServer32\(Default) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer]

    {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\(Default) = Search Helper

    -> {HKLM...Wow...CLSID} = Search Helper

    \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [MS]

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = avast! WebRep

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software]

    {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO

    -> {HKLM...CLSID} = Skype Browser Helper

    \InProcServer32\(Default) = [file not found]

    -> {HKLM...Wow...CLSID} = Skype Browser Helper

    \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

    00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    {2F603045-309F-11CF-9774-0020AFD0CFF6} = Synaptics Control Panel

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [synaptics, Inc.]

    {472083B0-C522-11CF-8763-00608CC02F24} = avast

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = LibreOffice Infotip Handler

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    {3B092F0C-7696-40E3-A80F-68D74DA84210} = LibreOffice Thumbnail Viewer

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    {63542C48-9552-494A-84F7-73AA6A7C99C1} = LibreOffice Property Sheet Handler

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    {AE424E85-F6DF-4910-A6A9-438797986431} = LibreOffice Property Handler

    -> {HKLM...CLSID} = LibreOffice Property Handler

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\propertyhdl_x64.dll [The Document Foundation]

    {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = LibreOffice Column Handler

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    {2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9} = Image Catalog

    -> {HKLM...CLSID} = Image Catalog

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [DT Soft Ltd]

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    {00020d75-0000-0000-c000-000000000046} = Microsoft Office Outlook Desktop Icon Handler

    -> {HKLM...Wow...CLSID} = Microsoft Office Outlook

    \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\OFFICE11\MLSHEXT.DLL [MS]

    {640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices

    -> {HKLM...Wow...CLSID} = Portable Media Devices

    \InProcServer32\(Default) = C:\Windows\system32\audiodev.dll [file not found]

    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player

    -> {HKLM...Wow...CLSID} = RealOne Player Context Menu Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.]

    {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler

    -> {HKLM...Wow...CLSID} = Outlook File Icon Extension

    \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\OFFICE11\OLKFSTUB.DLL [MS]

    {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\msohev.dll [MS]

    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {472083B0-C522-11CF-8763-00608CC02F24} = avast

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    {F764812A-132C-4013-9960-5CBBEB408A0E} = Nero Shell Extension

    -> {HKLM...Wow...CLSID} = NeroShellExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

    {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = LibreOffice Infotip Handler

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {3B092F0C-7696-40E3-A80F-68D74DA84210} = LibreOffice Thumbnail Viewer

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {63542C48-9552-494A-84F7-73AA6A7C99C1} = LibreOffice Property Sheet Handler

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {AE424E85-F6DF-4910-A6A9-438797986431} = LibreOffice Property Handler

    -> {HKLM...Wow...CLSID} = LibreOffice Property Handler

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\propertyhdl.dll [The Document Foundation]

    {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = LibreOffice Column Handler

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9} = Image Catalog

    -> {HKLM...Wow...CLSID} = Image Catalog

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [DT Soft Ltd]

    {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} = Icaros Thumbnail Provider

    -> {HKLM...Wow...CLSID} = Icaros Thumbnail Provider

    \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\IcarosThumbnailProvider.dll [Tabibito Technology]

    HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    DaemonShellExtImage\(Default) = {40966797-8FFE-46C8-9EF8-7003F33CCF0F}

    -> {HKLM...CLSID} = DaemonShellExtImage Class

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [DT Soft Ltd]

    -> {HKLM...Wow...CLSID} = DaemonShellExtImage Class

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [DT Soft Ltd]

    LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}

    -> {HKLM...CLSID} = Lavasoft Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [Lavasoft Limited]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {D2203704-49E1-476F-B118-CFE99115634F}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NeroShellExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    DaemonShellExtImage\(Default) = {40966797-8FFE-46C8-9EF8-7003F33CCF0F}

    -> {HKLM...CLSID} = DaemonShellExtImage Class

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [DT Soft Ltd]

    -> {HKLM...Wow...CLSID} = DaemonShellExtImage Class

    \InProcServer32\(Default) = C:\Program Files (x86)\DAEMON Tools Pro\DTShl32.dll [DT Soft Ltd]

    LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}

    -> {HKLM...CLSID} = Lavasoft Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [Lavasoft Limited]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {D2203704-49E1-476F-B118-CFE99115634F}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NeroShellExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

    HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\

    NBShellHook\(Default) = {D2203704-49E1-476F-B118-CFE99115634F}

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\DragDropHandlers\

    NBShellHook\(Default) = {D2203704-49E1-476F-B118-CFE99115634F}

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

    00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    GB3ContextMenu\(Default) = {3A488FE8-9916-4F36-BDFF-3DED559142E5}

    -> {HKLM...CLSID} = GBContextMenu Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll [null data]

    MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

    -> {HKLM...CLSID} = MBAMShlExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

    HKLM\SOFTWARE\Classes\Wow6432Node\AllFilesystemObjects\shellex\ContextMenuHandlers\

    00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    GB3ContextMenu\(Default) = {3A488FE8-9916-4F36-BDFF-3DED559142E5}

    -> {HKLM...CLSID} = GBContextMenu Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll [null data]

    MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

    -> {HKLM...CLSID} = MBAMShlExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

    HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NeroShellExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\ContextMenuHandlers\

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NeroShellExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\DragDropHandlers\

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

    igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}

    -> {HKLM...CLSID} = GraphicsShellExt Class

    \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [intel Corporation]

    HKLM\SOFTWARE\Classes\Wow6432Node\Directory\Background\shellex\ContextMenuHandlers\

    igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}

    -> {HKLM...CLSID} = GraphicsShellExt Class

    \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [intel Corporation]

    HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

    {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = LibreOffice Column Handler

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

    -> {HKLM...Wow...CLSID} = PDF Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

    HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ColumnHandlers\

    {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = LibreOffice Column Handler

    -> {HKLM...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation]

    -> {HKLM...Wow...CLSID} = (no title provided)

    \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 3.6\program\shlxthdl\shlxthdl.dll [The Document Foundation]

    {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

    -> {HKLM...Wow...CLSID} = PDF Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

    HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}

    -> {HKLM...CLSID} = Lavasoft Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [Lavasoft Limited]

    MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

    -> {HKLM...CLSID} = MBAMShlExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {D2203704-49E1-476F-B118-CFE99115634F}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ContextMenuHandlers\

    avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

    -> {HKLM...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software]

    -> {HKLM...Wow...CLSID} = avast

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software]

    LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}

    -> {HKLM...CLSID} = Lavasoft Shell Extension

    \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [Lavasoft Limited]

    MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

    -> {HKLM...CLSID} = MBAMShlExt Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    {D2203704-49E1-476F-B118-CFE99115634F}\(Default) = (no title provided)

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

    NBShellHook\(Default) = {D2203704-49E1-476F-B118-CFE99115634F}

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\DragDropHandlers\

    NBShellHook\(Default) = {D2203704-49E1-476F-B118-CFE99115634F}

    -> {HKLM...Wow...CLSID} = NBShellHook Class

    \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBShell.dll [Nero AG]

    WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

    -> {HKLM...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal]

    WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

    -> {HKLM...Wow...CLSID} = WinRAR

    \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal]

    Group Policies {GPedit.msc branch and setting}:

    -----------------------------------------------

    Note: detected settings may not have any effect.

