ricardo425

Malwarebytes' Anti-Malware 1.51.1.1800 Malwarebytes : Free anti-malware download Databaseversie: 7329 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 30/07/2011 23:08:16 mbam-log-2011-07-30 (23-08-16).txt Scantype: Snelle scan Objecten gescand: 218590 Verstreken tijd: 3 minuut/minuten, 29 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 5 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully. c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully. c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully. c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully. Dit is het tweede logje (hopelijk ook een goed)

# AdwCleaner v3.012 - Report created 12/11/2013 at 18:03:17 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Richard - RICHARD-PC # Running from : C:\Users\Richard\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\~0 Folder Deleted : C:\Program Files (x86)\NCH Software Folder Deleted : C:\Program Files (x86)\Vuze Folder Deleted : C:\Users\Richard\Documents\optimizer pro File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\user.js File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_business-card-designer-plus_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_business-card-designer-plus_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick(2)_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick(2)_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\0cb5492e-629d-49f7-a64c-735be231d65d Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FF694D1-DB84-4136-B310-A95C08D5639D} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97B80390-07E2-4D76-9595-38DB325C6CFB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\NCH Software Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\Software\NCH Software Key Deleted : HKLM\Software\Web Assistant Key Deleted : HKLM\Software\Vuze_Remote Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EF17083-57D4-4D64-AE4F-55F32A2C4571} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Key Deleted : [x64] HKLM\SOFTWARE\DataMngr Key Deleted : [x64] HKLM\SOFTWARE\systweak Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Mozilla Firefox v25.0 (nl) [ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ] [ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\prefs.js ] Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc"); Line Deleted : user_pref("extentions.webcake.installId", "fada0fc7-f74e-4243-8569-3a16c2f1f310"); [ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [17825 octets] - [12/11/2013 18:02:20] AdwCleaner[s0].txt - [17133 octets] - [12/11/2013 18:03:17] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [17194 octets] ########## Dit is de eerste log (hopelijk de goede)

Zoek.exe Version 4.0.0.5 Updated 09-November-2013 Tool run by Richard on di 12/11/2013 at 13:43:35,99. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Richard\Desktop\zoek.pif [script inserted] ==== System Restore Info ====================== 12/11/2013 13:45:31 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{62E8729B-91A2-4E38-A32A-F80E24AE512C} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{dd000e12-c224-49a5-899e-0b37dbd95f15} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd000e12-c224-49a5-899e-0b37dbd95f15} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0 ---- Lines incredibar removed from prefs.js ---- user_pref("browser.newtab.url", "http://mystart.incredibar.com/mb128?a=6OyJP4gQoy&loc=FF_NT"); ---- FireFox user.js and prefs.js backups ---- user_20131211_1358_.backup prefs_20131211_1358_.backup ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137 ---- Lines delta removed from prefs.js ---- user_pref("browser.newtab.url", "http://www1.delta-search.com/?babsrc=NT_ss&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970"); user_pref("browser.search.defaultenginename", "Delta Search"); user_pref("browser.search.selectedEngine", "Delta Search"); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd"); user_pref("extensions.delta.instlDay", "15927"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.22.0"); user_pref("extensions.delta.vrsni", "1.8.22.0"); user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:41"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15927"); user_pref("extensions.delta.vrsn", "1.8.22.0"); user_pref("extensions.delta.vrsni", "1.8.22.0"); user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:41"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines CT2269050 removed from prefs.js ---- user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1372005055481,\"isWithState\":\"\",\"timeFromStar ---- Lines babsrc removed from prefs.js ---- user_pref("browser.startup.homepage", "http://isearch.babylon.com/?babsrc=HP_ss_Btisdt3&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970"); ---- Lines Search-Results removed from prefs.js ---- user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=464&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=152031358112472 ---- Lines smartbar removed from prefs.js ---- user_pref("smartbar.machineId", "7SGOR2YCANS9N/ZANPAC4GXRGH12UYHUDY7VM7WRFOG8L3KR4IB+PRPC0XY3STLRHW6KC5GK69BYX+IFREZDEW"); ---- FireFox user.js and prefs.js backups ---- user_20131211_1358_.backup prefs_20131211_1358_.backup ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15927"); user_pref("extensions.delta.vrsn", "1.8.22.0"); user_pref("extensions.delta.vrsni", "1.8.22.0"); user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:34"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines incredibar removed from user.js ---- user_pref("extensions.incredibar_i.newTab", false); user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6OyJP4gQoy&loc=IB_TB&i=26&search="); user_pref("extensions.incredibar_i.id", "a0cd090000000000000000256487f1cd"); user_pref("extensions.incredibar_i.instlDay", "15554"); user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1418:02:33"); user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); user_pref("extensions.incredibar_i.prdct", "incredibar"); user_pref("extensions.incredibar_i.aflt", "orgnl"); user_pref("extensions.incredibar_i.smplGrp", "none"); user_pref("extensions.incredibar_i.tlbrId", "base"); user_pref("extensions.incredibar_i.instlRef", ""); user_pref("extensions.incredibar_i.dfltLng", ""); user_pref("extensions.incredibar_i.excTlbr", false); user_pref("extensions.incredibar_i.ms_url_id", ""); user_pref("extensions.incredibar_i.upn2", "6OyJP4gQoy"); user_pref("extensions.incredibar_i.upn2n", "92261862249932898"); user_pref("extensions.incredibar_i.productid", "26"); user_pref("extensions.incredibar_i.installerproductid", "26"); user_pref("extensions.incredibar_i.did", "10658"); user_pref("extensions.incredibar_i.ppd", ""); ---- FireFox user.js and prefs.js backups ---- user_20131211_1358_.backup prefs_20131211_1358_.backup ==== Deleting Files \ Folders ====================== C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} not found C:\Program Files (x86)\WebCake deleted C:\Program Files (x86)\Delta deleted C:\Program Files (x86)\ViewPassword deleted C:\ProgramData\Codecv deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\BearShareWebSearch.xml deleted C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted C:\PROGRA~2\Mozilla Firefox\extensions\ffxtlbr@babylon.com deleted C:\PROGRA~2\DVDVideoSoftTB deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~2\BearShare Applications\MediaBar deleted C:\PROGRA~2\Vuze_Remote deleted C:\PROGRA~2\Optimizer Pro deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\ConduitEngine deleted C:\Users\Richard\AppData\Roaming\Betcat deleted C:\Users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\Richard\AppData\Roaming\WebCake deleted C:\Users\Richard\AppData\Roaming\BabSolution deleted C:\Users\Richard\AppData\Roaming\Babylon deleted C:\Users\Richard\AppData\Roaming\Delta deleted C:\Users\Richard\AppData\Roaming\OpenCandy deleted C:\Users\Richard\Music\Qtrax Media Library deleted C:\ProgramData\GBox deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Tarma Installer deleted C:\ProgramData\Premium deleted C:\ProgramData\Babylon deleted C:\Users\Richard\AppData\Local\Ilivid Player deleted C:\Users\Richard\AppData\Local\BearShare deleted C:\Users\Richard\AppData\Local\PackageAware deleted C:\Users\Richard\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecv deleted C:\Users\Richard\Downloads\iLividSetup(1).exe deleted C:\Users\Richard\Downloads\iLividSetup.exe deleted C:\Users\Richard\Downloads\iLividSetupV1.exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(1).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(10).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(11).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(12).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(13).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(14).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(15).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(16).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(17).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(18).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(19).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(2).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(20).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(3).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(4).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(5).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(6).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(7).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(8).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(9).exe deleted C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2013.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_business-card-designer-plus.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_cheat-engine.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick(1).exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick(2).exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_fastest-free-youtube-downloader-to-mp3-converter.exe deleted C:\Users\Richard\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe deleted C:\Users\Richard\Downloads\bs_AviSub.exe deleted C:\Users\Richard\AppData\LocalLow\DVDVideoSoftTB deleted C:\Users\Richard\AppData\LocalLow\Vuze_Remote deleted C:\Users\Richard\AppData\LocalLow\AskToolbar deleted C:\Users\Richard\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted C:\Users\Richard\AppData\LocalLow\Conduit deleted C:\Users\Richard\AppData\LocalLow\ConduitEngine deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\windows\SysNative\tasks\QtraxPlayer deleted C:\windows\SysNative\tasks\ViewPassword Update deleted C:\Windows\tasks\ViewPassword Update.job deleted C:\END deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\searchplugins\babylon.