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

    LogonHoursAction = (REG_DWORD) dword:0x00000002

    {unrecognized setting}

    DontDisplayLogonHoursWarnings = (REG_DWORD) dword:0x00000001

    {unrecognized setting}

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

    EnableLinkedConnections = (REG_DWORD) dword:0x00000001

    {unrecognized setting}

    Active Desktop and Wallpaper:

    -----------------------------

    Active Desktop may be disabled at this entry:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

    Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

    HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

    Wallpaper = C:\Windows\system32\config\systemprofile\Pictures\pedobear_13 (1).jpg

    Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

    HKCU\Control Panel\Desktop\

    Wallpaper = C:\Users\rwema\Pictures\pedobear_13 (1).jpg

    Enabled Screen Saver:

    ---------------------

    HKCU\Control Panel\Desktop\

    SCRNSAVE.EXE = C:\Windows\system32\logon.scr [MS]

    Windows Portable Device AutoPlay Handlers

    -----------------------------------------

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

    MSPlayCDAudioOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.AudioCD

    InvokeVerb = play

    HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

    MSPlayDVDMovieOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.DVD

    InvokeVerb = play

    HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]

    MSPlaySuperVideoCDMovieOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.VCD

    InvokeVerb = play

    HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

    MSPlayVideoCDMovieOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.VCD

    InvokeVerb = play

    HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

    MSRipCDAudioOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.RipCD

    InvokeVerb = Rip

    HKLM\SOFTWARE\Classes\WMP.RipCD\shell\Rip\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /RipAudioCD "%L" [MS]

    MSWMPBurnCDOnArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.BurnCD

    InvokeVerb = Burn

    HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

    MSWMPBurnDataDVDArrival\

    Provider = @wmploc.dll,-6502

    InvokeProgID = WMP.BurnDVD

    InvokeVerb = Burn

    HKLM\SOFTWARE\Classes\WMP.BurnDVD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:DVDWrite /Device:"%L" [MS]

    PDVDDXPlayDVDMovieOnArrival\

    Provider = PowerDVD

    InvokeProgID = DVD

    InvokeVerb = PlayWithPDVDDX

    HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPDVDDX\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.]

    PDVDDXPlayVideoCDMovieOnArrival\

    Provider = PowerDVD

    InvokeProgID = VCD

    InvokeVerb = PlayWithPDVDDX

    HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPDVDDX\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.]

    RPCDBurningOnArrival\

    Provider = RealPlayer

    InvokeProgID = RealPlayer.CDBurn.6

    InvokeVerb = open

    HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /burn "%1" [RealNetworks, Inc.]

    RPDeviceOnArrival\

    Provider = RealPlayer

    ProgID = RealPlayer.HWEventHandler

    HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = {67E76F1D-BDE2-4052-913C-2752366192D2}

    -> {HKLM...CLSID} = RealNetworks Scheduler

    \LocalServer32\(Default) = "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -autoplay [RealNetworks, Inc.]

    RPDVDBurningOnArrival\

    Provider = RealPlayer

    InvokeProgID = RealPlayer.DVDBurn.6

    InvokeVerb = open

    HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /burndvd "%1" [RealNetworks, Inc.]

    RPPlayCDAudioOnArrival\

    Provider = RealPlayer

    InvokeProgID = RealPlayer.AudioCD.6

    InvokeVerb = play

    HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /play %1 [RealNetworks, Inc.]

    RPPlayDVDMovieOnArrival\

    Provider = RealPlayer

    InvokeProgID = RealPlayer.DVD.6

    InvokeVerb = play

    HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /dvd %1 [RealNetworks, Inc.]

    RPPlayMediaOnArrival\

    Provider = RealPlayer

    InvokeProgID = RealPlayer.AutoPlay.6

    InvokeVerb = open

    HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /autoplay "%1" [RealNetworks, Inc.]

    Non-disabled Scheduled Tasks: {++}

    -----------------------------

    C:\Windows\System32\Tasks

    Ad-Aware Update (Weekly) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair [file not found]

    Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]

    avast! Emergency Update -> (HIDDEN!) launches: C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [AVAST Software]

    CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd]

    CheckDriveBackgroundGuard -> launches: C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe -m [file not found]

    DealPlyUpdate -> launches: "C:\Program Files (x86)\DealPly\DealPlyUpdate.exe" [file not found]

    EPUpdater -> launches: C:\Users\rwema\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [file not found]

    Express FilesUpdate -> launches: C:\Program Files (x86)\ExpressFiles\EFUpdater.exe [file not found]

    GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.]

    GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]

    Launch BCM WLAN Tray -> launches: C:\Windows\system32\WLTRAY.EXE [Dell Inc.]

    Razer_Game_Booster_AutoUpdate -> launches: C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe /AUTORUN [empty string]

    RealUpgradeLogonTaskS-1-5-21-3916401253-1491523390-1999398694-1000 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck [RealNetworks, Inc.]

    RealUpgradeScheduledTaskS-1-5-21-3916401253-1491523390-1999398694-1000 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck [RealNetworks, Inc.]

    User_Feed_Synchronization-{D447659A-5449-4A12-8BC9-5178D1E99BDC} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS]

    {1B7C1B3D-835A-41D3-B3F4-ACF7304E83CC} -> launches: C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\BS_PLA~1\UNWISE.EXE -c /U C:\PROGRA~2\BS_PLA~1\INSTALL.LOG [MS]

    {2380CFC4-A30F-474A-8F6F-BB156BE2CD61} -> launches: C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\NCH_EN\UNWISE.EXE -c /U C:\PROGRA~2\NCH_EN\INSTALL.LOG [MS]

    {7FCE0B38-04E8-4675-B2BC-BB69447DB9DF} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Arthaus Paint & Fotoshop\Uninstall.EXE" -c /u:"Arthaus Paint & Fotoshop" [MS]

    C:\Windows\System32\Tasks\Browser Updater

    Browser Updater -> launches: "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\Browser Updater\TBUpdater.dll",TBCheckForUpdate [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client

    AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}

    -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

    -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth

    UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient

    SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

    -> {HKLM...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

    -> {HKLM...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

    -> {HKLM...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

    \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program

    Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS]

    OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Defrag

    ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Media Center

    ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]

    mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS]

    OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]

    OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS]

    UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC

    HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}

    -> {HKLM...CLSID} = HotStart User Agent

    \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

    TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61}

    -> {HKLM...CLSID} = Transient Multi-Monitor Manager

    \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS]

    -> {HKLM...Wow...CLSID} = Transient Multi-Monitor Manager

    \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia

    SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}

    -> {HKLM...CLSID} = Microsoft PlaySoundService Class

    \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

    -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class

    \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection

    NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f}

    -> {HKLM...CLSID} = Nap ITask Handler Implementation

    \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS]

    -> {HKLM...Wow...CLSID} = Nap ITask Handler Implementation

    \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\RAC

    RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance

    RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Shell

    CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2}

    -> {HKLM...CLSID} = CrawlStartPages Task Handler

    \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS]

    -> {HKLM...Wow...CLSID} = CrawlStartPages Task Handler

    \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\SideShow

    GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}

    -> {HKLM...CLSID} = GadgetsManager Class

    \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore

    SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip

    IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]

    IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

    WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework

    MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}

    -> {HKLM...CLSID} = MsCtfMonitor task handler

    \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

    -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler

    \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\UPnP

    UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\WDI

    ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}

    -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler

    \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

    -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler

    \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting

    QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\WindowsCalendar

    Reminders - rwema -> launches: C:\Program Files\Windows Calendar\WinCal.exe /reminder [MS]

    C:\Windows\System32\Tasks\Microsoft\Windows\Wired

    GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data]

    C:\Windows\System32\Tasks\Microsoft\Windows\Wireless

    GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data]

    C:\Windows\System32\Tasks\Microsoft\Windows Defender

    MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges [MS]