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\askcom.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\BearShareWebSearch.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\MyStart Search.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\mywebsearch.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\Search_Results.xml deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\jetpack deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\staged deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT1750559 deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2269050 deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2405280 deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2504091 deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\bearsharemediabartb deleted C:\Users\Richard\Desktop\avg_free_stb_all_2013_3343_softonic.exe deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\extensions\ffxtlbr@delta.com deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\ffxtlbr@delta.com deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\ffxtlbr@incredibar.com deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\conduit deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\conduitCommon deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\ConduitEngine deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\smartbar deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted "C:\ProgramData\{AB072820-F316-1E92-378A-00006D58C85E}" deleted "C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\searchplugins\conduit.xml" deleted "C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\conduit.xml" deleted "C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\GadgetBox.xml" deleted "C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Users\Richard\AppData\Roaming\GrabPro" deleted "C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\OneClickDownload@OneClickDownload.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Richard\AppData\Local\Temp ==== 2013-11-07 19:06:21 4791AE5E215984C67A8FA972EDB7A240 6565456 ----a-w- C:\Users\Richard\AppData\Local\Temp\ins7850\OptimizerPro.exe 2013-10-29 18:40:45 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Richard\AppData\Local\Temp\e4j2E42.tmp_dir1383072045\i4jdel.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2013-11-12 12:43:51 B30E7E95792522EBA7107E997E1F29F6 3124 ----a-w- C:\Windows\Sysnative\Tasks\{7828E54C-9E27-415E-A17F-75BE1A3C4140} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2013-11-07 21:14:29 -------- d-----w- C:\PROGRA~2\DVDVideoSoft 2013-11-05 09:33:13 -------- d-----w- C:\PROGRA~2\HP ======= C: ===== ====== C:\Users\Richard\AppData\Roaming ====== ====== C:\Users\Richard ====== 2013-11-07 21:05:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe 2013-11-07 19:06:48 -------- d-----w- C:\ProgramData\TEMP 2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe 2013-11-05 09:30:56 4B940426C620D256D95832107F0FD271 29851432 ----a-w- C:\Users\Richard\Downloads\CPE_SCAN_DESTINATION_UPDATE_hpcom_001_003.exe 2013-10-21 08:04:32 -------- d-----w- C:\ProgramData\Oracle 2013-10-21 08:03:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-11-07 21:14:41 7D7C3AD829DFCF0115E9F1AADF98E36B 2599992 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 2013-11-07 21:14:41 164CCE0C3BDD7AA31C1149BA0C612A6E 83000 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ytgroovlc.exe 2013-11-07 21:14:40 EA21AD0A797FAA1752DC9ABECFA8EE80 6473616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 2013-11-07 21:14:29 BB9432BE9908C95355B62A4B0CC6D68B 1176256 ----a-w- C:\Program Files (x86)\DVDVideoSoft\unins000.exe 2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe 2013-11-07 19:06:21 4791AE5E215984C67A8FA972EDB7A240 6565456 ----a-w- C:\Users\Richard\AppData\Local\Temp\ins7850\OptimizerPro.exe 2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dell DataSafe Online"="C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe /m" "PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "Desktop Disc Tool"="c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 20:00] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51] C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04] C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Richard-PC-Richard" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe] "C:\Windows\SysNative\tasks\Richard Local Autobackup 5 4" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe] "C:\Windows\SysNative\tasks\Richard NBAgent 5 4" ["C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe] "C:\Windows\SysNative\tasks\{0D1F5378-CE5F-4070-A060-8C3F15A7F9CF}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe] "C:\Windows\SysNative\tasks\{1110D5EC-E363-45ED-89C5-920752F24C5D}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe] "C:\Windows\SysNative\tasks\{1D821C4C-874D-4298-B939-A66C634E60BB}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{49D6CC22-8EF2-4D0C-89F8-3B2F592BC7E5}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{755BF4F0-5808-4C54-9202-B114B124B895}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe] "C:\Windows\SysNative\tasks\{85500AFC-EC88-438B-985D-6B002A97E5C4}" [C:\Users\Richard\Videos\TETRIS.EXE] "C:\Windows\SysNative\tasks\{A3B3BB82-1528-4018-96B0-E85CFC970F1B}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{DEA86D37-B63B-4EA6-B545-3589D3C3AB5A}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}"="C:\Program Files (x86)\ViewPassword\134.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0 - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137 - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Web Assistant\Firefox - Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash 341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\Richard\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Richard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash 99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default 045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash 99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Deleted Firefox Extensions ====================== C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\plugin@getwebcake.com deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\extensions\plugin@getwebcake.com deleted C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\plugin@getwebcake.com deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Richard\AppData\Local\Temp\ccex.crx[] dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Richard\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[] dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[] eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Richard\AppData\Roaming\BabSolution\CR\Delta.crx[] fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\Betcat\WebCakeLayers.crx[] jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files (x86)\ViewPassword\134.crx[] njdbghcihepglhgmfmmmdjbjgebgkflm - C:\ProgramData\Codecv\njdbghcihepglhgmfmmmdjbjgebgkflm.crx[] pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[] ==== Chrome Fix ====================== C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://isearch.babylon.com/?babsrc=HP_ss_Btisdt3&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {5414BBD4-921E-4815-AA47-9AC3415C1BEB} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5414BBD4-921E-4815-AA47-9AC3415C1BEB} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Mozilla\Firefox\Extensions\{cb056958-eb1d-47a5-a7c2-35fd94d51b3f} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E931A51-A183-4E66-8562-D82896E74C67} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\njdbghcihepglhgmfmmmdjbjgebgkflm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Richard\AppData\Local\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully Volgens het uur zou dit dan het eerste moeten zijn. Heb inderdaad het progje twee keer laten zoeken