    C:\Windows\System32\Tasks\ProtectedSearch

    Protected Search -> launches: "C:\Program Files (x86)\Protected Search\ProtectedSearch.exe" [file not found]

    C:\Windows\System32\Tasks\WPD

    SqmUpload_S-1-5-21-3916401253-1491523390-1999398694-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS]

    SqmUpload_S-1-5-21-3916401253-1491523390-1999398694-1003 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS]

    Winsock2 Service Provider DLLs:

    -------------------------------

    Namespace Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

    000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]

    000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]

    000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

    000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

    000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

    000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++}

    000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]

    000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]

    000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

    000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

    000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

    000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

    Transport Service Providers

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

    C:\Windows\system32\wpclsp.dll [MS], 01 - 08, 19

    %SystemRoot%\system32\mswsock.dll [MS], 09 - 18

    HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++}

    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

    C:\Windows\system32\wpclsp.dll [MS], 01 - 08, 19

    %SystemRoot%\system32\mswsock.dll [MS], 09 - 18

    Toolbars, Explorer Bars, Extensions:

    ------------------------------------

    Toolbars

    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

    {318A227B-5E9F-45BD-8999-7F8F10CA4CF5} = (no title provided)

    -> {HKLM...CLSID} = avast! WebRep

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [AVAST Software]

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\

    {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided)

    -> {HKLM...Wow...CLSID} = avast! WebRep

    \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software]

    Explorer Bars

    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Research

    Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

    InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]

    Extensions (Tools menu items, main toolbar menu buttons)

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\

    {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\

    ButtonText = Skype Click to Call

    MenuText = Skype Click to Call

    CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}

    -> {HKLM...Wow...CLSID} = Skype Browser Helper

    \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

    {92780B25-18CC-41C8-B9BE-3C9C571A8263}\

    ButtonText = Research

    BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    -> {HKLM...Wow...CLSID} = &Research

    \InProcServer32\(Default) = C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]

    Running Services (Display Name, Service Name, Path {Service DLL}):

    ------------------------------------------------------------------

    Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]

    Andrea ST Filters Service, AESTFilters, C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [Andrea Electronics Corporation]

    Audio Service, STacSV, C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe [iDT, Inc.]

    avast! Antivirus, avast! Antivirus, "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [AVAST Software]

    Dell Wireless WLAN Tray Service, wltrysvc, C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe [null data]

    Nero Update, NAUpdate, "C:\Program Files (x86)\Nero\Update\NASvc.exe" [Nero AG]

    SeaPort, SeaPort, "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [MS]

    Print Monitors:

    ---------------

    HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

    LIDIL hpzll5ha\Driver = hpzll5ha.dll [Hewlett-Packard Company]

    ==== Empty IE Cache ======================

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\rwema\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    No FireFox Cache found

    ==== Empty Chrome Cache ======================

    C:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    C:\users\rwema\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    After Reboot

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    C:\Users\rwema\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Users\rwema\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

    "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

    Hier de gevraagde log

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 21:22:37, on 7/05/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\PixArt\Pac207\Monitor.exe

    C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe

    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\Winamp\winampa.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

    O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 8868 bytes

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Hoe staat het nu met de traagheid van de programma's en internet?

    een heel stuk beter en de ''vreemde reclames'' zijn weg

    Maar heb eens in de lijst gekeken van Geïnstalleerde programma's en heb zeker 5 '''gratis'' meegeleverde programma's verwijderd. echt door het verwijderen komt er bij het opstarten van Windows deze foutmelding:

    3021d8672e01c5578a423dc4a3737.png

    :hmmmm:

    Heb ook iets gedaan perongeluk met adwcleaner en krijgt dit bij het opstarten:

    2aa997f59e95a19f6c70c59e27bbb.png

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    # AdwCleaner v2.300 - Verslag gemaakt op 07/05/2013 om 02:13:05

    # Geactualiseerd op 28/04/2013 door Xplode

    # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits)

    # Gebruiker : rwema - RWEMA-PC

    # Opstarten Modus : Normale modus

    # Gelanceerd vanaf : C:\Users\rwema\Downloads\adwcleaner.exe

    # Optie [Verwijderen]

    ***** [Diensten] *****

    Gestopt & Verwijdert : SrvUpdater

    ***** [Files / Mappen] *****

    File Verwijdert : C:\END

    File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

    File Verwijdert : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

    File Verwijdert : C:\user.js

    File Verwijdert : C:\Windows\SysWOW64\conduitEngine.tmp

    Verwijdert bij het opstarten : C:\Program Files (x86)\AutocompletePro

    Verwijdert bij het opstarten : C:\Program Files (x86)\Babylon

    Verwijdert bij het opstarten : C:\Program Files (x86)\BS_Player

    Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

    Verwijdert bij het opstarten : C:\Program Files (x86)\Complitly

    Verwijdert bij het opstarten : C:\Program Files (x86)\Conduit

    Verwijdert bij het opstarten : C:\Program Files (x86)\ConduitEngine

    Verwijdert bij het opstarten : C:\Program Files (x86)\DVDVideoSoftTB

    Verwijdert bij het opstarten : C:\Program Files (x86)\DVDVideoSoftTB

    Verwijdert bij het opstarten : C:\Program Files (x86)\ExpressFiles

    Verwijdert bij het opstarten : C:\Program Files (x86)\mixidj

    Verwijdert bij het opstarten : C:\Program Files (x86)\NCH_EN

    Verwijdert bij het opstarten : C:\Program Files (x86)\OApps

    Verwijdert bij het opstarten : C:\Program Files (x86)\Protected Search

    Verwijdert bij het opstarten : C:\Program Files (x86)\uTorrentBar_NL

    Verwijdert bij het opstarten : C:\Program Files (x86)\Windows iLivid Toolbar

    Verwijdert bij het opstarten : C:\ProgramData\Babylon

    Verwijdert bij het opstarten : C:\ProgramData\boost_interprocess

    Verwijdert bij het opstarten : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Babylon

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Conduit

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\Ilivid Player

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Local\PackageAware

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\BS_Player

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\Conduit

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\ConduitEngine

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\DVDVideoSoftTB

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\DVDVideoSoftTB

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\mixidj

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\NCH_EN

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\PHPNukeDU

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\PriceGong

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\searchquband

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\Searchqutoolbar

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\simplytech

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\Toolbar4

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\LocalLow\uTorrentBar_NL

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\BabSolution

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\Babylon

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\Complitly

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\dvdvideosoftiehelpers

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\ExpressFiles

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\mixidj

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\OpenCandy

    Verwijdert bij het opstarten : C:\Users\rwema\AppData\Roaming\simplytech

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\BS_Player

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\conduitEngine

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\NCH_EN

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PHPNukeDU

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\searchqutoolbar

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\uTorrentBar_NL

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar

    Sleutel Verwijdert : HKCU\Software\AutocompletePro

    Sleutel Verwijdert : HKCU\Software\BabylonToolbar

    Sleutel Verwijdert : HKCU\Software\BrowserMngr

    Sleutel Verwijdert : HKCU\Software\Complitly

    Sleutel Verwijdert : HKCU\Software\Conduit

    Sleutel Verwijdert : HKCU\Software\DataMngr

    Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar

    Sleutel Verwijdert : HKCU\Software\DealPly

    Sleutel Verwijdert : HKCU\Software\ExpressFiles

    Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

    Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo

    Sleutel Verwijdert : HKCU\Software\ilivid

    Sleutel Verwijdert : HKCU\Software\InstallCore

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Complitly_is1

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpressFiles

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mixidj

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NCH_EN Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeDU Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_NL Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles

    Sleutel Verwijdert : HKCU\Software\mixidj

    Sleutel Verwijdert : HKCU\Software\ProtectedSearch

    Sleutel Verwijdert : HKCU\Software\Softonic

    Sleutel Verwijdert : HKCU\Software\Zugo

    Sleutel Verwijdert : HKCU\Software\e2d6d9b06abd43

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Verwijdert : HKLM\Software\Babylon

    Sleutel Verwijdert : HKLM\Software\BabylonToolbar

    Sleutel Verwijdert : HKLM\Software\BrowserMngr

    Sleutel Verwijdert : HKLM\Software\BS_Player

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

    Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

    Sleutel Verwijdert : HKLM\Software\Conduit

    Sleutel Verwijdert : HKLM\Software\conduitEngine

    Sleutel Verwijdert : HKLM\Software\DataMngr

    Sleutel Verwijdert : HKLM\Software\DealPly

    Sleutel Verwijdert : HKLM\Software\DVDVideoSoftTB

    Sleutel Verwijdert : HKLM\Software\ExpressFiles

    Sleutel Verwijdert : HKLM\Software\Funmoods

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1FA6753-8BD7-4102-8B06-3F50945A4993}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Verwijdert : HKLM\Software\mixidj

    Sleutel Verwijdert : HKLM\Software\NCH_EN

    Sleutel Verwijdert : HKLM\Software\PHPNukeDU

    Sleutel Verwijdert : HKLM\Software\SimplyGen

    Sleutel Verwijdert : HKLM\Software\SoftwareUpdater

    Sleutel Verwijdert : HKLM\Software\uTorrentBar_NL

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\e2d6d9b06abd43

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{030673F6-B8A3-4D8B-B484-322D2FD5366A}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3600AF86-99CB-4210-BE5F-9378C538E6FA}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5963D922-8E92-4250-8B94-C4592465662A}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94E49F0E-BFC8-48D7-BB0E-C70CBB5664B2}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D881033-7B36-41AA-997E-398B7BE31177}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5C35C6C-0159-4D52-90C9-1DD359D02642}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5E4013B-DA4D-403E-8278-AF0C2D1CF59F}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF18544-8988-4CDC-8254-D7A5D96F4B24}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Complitly_is1

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mixidj

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Verwijdert : HKLM\SOFTWARE\Software

    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page]

    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]

    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{87775FDB-6972-41F9-AE51-8326E38CB206}]

    Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}]

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{46735DEE-F862-49D1-876D-6382794DC625}]

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{87775FDB-6972-41F9-AE51-8326E38CB206}]

    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

    Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]

    Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]

    ***** [browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Verwijdert [l.1] : icon_url ={"sync":{"app_settings":true, "keep_everything_synced":true, "passwords":true, "preferences":true, "[...]

    -\\ Opera v12.15.1748.0

    File : C:\Users\rwema\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[R1].txt - [21959 octets] - [06/05/2013 23:22:05]

    AdwCleaner[s1].txt - [21800 octets] - [07/05/2013 02:13:05]

    ########## EOF - C:\AdwCleaner[s1].txt - [21861 octets] ##########

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 23:47:22, on 6/05/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\PixArt\Pac207\Monitor.exe

    C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

    C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe

    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\Winamp\winampa.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\rwema\AppData\Roaming\Complitly\Complitly.dll (file missing)

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll

    O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

    O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 8948 bytes

    =====

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    5cb7710791ad0d1b939f6059343d3.png

    Krijg dat als melding, Maar ik weet niet of het dezelfde programma was, maar ik heb gisteren onder de geinstalleerde software zoiets verwijderd.

    # AdwCleaner v2.300 - Verslag gemaakt op 06/05/2013 om 23:22:05# Geactualiseerd op 28/04/2013 door Xplode

    # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits)

    # Gebruiker : rwema - RWEMA-PC

    # Opstarten Modus : Normale modus

    # Gelanceerd vanaf : C:\Users\rwema\Downloads\adwcleaner.exe

    # Optie [Zoeken]

    ***** [Diensten] *****

    ***** [Files / Mappen] *****

    File Aanwezig : C:\END

    File Aanwezig : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

    File Aanwezig : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml

    File Aanwezig : C:\user.js

    File Aanwezig : C:\Windows\SysWOW64\conduitEngine.tmp

    Map Aanwezig : C:\Program Files (x86)\Babylon

    Map Aanwezig : C:\Program Files (x86)\BS_Player

    Map Aanwezig : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

    Map Aanwezig : C:\Program Files (x86)\Complitly

    Map Aanwezig : C:\Program Files (x86)\Conduit

    Map Aanwezig : C:\Program Files (x86)\ConduitEngine

    Map Aanwezig : C:\Program Files (x86)\DVDVideoSoftTB

    Map Aanwezig : C:\Program Files (x86)\DVDVideoSoftTB

    Map Aanwezig : C:\Program Files (x86)\ExpressFiles

    Map Aanwezig : C:\Program Files (x86)\mixidj

    Map Aanwezig : C:\Program Files (x86)\NCH_EN

    Map Aanwezig : C:\Program Files (x86)\OApps

    Map Aanwezig : C:\Program Files (x86)\uTorrentBar_NL

    Map Aanwezig : C:\Program Files (x86)\Windows iLivid Toolbar

    Map Aanwezig : C:\ProgramData\Babylon

    Map Aanwezig : C:\ProgramData\boost_interprocess

    Map Aanwezig : C:\Users\rwema\AppData\Local\Babylon

    Map Aanwezig : C:\Users\rwema\AppData\Local\Conduit

    Map Aanwezig : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Map Aanwezig : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Map Aanwezig : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

    Map Aanwezig : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk

    Map Aanwezig : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda

    Map Aanwezig : C:\Users\rwema\AppData\Local\Ilivid Player

    Map Aanwezig : C:\Users\rwema\AppData\Local\PackageAware

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\BS_Player

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\Conduit

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\ConduitEngine

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\DVDVideoSoftTB

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\DVDVideoSoftTB

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\mixidj

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\NCH_EN

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\PHPNukeDU

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\PriceGong

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\searchquband

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\Searchqutoolbar

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\Toolbar4

    Map Aanwezig : C:\Users\rwema\AppData\LocalLow\uTorrentBar_NL

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\BabSolution

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\Babylon

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\Complitly

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\dvdvideosoftiehelpers

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\ExpressFiles

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\mixidj

    Map Aanwezig : C:\Users\rwema\AppData\Roaming\OpenCandy

    ***** [Register] *****

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\BS_Player

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\conduitEngine

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\NCH_EN

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PHPNukeDU

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\PriceGong

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\searchqutoolbar

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\uTorrentBar_NL

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Toolbar

    Sleutel Aanwezig : HKCU\Software\BabylonToolbar

    Sleutel Aanwezig : HKCU\Software\BrowserMngr

    Sleutel Aanwezig : HKCU\Software\Complitly

    Sleutel Aanwezig : HKCU\Software\Conduit

    Sleutel Aanwezig : HKCU\Software\DataMngr

    Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar

    Sleutel Aanwezig : HKCU\Software\DealPly

    Sleutel Aanwezig : HKCU\Software\ExpressFiles

    Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

    Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo

    Sleutel Aanwezig : HKCU\Software\ilivid

    Sleutel Aanwezig : HKCU\Software\InstallCore

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Complitly_is1

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ExpressFiles

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mixidj

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NCH_EN Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeDU Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_NL Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles

    Sleutel Aanwezig : HKCU\Software\mixidj

    Sleutel Aanwezig : HKCU\Software\Softonic

    Sleutel Aanwezig : HKCU\Software\Zugo

    Sleutel Aanwezig : HKCU\Software\e2d6d9b06abd43

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Aanwezig : HKLM\Software\Babylon

    Sleutel Aanwezig : HKLM\Software\BabylonToolbar

    Sleutel Aanwezig : HKLM\Software\BrowserMngr

    Sleutel Aanwezig : HKLM\Software\BS_Player

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escort.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BrowserConnection.Loader

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

    Sleutel Aanwezig : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Prod.cap

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

    Sleutel Aanwezig : HKLM\Software\Conduit

    Sleutel Aanwezig : HKLM\Software\conduitEngine

    Sleutel Aanwezig : HKLM\Software\conduitEngine

    Sleutel Aanwezig : HKLM\Software\DataMngr

    Sleutel Aanwezig : HKLM\Software\DealPly

    Sleutel Aanwezig : HKLM\Software\DVDVideoSoftTB

    Sleutel Aanwezig : HKLM\Software\DVDVideoSoftTB

    Sleutel Aanwezig : HKLM\Software\ExpressFiles

    Sleutel Aanwezig : HKLM\Software\Funmoods

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1FA6753-8BD7-4102-8B06-3F50945A4993}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}

    Sleutel Aanwezig : HKLM\Software\mixidj

    Sleutel Aanwezig : HKLM\Software\NCH_EN

    Sleutel Aanwezig : HKLM\Software\PHPNukeDU

    Sleutel Aanwezig : HKLM\Software\SimplyGen

    Sleutel Aanwezig : HKLM\Software\uTorrentBar_NL

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\e2d6d9b06abd43

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{030673F6-B8A3-4D8B-B484-322D2FD5366A}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3600AF86-99CB-4210-BE5F-9378C538E6FA}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5963D922-8E92-4250-8B94-C4592465662A}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94E49F0E-BFC8-48D7-BB0E-C70CBB5664B2}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D881033-7B36-41AA-997E-398B7BE31177}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5C35C6C-0159-4D52-90C9-1DD359D02642}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5E4013B-DA4D-403E-8278-AF0C2D1CF59F}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF18544-8988-4CDC-8254-D7A5D96F4B24}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Complitly_is1

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mixidj

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar

    Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}

    Sleutel Aanwezig : HKLM\SOFTWARE\Software

    Sleutel Aanwezig : HKU\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}

    Sleutel Aanwezig : HKU\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

    Sleutel Aanwezig : HKU\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

    Sleutel Aanwezig : HKU\S-1-5-21-3916401253-1491523390-1999398694-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page]

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{87775FDB-6972-41F9-AE51-8326E38CB206}]

    Waarde Aanwezig : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    Waarde Aanwezig : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{37483B40-C254-4A72-BDA4-22EE90182C1E}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{46735DEE-F862-49D1-876D-6382794DC625}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{87775FDB-6972-41F9-AE51-8326E38CB206}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

    Waarde Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]

    Waarde Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]

    ***** [browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://isearch.claro-search.com/?affID=114166&tt=120812_bandext_3312_1&babsrc=HP_iclro&mntrId=e4804fa200000000000000225fb82e71

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\rwema\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    -\\ Opera v12.15.1748.0

    File : C:\Users\rwema\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[R1].txt - [21862 octets] - [06/05/2013 23:22:05]

    ########## EOF - C:\AdwCleaner[R1].txt - [21923 octets] ##########

    opstarten programma's trager dan gewoonlijk

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Het opstarten van internet browsers, winamp enz gaat verschrikkelijk traag. ook het laden van webpaginas doet hij het er langer over.

    Kan je even kijken naar dit logfile aub:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 0:08:20, on 6/05/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\PixArt\Pac207\Monitor.exe

    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe

    C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

    C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe

    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

    C:\Windows\SysWOW64\ctfmon.exe

    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\rwema\AppData\Roaming\Complitly\Complitly.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll

    O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe

    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

    O4 - HKLM\..\Run: [RaidCall] "C:\Program Files (x86)\RaidCall\raidcall.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun

    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A6D6B3AC520D6B437DA7830B71069CDF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\rwema\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

    O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 10151 bytes

    ______________________________________________________________________

    Malwarebytes ook laten lopen en niets gevonden

    reclames op google chrome en vooral op google site zelf

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Zoek.exe Version 4.0.0.2 Updated 13-April-2013

    Tool run by Eigenaar on zo 14/04/2013 at 12:51:37,52.

    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

    Running in: Normal Mode Internet Access Detected

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

    HKEY_USERS\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully

    HKEY_USERS\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{968F0BED-6A6E-441E-AE32-5ED8DD06ACD4} deleted successfully

    HKEY_USERS\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

    HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

    ==== FireFox Fix ======================

    Deleted from C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\prefs.js:

    user_pref("browser.startup.homepage", "http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=791DAB33DFB5809CFD146D516878B1C9");

    user_pref("browser.search.defaulturl", "http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=791DAB33DFB5809CFD146D516878B1C9");

    user_pref("browser.search.defaultengine", "Ask.com");

    user_pref("browser.search.selectedEngine", "SecureSearch");

    user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");

    user_pref("browser.search.useDBForOrder", true);

    Added to C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\prefs.js:

    user_pref("browser.startup.homepage", "http://www.google.com");

    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.newtab.url", "http://www.google.com/");

    user_pref("browser.search.defaultengine", "Google");

    user_pref("browser.search.defaultenginename", "Google");

    user_pref("browser.search.selectedEngine", "Google");

    user_pref("browser.search.order.1", "Google");

    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.search.suggest.enabled", true);

    user_pref("browser.search.useDBForOrder", true);

    ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default

    ---- Lines ask.com removed from prefs.js ----

    ---- Lines ask.com modified from prefs.js ----

    ---- Lines ask.com removed from user.js ----

    ---- Lines helperbar removed from prefs.js ----

    user_pref("extensions.helperbar.DockingPositionDown", false);

    user_pref("extensions.helperbar.SmartbarDisabled", false);

    user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

    ---- Lines helperbar modified from prefs.js ----

    ---- Lines helperbar removed from user.js ----

    ---- Lines smartbar removed from prefs.js ----

    ---- Lines smartbar modified from prefs.js ----

    ---- Lines smartbar removed from user.js ----

    ---- FireFox user.js and prefs.js backups ----

    user_20131404_1257_.backup

    prefs_20131404_1257_.backup

    ==== Deleting Files \ Folders ======================

    "C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

    "C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\askcom.xml" deleted

    "C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\Search_Results.xml" deleted

    "C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\Web Search.xml" deleted

    "C:\Windows\system32\roboot.exe" deleted

    "C:\Program Files\Conduit" deleted

    "C:\Users\Eigenaar\AppData\Roaming\DealPly" deleted

    "C:\Users\Eigenaar\AppData\Roaming\Systweak" deleted

    "C:\Users\Eigenaar\AppData\Roaming\OpenCandy" deleted

    "C:\ProgramData\Ask" deleted

    "C:\ProgramData\Search Protection" deleted

    "C:\ProgramData\boost_interprocess" deleted

    "C:\ProgramData\Trymedia" deleted

    "C:\Users\Eigenaar\AppData\Local\Smartbar" deleted

    "C:\Users\Eigenaar\AppData\Local\Conduit" deleted

    "C:\Users\Eigenaar\AppData\LocalLow\DataMngr" deleted

    "C:\Users\Eigenaar\AppData\LocalLow\Conduit" deleted

    "C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\jetpack" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====