Zoek.exe Version 4.0.0.5 Updated 09-November-2013 Tool run by Richard on di 12/11/2013 at 15:47:13,96. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Richard\Desktop\zoek.pif [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-12-131206.log 39665 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\WebCake not found C:\Program Files (x86)\Delta not found C:\Program Files (x86)\ViewPassword not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Richard\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2013-11-12 12:43:51 B30E7E95792522EBA7107E997E1F29F6 3124 ----a-w- C:\Windows\Sysnative\Tasks\{7828E54C-9E27-415E-A17F-75BE1A3C4140} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2013-11-07 21:14:29 -------- d-----w- C:\PROGRA~2\DVDVideoSoft 2013-11-05 09:33:13 -------- d-----w- C:\PROGRA~2\HP ======= C: ===== ====== C:\Users\Richard\AppData\Roaming ====== 2013-11-12 13:12:06 -------- d-----w- C:\Users\Richard\AppData\Local\Temp ====== C:\Users\Richard ====== 2013-11-07 21:05:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe 2013-11-07 19:06:48 -------- d-----w- C:\ProgramData\TEMP 2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe 2013-11-05 09:30:56 4B940426C620D256D95832107F0FD271 29851432 ----a-w- C:\Users\Richard\Downloads\CPE_SCAN_DESTINATION_UPDATE_hpcom_001_003.exe 2013-10-21 08:04:32 -------- d-----w- C:\ProgramData\Oracle 2013-10-21 08:03:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2013-11-07 21:14:41 7D7C3AD829DFCF0115E9F1AADF98E36B 2599992 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 2013-11-07 21:14:41 164CCE0C3BDD7AA31C1149BA0C612A6E 83000 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ytgroovlc.exe 2013-11-07 21:14:40 EA21AD0A797FAA1752DC9ABECFA8EE80 6473616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 2013-11-07 21:14:29 BB9432BE9908C95355B62A4B0CC6D68B 1176256 ----a-w- C:\Program Files (x86)\DVDVideoSoft\unins000.exe 2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe 2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe === C: other files == 2013-11-12 13:13:29 94018008136C7E5E1F4EFFC48190CFBA 6513466 ----a-w- C:\ProgramData\AVG2014\IDS\quarantine\d5bdc94a-ece2-444a-9866-786701e8847b.zip 2013-11-12 13:13:28 81190455E95F8514C35ACBB8F51BE813 649689 ----a-w- C:\ProgramData\AVG2014\IDS\outbox\ng\6c766a6e-7da6-47d3-b96e-d16c2263183e.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dell DataSafe Online"="C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe /m" "PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "Desktop Disc Tool"="c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk 2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 20:00] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51] C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04] C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Richard-PC-Richard" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe] "C:\Windows\SysNative\tasks\Richard Local Autobackup 5 4" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe] "C:\Windows\SysNative\tasks\Richard NBAgent 5 4" ["C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe] "C:\Windows\SysNative\tasks\{0D1F5378-CE5F-4070-A060-8C3F15A7F9CF}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe] "C:\Windows\SysNative\tasks\{1110D5EC-E363-45ED-89C5-920752F24C5D}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe] "C:\Windows\SysNative\tasks\{1D821C4C-874D-4298-B939-A66C634E60BB}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{49D6CC22-8EF2-4D0C-89F8-3B2F592BC7E5}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{755BF4F0-5808-4C54-9202-B114B124B895}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe] "C:\Windows\SysNative\tasks\{85500AFC-EC88-438B-985D-6B002A97E5C4}" [C:\Users\Richard\Videos\TETRIS.EXE] "C:\Windows\SysNative\tasks\{A3B3BB82-1528-4018-96B0-E85CFC970F1B}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{DEA86D37-B63B-4EA6-B545-3589D3C3AB5A}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137 - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Web Assistant\Firefox - Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash 341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\Richard\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Richard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash 99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default 045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash 99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Richard\AppData\Local\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Richard\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Richard\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PYAML5K9\27961.pix-cdn.org" not found ==== EOF on di 12/11/2013 at 16:12:15,12 ====================== Dit zou het logje moeten zijn

Hallo beste vrienden, Ik krijg steeds maar reclame op mijn pc. Daarom deze controle om er me vanaf te helpen. Dank bij voorbaat [ATTACH]28936[/ATTACH] hijackthis.log

Hallo beste vrienden, Ik heb een printer HP Deskjet F380. Sinds enkele dagen wil deze niks meer printen. Ik heb al de software verwijderd en terug geïnstalleerd, en toch doet deze het niet. Wat gaat er hier mis? Kan iemand me helpen? Dank bij voorbaat

De laptop staat nu al een hele tijd aan en dit is er voor het ogenblik

Hallo vrienden, Ik heb een THOSHIBA satelite L20-155. Bij het opstarten krijg ik bovenstaand beeld. Aan wat ligt dat en kan dit verholpen worden met jullie hulp of word dit voer voor een technicus? Dank bij voorbaat

Heb de laptop niet meer gezien. houd dit nog open tot zondag en dan sluit ik dit als opgelost.

Nog steeds hetzelfde. Ben nu aan het wachten tot de paasvakantie om verder te doen, de laptop is in gebruik voor school

Graag had ik een handleiding van een suroundsysteem van SONY SA-VE 356T. Waar kan ik deze vinden? Dank bij voorbaat

De memtest is niet gelukt. Daarna zijn de twee logjes dan toch gelukt. Ik heb een toetsenbord met USB-aansluiting

Heb ondertussen een e-mailadres gemaakt bij Gmail.

Het ronkend geluid bleef maar aanhouden en ik kon niet afsluiten. Heb er dan maar adapter en batterij uit gehaald en terug aangesloten. Is opgestart met het piepend geluid. Nu doe ik niks verder tot een mogelijke oplossing

Na een twee maal opnieuw geprobeerd te hebben blijkt deze nu wel op te starten en kan ik weer alles bekijken. Durf hem niet herop te starten, nu hij goed is. Maar zal wel moeten zeker - - - Updated - - - Heb de laptop weer heropgestart en kreeg weer de pieptonen. Na op F2 te hebben gedrukt was deze na enkele seconden weg en startte windows op. Weer opende allerlei pagina's open zonder er naar te vragen. Nu vraagt deze om een update van Adobe reader en krijg ik een ronkend aanhoudend geluid. Wat gaat er hier toch allemaal mis met deze laptop????

Neen, komt direct op Windows hervatten en dan sluit hij zichzelf af

We zijn nu al enkele uren voorbij en ik heb meermaals geprobeerd om de laptop op te starten maar gaat niet. Eenmaal het bureuablad tevoorschijn komt valt de laptop weer uit.

Nadat ik uw raad hier opgevolgd heb, en daarna de laptop opnieuw opstart (want dat word gevraagd). Loopt het hier toch helemaal mis. de programma's die ik uitgevinkt had blijven ongevraagd mee opstarten en na een tijdje krijg ik een zwart scherm met allerlei meldingen, zoals onvoldoende geheugen realtime reageert niet en nog andere die ik niet goed kon lezen. Heb de laptop dan maar terug heropgestart maart heb schrik om verder te doen. Configuratiescherm staat nu open zonder erom gevraagd te hebben,Kan het zelfs niet sluiten door op het rode kruisje te klikken. DENK DAT DIT GEEN GOED IDEE WAS OM DEZE RAAD OP TE VOLGEN - - - Updated - - - Ik heb alles afgesloten om de laptop uit te schakelen. Enige tijd gewacht en terug opgestart. Krijg nog steeds dat piepend geluid. Na enige tijd start deze gewoon op en opeens een zwart scherm en de laptop sluit zichzelf af. Al tot 3x toe opnieuw geprobeerd maar krijg deze niet op gang.

Ja bij het opstarten krijg ik nog een 50 tal piepgeluiden. Daarna start de laptop gewoon op. En ik krijg ook nog enkele pagina's die openen zonder ernaar te vragen (apparaatbehher, configuratiescherm, facebook, skype, e.d.).

ask toolbar staat er niet meer. Babylon toolbar for IE staat er niet meer bij. Babylon object installer heb ik kunnen verwijderen. Conduit Engine heb ik kunnen verwijderd. Java TM6 Update22 heb ik kunnen verwijderen. Java TM6 update 31 heb ik kunnen verwijderen Oovoo heb ik kunnen verwijderen Oovoo toolbar heb ik niet kunnen verwijderen, blijft op wachten staan