    2013-03-25 23:23:00 A7AD89AF950D003B603D7B689C7241C3 2000 ------w- C:\Windows\hpomdl14.dat

    2013-03-25 23:23:00 0B4D62CB83191107AEAF9873C868E446 152929 ----a-w- C:\Windows\hpoins14.dat

    ====== C:\Users\Eigenaar\AppData\Local\Temp ====

    2013-04-12 21:11:54 702BF5138F248D8529F5A6EFCE998AE3 3134432 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\49e0045f-8fbe-48ad-9d61-901ba1aba46d.exe

    2013-04-12 21:11:34 9735DEDF409CA1D491283BFA84AA89FE 20035584 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\6ffbe94c-e022-49d7-a483-ab488eaaf788.msi

    2013-04-12 19:22:00 CE171CB5900E46259DCCC9B3C2C848B1 886928 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\HC2SetupPvt.exe

    2013-04-12 19:21:48 1BE42EE5E0DFD8B190F889A013CA7D47 846368 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\dp.exe

    2013-04-12 19:21:42 BD3A6680252E4411A29EC87D35DFBBED 269508 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\LyricsPal.exe

    2013-04-04 14:53:47 CE755676AE6D27A1EFEEFB0F3C70A929 358600 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\APNStub.exe

    ====== C:\Windows\system32 =====

    2013-04-12 21:11:00 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\Windows\System32\sbbd.exe

    2013-04-11 12:30:08 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2013-04-11 12:30:07 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\System32\vbscript.dll

    2013-04-11 12:30:07 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\System32\mshtmled.dll

    2013-04-11 12:30:03 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\System32\ieui.dll

    2013-04-11 12:30:03 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\System32\jsproxy.dll

    2013-04-11 12:30:02 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

    2013-04-11 12:30:01 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\System32\msfeeds.dll

    2013-04-11 12:29:59 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\System32\wininet.dll

    2013-04-11 12:29:59 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\System32\jscript.dll

    2013-04-11 12:29:57 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\System32\jscript9.dll

    2013-04-11 12:29:57 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\System32\url.dll

    2013-04-11 12:29:55 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\System32\iertutil.dll

    2013-04-11 12:29:53 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\System32\urlmon.dll

    2013-04-11 12:29:52 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

    2013-04-11 12:29:48 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\System32\mshtml.dll

    2013-04-11 12:29:47 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\System32\ieframe.dll

    2013-04-10 11:44:40 21870BAB9C9B802AC641DD644708BDE4 3603816 ----a-w- C:\Windows\System32\ntkrnlpa.exe

    2013-04-10 11:44:39 E31AE50AFB2A4AE804D016E02EE6BE10 3551080 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2013-04-10 11:44:38 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe

    2013-04-10 11:44:38 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll

    2013-04-10 11:44:33 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll

    2013-04-10 11:44:30 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll

    2013-04-10 11:44:26 88FB35233A80BB42FF5B4E722705FEF4 2049024 ----a-w- C:\Windows\System32\win32k.sys

    2013-04-04 14:52:00 350C713C2D9B9F5549C50A8D3924E789 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

    ====== C:\Windows\system32\drivers =====

    2013-04-12 21:11:01 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\Windows\System32\drivers\gfibto.sys

    2013-04-10 11:44:45 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys

    2013-03-21 18:09:38 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

    ====== C:\Windows\Tasks ======

    ====== C:\Windows\Temp ======

    ======= C:\Program Files =====

    2013-03-27 12:59:31 -------- d-----w- C:\Program Files\MSXML 4.0

    2013-03-25 23:25:44 -------- d-----w- C:\Program Files\Common Files\HP

    2013-03-25 23:25:00 -------- d-----w- C:\Program Files\Hewlett-Packard

    2013-03-25 23:24:48 -------- d-----w- C:\Program Files\Common Files\Hewlett-Packard

    ======= C: =====

    2013-04-13 15:48:12 7A925779727B9BEE76B5FFD53285DFA0 5586 ----a-w- C:\AdwCleaner[R1].txt

    2013-04-12 20:51:40 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

    2013-04-12 20:51:40 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

    ====== C:\Users\Eigenaar\AppData\Roaming ======

    2013-04-12 21:20:18 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\LavasoftStatistics

    2013-03-25 23:34:01 -------- d-----w- C:\users\Eigenaar\AppData\Local\HP

    2013-03-25 23:30:12 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\HP

    ====== C:\Users\Eigenaar ======

    2013-04-12 21:13:28 -------- d-----w- C:\ProgramData\Downloaded Installations

    2013-03-25 23:29:41 -------- d-----w- C:\ProgramData\WEBREG

    2013-03-25 23:27:35 -------- d-----w- C:\ProgramData\HPSSUPPLY

    2013-03-25 23:26:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

    2013-03-25 23:26:03 -------- d-----w- C:\ProgramData\HP Product Assistant

    2013-03-21 16:18:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

    ====== C: exe-files ==

    2013-04-13 15:46:36 02C4F6C257542FCB7C58B7164D674471 613083 ----a-w- C:\Users\Eigenaar\Downloads\adwcleaner.exe

    2013-04-12 21:11:54 702BF5138F248D8529F5A6EFCE998AE3 3134432 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\49e0045f-8fbe-48ad-9d61-901ba1aba46d.exe

    2013-04-12 21:11:00 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\Windows\System32\sbbd.exe

    2013-04-12 21:11:00 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\i386\sbbd.exe

    2013-04-12 21:11:00 1A9D1452ABBC7C6DA6F6EC874669B7E9 200560 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\sbrc.exe

    2013-04-12 21:11:00 18B82D26821485E3950F405F4B5D58A3 326024 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\CartSdk64.exe

    2013-04-12 21:10:59 AD2961325270F3A34F36BB5622C62292 47496 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\amd64\sbbd.exe

    2013-04-12 21:10:41 CDB2D3FE2C362F46C8B529DB1F0DD2AB 5577352 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K30QPTCR\Adaware_Installer.exe

    2013-04-12 19:22:00 CE171CB5900E46259DCCC9B3C2C848B1 886928 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\HC2SetupPvt.exe

    2013-04-12 19:21:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\160UXI0O\HC2SetupPvt[1].exe

    2013-04-12 19:21:48 1BE42EE5E0DFD8B190F889A013CA7D47 846368 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\dp.exe

    2013-04-12 19:21:42 BD3A6680252E4411A29EC87D35DFBBED 269508 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\LyricsPal.exe

    2013-04-12 19:21:24 9159B731AC464EB1EFD3EC36D0A3C886 158144 ----a-w- C:\Users\Eigenaar\Downloads\HC2Setup.exe

    2013-04-12 08:38:20 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe

    2013-04-11 12:30:02 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

    2013-04-11 12:29:57 32732CEDE2A1106B736EF3D84054EE04 757376 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

    2013-04-10 11:44:40 21870BAB9C9B802AC641DD644708BDE4 3603816 ----a-w- C:\Windows\System32\ntkrnlpa.exe

    2013-04-10 11:44:39 E31AE50AFB2A4AE804D016E02EE6BE10 3551080 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2013-04-10 11:44:38 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe

    === C: other files ==

    2013-04-12 21:35:51 D29ACE77A887C4047A746A0241A2B7A9 5053914 ----a-w- C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiefegoncbfdemobfpaldfapbfiinmeo\1.0_0\theme.crx

    2013-04-12 21:11:01 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\Windows\System32\drivers\gfibto.sys

    2013-04-12 21:10:59 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\i386\gfibto.sys