ComboFix 13-02-18.02 - Matthias 20/02/2013 12:26:20.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3002.1868 [GMT 1:00] Gestart vanuit: c:\users\Matthias\Downloads\ComboFix.exe AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Common Files\Acer GameZone online.ico c:\users\Matthias\AppData\Roaming\.# c:\users\Matthias\AppData\Roaming\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-20 to 2013-02-20 )))))))))))))))))))))))))))))) . . 2013-02-20 11:42 . 2013-02-20 11:42 -------- d-----w- c:\users\Mcx1-MATTHIAS-PC\AppData\Local\temp 2013-02-20 11:42 . 2013-02-20 11:42 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-19 20:46 . 2013-02-19 18:52 24064 ----a-w- c:\windows\zoek-delete.exe 2013-02-19 20:46 . 2013-02-20 11:42 -------- d-----w- c:\users\Matthias\AppData\Local\Temp 2013-02-17 20:37 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-16 12:24 . 2013-02-16 12:44 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-16 12:04 . 2013-02-16 12:04 -------- d-----w- c:\users\Matthias\AppData\Local\Programs 2013-02-16 02:05 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-16 02:05 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-16 02:02 . 2013-01-09 01:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2013-02-15 18:04 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-15 18:04 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-15 18:04 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-15 18:04 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-15 18:03 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-15 18:03 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-15 18:03 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-15 18:03 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-15 18:03 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-15 18:03 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-15 18:03 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-15 18:03 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-15 17:58 . 2013-02-15 17:58 -------- d-----w- c:\program files\Speccy 2013-02-11 13:43 . 2013-02-16 12:19 -------- d-----w- c:\users\Matthias\AppData\Roaming\WinDbg 2013-02-11 10:51 . 2013-02-11 10:51 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-02-11 10:51 . 2013-02-11 10:50 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-10 17:04 . 2013-02-10 17:04 -------- d-----w- c:\users\Matthias\AppData\Roaming\Radiocom 2013-02-10 16:14 . 2013-02-10 16:14 -------- d-----w- c:\users\Matthias\AppData\Roaming\vlc 2013-02-10 16:13 . 2013-02-10 16:13 -------- d-----w- c:\users\Matthias\RichMedia 2013-02-10 14:33 . 2013-01-15 08:54 93984 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll 2013-02-10 14:32 . 2013-02-10 14:32 -------- d-----w- c:\programdata\TuneUp Software 2013-02-10 14:32 . 2013-02-10 17:04 -------- d-----w- c:\users\Matthias\AppData\Local\Rich Media Suite 2013-02-10 14:32 . 2013-02-10 14:32 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-02-10 14:23 . 2013-02-10 14:23 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-16 12:44 . 2011-05-15 08:13 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-16 02:11 . 2010-07-07 10:14 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-11 10:50 . 2012-08-08 20:45 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-02-11 10:50 . 2010-05-22 19:52 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-01-04 04:43 . 2013-02-15 18:03 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-16 17:11 . 2012-12-26 18:40 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-26 18:40 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-26 18:40 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-26 18:40 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-09 17:00 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 17:00 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 17:00 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 17:00 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 17:00 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 17:00 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 17:00 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 17:00 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 17:00 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 17:00 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 17:00 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 17:00 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 17:00 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 17:00 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 17:00 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 17:00 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 17:00 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 17:00 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 17:00 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 17:00 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 17:00 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 17:00 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 17:00 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 17:00 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 17:00 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 17:00 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 17:00 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 17:00 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 17:00 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 17:00 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 17:00 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-07 10:46 . 2013-01-09 17:00 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-11-30 05:45 . 2013-01-09 16:56 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-09 16:56 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-09 16:56 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-09 16:56 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-09 16:56 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-09 16:56 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-09 16:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-09 16:56 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 16:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "RockMelt Update"="c:\users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2012-07-08 136336] "Facebook Update"="c:\users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664] "ooVoo.exe"="c:\program files (x86)\oovoo\oovoo.exe" [2013-02-06 28469312] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128] "EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112] "PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-22 181480] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704] "TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2011-10-10 273528] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-07 454160] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-07 454160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Socialbox.lnk - c:\program files (x86)\Socialbox\Socialbox.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] @="" . R2 0143331361315929mcinstcleanup;McAfee Application Installer Cleanup (0143331361315929);c:\windows\TEMP\014333~1.EXE [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 ALSysIO;ALSysIO;c:\users\Matthias\AppData\Local\Temp\ALSysIO64.sys [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 CEDRIVER60;CEDRIVER60;c:\program files (x86)\Cheat Engine 6.1\dbk64.sys [x] R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-01-08 87336] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-09-30 1431888] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264] R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216] R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-02 97208] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1255736] S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-10-19 74120] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-05 254528] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320] S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856] S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856] S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528] S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - mfeavfk01 . Inhoud van de 'Gedeelde Taken' map . 2013-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-16 12:44] . 2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job - c:\users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 17:52] . 2013-02-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job - c:\users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 17:52] . 2013-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job - c:\users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-08 17:04] . 2013-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job - c:\users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-08 17:04] . 2013-02-19 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job - c:\users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-08 16:37] . 2013-02-20 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job - c:\users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-07-08 16:37] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840] "mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.130 195.130.130.2 FF - ProfilePath - c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\iqzz7xza.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-02-10 15:33; {3DF4B26D-DB19-45DF-962A-6719D071245B}; c:\users\Matthias\AppData\Local\Rich Media Suite\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B} FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) Toolbar-Locked - (no file) Toolbar-10 - (no file) WebBrowser-{1E6CB372-78B1-41DC-B912-0D7A0DE050B7} - (no file) WebBrowser-{A8864317-E18B-4292-99D9-E6E65AB905D3} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe AddRemove-conduitEngine - c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3790545326-4199856892-471022500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-02-20 12:48:10 ComboFix-quarantined-files.txt 2013-02-20 11:48 . Pre-Run: 193.097.826.304 bytes beschikbaar Post-Run: 192.712.400.896 bytes beschikbaar . - - End Of File - - 24BAC8BEF0E0D2C5189B4D6EA784EE5D

Zoek.exe Version 4.0.0.1 Updated 18-02-2013 Tool run by Matthias on di 19/02/2013 at 19:53:00,61. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== 19/02/2013 19:54:47 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\PLFSetI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\ooVoo\ooVoo.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\PROGRA~1\McAfee\MSC\McAPExe.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe C:\Windows\system32\taskeng.exe C:\Users\Matthias\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Acer Arcade Deluxe Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Reader 9.5.3 MUI Adobe Shockwave Player 11.6 Amazonia Apple Application Support Apple Software Update ArcSoft ShowBiz DVD 2 Ask Toolbar Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Babylon toolbar on IE BabylonObjectInstaller Bing Bar BlackShot Chicken Invaders 2 Compatibiliteitspakket voor het 2007 Microsoft Office system Conduit Engine D3DX10 DAEMON Tools Lite Dairy Dash DivX Setup Dogz2 (remove only) Dream Day First Home DRIV3R Driver Detective eMindMaps eSobi v2 Facebook Video Calling 1.2.0.287 Farm Frenzy 2 Feedback Tool First Class Flurry FM Screen Capture Codec (Remove Only) Free Audio CD Burner version 1.4.7 Free YouTube to MP3 Converter version 3.10.15.1228 FrostWire 4.20.9 Google Chrome Granny In Paradise Heroes of Hellas HiJackThis Identity Card iLivid Java 7 Update 13 Java Auto Updater Java 6 Update 22 Java 6 Update 31 JavaFX 2.1.1 Launch Manager Living 3D Fireplace 2.0 Malwarebytes Anti-Malware versie 1.70.0.1100 McAfee Total Protection Merriam Websters Spell Jam Microsoft Office 2003 Web Components Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Language Pack 2007 - Dutch/Nederlands Microsoft Office Live Add-in 1.5 Microsoft Office O MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (Dutch) Microsoft Office Professional Editie 2003 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) Microsoft Office SharePoint Designer MUI (Dutch) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office X MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio 2005 Tools for Applications - ENU Microsoft Works Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 10.0.2 (x86 nl) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 ooVoo ooVoo toolbar, powered by Ask.com Updater OpenOffice.org 3.3 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RealUpgrade 1.1 Rich Media Player RockMelt Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Skype Click to Call SkypeT 6.1 SolidWorks 2011 x64 Edition SP02 SWF & FLV Toolbox 4.0 (build 4.0.479) SwiftKit swMSM TeamViewer 6 TuneUp 2.4.6.4 TuneUp Utilities Language Pack (nl-NL) Uncompressor Uninstall 1.0.0.1 Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB Audio/Video VC80CRTRedist - 8.0.50727.4053 Visual Studio 2008 x64 Redistributables Vuze Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinPcap 4.1.2 WinRAR ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== FireFox Fix ====================== Deleted from C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\iqzz7xza.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\iqzz7xza.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Internet Explorer: 9.0.8112.16421 Memory (RAM): 3002 MB CPU Info: Pentium® Dual-Core CPU T4400 @ 2.20GHz CPU Speed: 224.1 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) | Broadcom 802.11n Network Adapter CD / DVD Drives: 2x (D: | E: | ) D: Optiarc DVD RW AD-7580S | E: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 286.0GB Hard Disks - Free: C: 180.6GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 12/16/09 | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Aspire 7715Z Sun Java version: 1.7.0_13 Country: Belgi‰ Language: NLB ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-02-05 16:15:52 2945E52CDE2CCD7E320C317FA3B17AA9 392 ----a-w- C:\Windows\ODBC.INI ====== C:\Users\Matthias\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-02-16 12:24:34 6280A479148CAEAD59E17A0CC3789161 697712 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-02-16 02:01:59 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-02-16 02:01:58 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-02-16 02:01:57 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-02-16 02:01:55 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-02-16 02:01:54 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-02-16 02:01:53 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-02-16 02:01:53 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-02-16 02:01:53 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-02-16 02:01:51 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-02-16 02:01:50 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-02-16 02:01:48 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-02-16 02:01:48 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-02-16 02:01:47 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-02-16 02:01:45 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-02-16 02:01:44 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-02-16 02:01:39 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-02-15 18:04:58 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-02-15 18:04:57 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-02-15 18:03:52 4F0C624E8E2BE4A8DB0820337B15395D 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-15 18:03:51 