    2013-04-12 21:10:59 14908F4F9005C29DE8F5587E271390EE 14456 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\9add4d89-9219-4c3f-80fb-c5875def0972\amd64\gfibto.sys

    2013-04-12 20:51:40 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

    2013-04-12 20:51:40 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

    2013-04-10 11:44:45 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys

    2013-04-10 11:44:26 88FB35233A80BB42FF5B4E722705FEF4 2049024 ----a-w- C:\Windows\System32\win32k.sys

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

    "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

    "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

    [HKEY_USERS\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

    "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe -autorun"

    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

    "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

    "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

    "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

    "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

    "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

    "WinampAgent"="C:\Program Files\Winamp\winampa.exe"

    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

    "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    "SearchProtection"="C:\ProgramData\Search Protection\_run.bat"

    "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

    "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe -autorun"

    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

    ==== Startup Folders ======================

    2013-03-25 23:26:48 1972 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/03/2013 13:46]

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15/11/2012 16:18]

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15/11/2012 16:18]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default

    - Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

    - avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

    - Lavasoft Search Plugin - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

    AppDir: C:\Program Files\Mozilla Firefox

    - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default

    05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U17

    D4BD9F86123C87ECA570418B69326F99 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

    2EFC4355F84BE8104A5D30E75AE8CF6F - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

    47299371607DC2FB234444EEACB1639E - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

    E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

    E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

    A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

    71B61A08992B0F895288CAAB2B43E3F7 - C:\Users\Eigenaar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

    C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

    AEA69AF0E4F27AABA1A4DF66B43179A3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

    C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

    6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

    0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

    AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

    2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

    ==== Deleting Files \ Folders ======================

    "C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack" deleted

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

    icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[31/10/2012 00:48]

    lfffjahnfbocnaooecgijfnbpcfekoik - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx[]

    Google Drive - Eigenaar - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

    YouTube - Eigenaar - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

    Google Search - Eigenaar - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

    Lamborghini - Eigenaar - Default\Extensions\fiefegoncbfdemobfpaldfapbfiinmeo

    avast WebRep - Eigenaar - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

    Gmail - Eigenaar - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

    ==== Set IE to Default ======================

    Old Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Start Page"="http://www.google.be/"

    "Search Bar"="http://www.google.com/ie"

    "Search Page"="http://www.google.com"

    "Default_Search_URL"="http://www.google.com/ie"

    "Use Search Asst"="yes"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

    "Default"="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=BE&userid=5424d002-651e-4345-b6d0-d0e53f5f5145&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}"

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

    "Default"="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=BE&userid=5424d002-651e-4345-b6d0-d0e53f5f5145&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}"

    @="http://www.google.com/search?q=%s"

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

    "SearchAssistant"="http://www.google.com/ie"

    "Default_Search_URL"="http://www.google.com/ie"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

    New Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

    "Start Page"="http://www.google.be/"

    "Use Search Asst"="no"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

    "(Default)"="http://search.msn.com/results.asp?q=%s"

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

    "(Default)"="http://search.msn.com/results.asp?q=%s"

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

    "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    {D59576FA-DEF3-4295-B18F-0AA4507E7F33} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

    ==== Reset Google Chrome ======================

    C:\users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

    C:\users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Uninstall List x86 ======================

    32 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}]

    Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]

    Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

    Adobe Reader X (10.1.0) - Nederlands [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AA1000000001}]

    AIO_Scan [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}]

    Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}]

    Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}]

    Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]

    avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\avast]

    BufferChm [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2662C24-B31E-4349-A084-32EB76E8B760}]

    Bundled software uninstaller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller]

    Bus Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bus Driver]

    Copy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1753255A-0AEB-4220-8C75-607B73F0C133}]

    CustomerResearchQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}]

    D3DX10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]

    DAEMON Tools Pro [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Pro]

    Destination Component [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}]

    DeviceDiscovery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22466889-7642-488d-AA0E-F619704CF7AB}]

    DeviceManagementQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}]

    DJ_AIO_ProductContext [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E548726E-F4E8-459f-BAB8-45551BC071E9}]

    DJ_AIO_Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA50045C-5119-48e7-9BA7-6B317379857A}]

    DJ_AIO_Software_min [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4F35A00-24FD-4fb3-BF5E-413D5423434D}]

    DVD Flick 1.3.0.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVD Flick_is1]

    eSupportQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}]

    F2100 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F1C409F0-8322-4c87-BD08-2F62777D490D}]

    F2100_doccd [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C5EF81AC-FE4C-4157-97E3-2E08B000742A}]

    F2100_Help [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1920D73-7374-49d9-8C37-58A6E49078A5}]

    Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

    Google Earth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}]

    Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

    HiJackThis [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}]

    HP Customer Participation Program 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]

    HP Deskjet All-In-One Software 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}]

    HP Imaging Device Functions 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]

    HP Photosmart Essential 2.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Photosmart Essential]

    HP Photosmart Essential2.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8389382B-53BA-4A87-8854-91E3D80A5AC7}]

    HP Solution Center 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools]

    HP Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}]

    HPProductAssistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AEA07F97-9088-497c-8821-0F36BD5DC251}]

    HPSSupply [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}]

    Intel PROSet Wireless [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ProInst]

    Intel© Matrix Storage Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}]

    iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F6F6876-6334-4977-B5DD-CFC12E193420}]

    Java 7 Update 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}]

    Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

    LibreOffice 3.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CBCF6C86-4738-4A84-9C2C-331804DCEB9B}]

    Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

    MarketResearch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13F00518-807A-4B3A-83B0-A7CD90F3A398}]

    Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{101738D7-D805-37A9-BB91-1F2C351782BF}]

    Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}]

    Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}]

    Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}]

    Microsoft Primary Interoperability Assemblies 2005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}]

    Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{390DD8BB-BB57-4942-A029-2D913E4E9D74}]

    Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client]

    Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

    Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]

    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

    Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

    Mozilla Firefox 19.0.2 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 19.0.2 (x86 nl)]

    Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]

    MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]

    MSXML 4.0 SP2 (KB927978) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}]

    MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]

    MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]

    NVIDIA Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers]

    Picasa 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Picasa 3]

    PSSWCORE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}]

    RCT3 Soaked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}]

    RollerCoaster Tycoon© 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{907B4640-266B-4A21-92FB-CD1A86CD0F63}]

    Scan [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}]

    Segoe UI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}]

    Software van Intel® PROSet/Wireless WiFi [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26921B2E-3E62-47F9-A514-1FC4A83BD738}]

    SolutionCenter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}]

    Status [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}]

    System Requirements Lab CYRI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5F05232-96B6-4552-A480-785A60A94B21}]

    Toolbox [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}]

    TrayApp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{10E1E87C-656C-4D08-86D6-5443D28583BE}]

    Unity Web Player [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer]

    UnloadSupport [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{543E938C-BDC4-4933-A612-01293996845F}]

    VideoToolkit01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824D3839-DAA1-4315-A822-7AE3E620E528}]

    VLC media player 2.0.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]

    WebReg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}]

    Winamp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp]

    Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]

    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}]

    Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]

    Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}]

    Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]

    Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}]

    Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}]

    Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}]

    Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]

    Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}]

    Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}]

    Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]

    Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]

    Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]

    Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]

    Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}]

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully

    ==== HijackThis Entries ======================

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [searchProtection] C:\ProgramData\Search Protection\_run.bat

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    ==== Empty IE Cache ======================

    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

    C:\Users\Eigenaar\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Eigenaar\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Eigenaar\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\3uhma1i0.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    After Reboot

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    C:\Users\Eigenaar\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

    Hier de log van zoek.exe

    reclames op google chrome en vooral op google site zelf

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Ondanks AdAware is er toch nog behoorlijk wat rotzooi van de PC verwijderd.

    Download zoek.exe naar het bureaublad.

    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
      (hier of hier) kan je lezen hoe je dat doet.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

     
startupall; 
filesrcm; 
uninstall-list;

    • Klik op de knop "Options" en vink nu de onderstaande opties aan.

      • HijackThis Log
      • Firefox Look
      • Chrome Look
      • Firefox Defaults
      • Reset Chrome
      • Empty Temp Folders
      • IE Defaults
      • Auto Clean

      [*] Klik daarna op de knop "Run script".

      [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

      [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

      [*] Post nu de inhoud van het geopende logje in het volgende bericht.

    Wat doet dat programma precies met IE en chrome?

    Bij IE wil ik toch zeker dat de opgeslagen wachtwoorden op websites zelf zeker niet verloren gaan. Want mijn vader wil zeker niet dat wachtwoorden op outlook.com, tweedehands enz niet kwijtraken . Dus de cookies van die sites mogen niet verloren gaan :s

    reclames op google chrome en vooral op google site zelf

    in Archief Bestrijding malware & virussen

    Geplaatst:

    # AdwCleaner v2.200 - Verslag gemaakt op 13/04/2013 om 17:48:12

    # Geactualiseerd op 02/04/2013 door Xplode

    # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

    # Gebruiker : Eigenaar - PC_VAN_EIGENAAR

    # Opstarten Modus : Normale modus

    # Gelanceerd vanaf : C:\Users\Eigenaar\Downloads\adwcleaner.exe

    # Optie [Zoeken]

    ***** [Diensten] *****

    ***** [Files / Mappen] *****

    File Aanwezig : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml

    File Aanwezig : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml

    File Aanwezig : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\Askcom.xml

    File Aanwezig : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\Search_Results.xml

    File Aanwezig : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\SweetIm.xml

    File Aanwezig : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\searchplugins\Web Search.xml

    Map Aanwezig : C:\Program Files\Conduit

    Map Aanwezig : C:\ProgramData\Ask

    Map Aanwezig : C:\ProgramData\boost_interprocess

    Map Aanwezig : C:\ProgramData\search protection

    Map Aanwezig : C:\ProgramData\Trymedia

    Map Aanwezig : C:\Users\Eigenaar\AppData\Local\Conduit

    Map Aanwezig : C:\Users\Eigenaar\AppData\Local\Smartbar

    Map Aanwezig : C:\Users\Eigenaar\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f}

    Map Aanwezig : C:\Users\Eigenaar\AppData\Local\Temp\AskSearch

    Map Aanwezig : C:\Users\Eigenaar\AppData\LocalLow\Conduit

    Map Aanwezig : C:\Users\Eigenaar\AppData\Roaming\DealPly

    Map Aanwezig : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\jetpack

    Map Aanwezig : C:\Users\Eigenaar\AppData\Roaming\OpenCandy

    ***** [Register] *****

    Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar

    Sleutel Aanwezig : HKCU\Software\Conduit

    Sleutel Aanwezig : HKCU\Software\DataMngr

    Sleutel Aanwezig : HKCU\Software\DataMngr_Toolbar

    Sleutel Aanwezig : HKCU\Software\ilivid

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

    Sleutel Aanwezig : HKCU\Software\Softonic

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

    Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Toolbar.CT3201318

    Sleutel Aanwezig : HKLM\Software\Conduit

    Sleutel Aanwezig : HKLM\Software\iLividSRTB

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

    Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar

    Sleutel Aanwezig : HKU\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

    Sleutel Aanwezig : HKU\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

    Sleutel Aanwezig : HKU\S-1-5-21-3521289783-3624962075-4114416922-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    Waarde Aanwezig : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

    ***** [browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=BE&userid=5424d002-651e-4345-b6d0-d0e53f5f5145&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}

    [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=BE&userid=5424d002-651e-4345-b6d0-d0e53f5f5145&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}

    -\\ Mozilla Firefox v19.0.2 (nl)

    File : C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\3uhma1i0.default\prefs.js

    Aanwezig : user_pref("browser.search.defaultengine", "Ask.com");

    Aanwezig : user_pref("extensions.helperbar.SmartbarDisabled", false);

    Aanwezig : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

    -\\ Google Chrome v26.0.1410.64

    File : C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Aanwezig [l.38] : search_url = "hxxp://lavasoft.blekko.com/ws/?source=f439e2c0&tbp=rbox&toolbarid=adawaretb&u=791DAB33DFB5809CFD146D516878B1C9&q={searchTerms}",

    *************************

    AdwCleaner[R1].txt - [5457 octets] - [13/04/2013 17:48:12]

    ########## EOF - C:\AdwCleaner[R1].txt - [5517 octets] ##########

    Ik moet wel zeggen dat ik gisteren een andere programma heb gedownload die "ad aware" heet en hij had al een groot deel van de troep opgeruimd.

    reclames op google chrome en vooral op google site zelf

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4Scan saved at 17:35:39, on 13/04/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Program Files\Winamp\winampa.exe

    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\ProgramData\Search Protection\SearchProtection.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files\Bus Driver\busdriver.exe

    C:\Users\Eigenaar\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

    O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

    O4 - HKLM\..\Run: [searchProtection] C:\ProgramData\Search Protection\_run.bat

    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

    --

    End of file - 7597 bytes

    hier mijn nieuwe log file. dat van die toolbaar krijg ik vreemd genoeg niet verwijderd, heb het nochtans als admistrator gedaan

    reclames op google chrome en vooral op google site zelf

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Kan iemand eens kijken naar deze log :adore: Krijg sinds 2 minuten altijd reclame op google chrome en op de site van google zelf. Komt na het downloaden van een gratis programmatje die ik gevonden had op internet.

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 21:44:56, on 12/04/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Program Files\Winamp\winampa.exe

    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files\Google\Chrome\Application\chrome.exe

    C:\Users\Eigenaar\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} - C:\Program Files\XingHaoLyrics\lrcspal.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O2 - BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll

    O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll

    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\RunOnce: [Del41505875] cmd.exe /Q /D /c del "C:\Users\Eigenaar\AppData\Local\Temp\0.del"

    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\RunOnce: [Del41505813] cmd.exe /Q /D /c del "C:\Users\Eigenaar\AppData\Local\Temp\0.del"

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --

    End of file - 8095 bytes

    Moppen tappen

    in Moppen Tappen

    Geplaatst:

    LET OP!! Een nieuw virus doet van zich spreken.

    Het heet Worm Engaging & Reaction Killer (afgekort W.E.R.K)

    Je kan W.E.R.K. krijgen van je chef of van je collega's.

    Raak het niet aan!

    Het virus wist je priveleven.

    Op den duur heeft het virus je zodanig in de ban dat het al om 8uur 's ochtends actief wordt (soms nog vroeger) en je er de hele dag door geplaagd wordt.

    Bij sommigen gaat het zelfs 's avonds niet over.

    Als je in contact komt met W.E.R.K. zijn er 2 oplossingen;

    de eerste is Werk Isolerende & Joviale Neutralisator (afgekort WIJN) .

    De tweede is "Betrouwbare Interactieve & Eliminerende Rebooter( afgekort BIER).

    Beide oplossingen zijn te krijgen in de supermarkt, gecombineerd met; Veel eten,rusten,leven of feesten (afgekort V.E.R.L.O.F)

    deel dit bericht met je vrienden.

    Heb je geen vrienden meer dan heeft het W.E.R.K je al besmet!

    Zalig gewoon :D

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.