79FCCC6662CA3DB6E6D2F1FCF3060FB5 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-15 18:03:50 E7A4DE9232E097829F62755BC0ABE0F2 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-15 18:03:50 61386FEAEFAD1AF971578602130A22B6 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-15 18:03:43 990702DB35E3698AFB298D8743DACF53 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-02-11 10:51:07 F78A65AADC6590943371DC606D1746A6 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-02-16 02:02:00 C126E94D887482CC3EB84180D4DFE84B 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-02-16 02:01:58 318551170D0A525969769B224FD07EA7 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-02-16 02:01:55 9907747D39B37958180B4BCD756D3C47 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-02-16 02:01:54 D43FF47399D0972B3D514378EC914272 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-02-16 02:01:53 FC94371FCE85F391F976F2BB560367CF 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-02-16 02:01:53 87BEA2616EFDEC6A1CB3BFCFB09D816A 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-02-16 02:01:52 5A4BC13F8C53017C9147B448870562CD 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-02-16 02:01:51 F3500B8809AC8642AF9C51B80B1C946C 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-02-16 02:01:51 91C25CA815433AA0672F7D722C3BF796 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-02-16 02:01:49 435E9C764E1EF70058580996452BE6A2 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-02-16 02:01:48 C2E1CA7848D834ADD708BB79FA05B6D2 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-02-16 02:01:48 BD69A0116B11A91761AB30A25DCB4C9D 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-02-16 02:01:48 47C1C7D580E39CB1401FD9209CD413BC 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-02-16 02:01:47 F431C3C86FCCC1C53814F043A6CAD825 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-02-16 02:01:41 14DEB733ACB08A71CC0783ED02FF1F8D 17812992 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-02-16 02:01:40 35126DDDE8241C4C4A5F15F6CDDF4434 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-02-15 18:04:59 6B0D9CF92C08D42533C12FC1A0B5403F 5553512 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-02-15 18:04:25 59E21156113E438D1D91AF4FC0C3B19F 3153408 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-02-15 18:03:56 0C27239FEA4DB8A2AAC9E502186B7264 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll ====== C:\Windows\Sysnative\drivers ===== 2013-02-17 20:37:11 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-02-15 18:03:13 B62A953F2BF3922C8764A29C34A22899 1913192 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-02-15 18:03:11 41C67E4205C606A103DEC8651D0B6FE6 288088 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS ====== C:\Windows\Tasks ====== 2013-02-16 12:24:46 9BBD447C5A69BDCBCFE9184BF2E35EA8 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-15 17:58:39 -------- d-----w- C:\Program Files\Speccy ======= C:\Program Files (x86) ===== 2013-02-10 14:23:09 -------- d-----w- C:\Program Files (x86)\Common Files\Skype ======= C: ===== ====== C:\Users\Matthias\AppData\Roaming ====== 2013-02-19 16:24:38 -------- d-----w- C:\users\Matthias\AppData\Local\Temp 2013-02-16 12:04:01 -------- d-----w- C:\users\Matthias\AppData\Local\Programs 2013-02-11 13:43:54 -------- d-----w- C:\users\Matthias\AppData\Roaming\WinDbg 2013-02-10 17:04:31 -------- d-----w- C:\users\Matthias\AppData\Roaming\Radiocom 2013-02-10 16:14:01 -------- d-----w- C:\users\Matthias\AppData\Roaming\vlc 2013-02-10 14:32:16 -------- d-----w- C:\users\Matthias\AppData\Local\Rich Media Suite 2013-02-02 14:12:12 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\users\Matthias\AppData\Local\Resmon.ResmonCfg ====== C:\Users\Matthias ====== 2013-02-11 10:52:27 9066AA5072F08BD9C02BC181524F9C36 40 ----a-w- C:\Users\Matthias\jagex_cl_runescape_LIVE.dat 2013-02-10 16:13:21 -------- d-----w- C:\Users\Matthias\RichMedia 2013-02-10 14:32:23 -------- d-----w- C:\ProgramData\TuneUp Software 2013-02-10 14:32:14 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} ====== C: exe-files == 2013-02-19 17:04:38 E992AB0C0790A30859AB75E3D602D211 105664 ----a-w- C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\MSIExecWatcher.exe 2013-02-17 20:36:17 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Matthias\Downloads\mbam-setup-1.70.0.1100 (2).exe 2013-02-17 20:35:42 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Matthias\Downloads\mbam-setup-1.70.0.1100 (1).exe 2013-02-16 12:03:47 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Matthias\Downloads\mbam-setup-1.70.0.1100.exe 2013-02-16 11:52:42 BDFC48A2D947651B721745837E864D17 4318112 ----a-w- C:\Users\Matthias\Downloads\sysrc_trial_9407.exe 2013-02-16 02:01:53 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-02-16 02:01:53 0100BCF23941C83462E4A70F94C3392E 763424 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-02-15 17:55:12 C05B05479461EE3AD2A309C3BE9A4937 4812216 ----a-w- C:\Users\Matthias\Downloads\spsetup120.exe === C: other files == 2013-02-19 18:54:59 86E44F84A7903EA6E7734466322D4CB8 716 ----a-w- C:\Users\Matthias\AppData\Local\Temp\test9.bat 2013-02-19 17:04:39 0FA0ECADDE6178F1EFDB36BF3D2208FD 4739776 ----a-w- C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll 2013-02-19 17:04:30 4EC63663356575DE6887D2344F0D9B7F 119952 ----a-w- C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\McChPlg.dll 2013-02-19 17:04:29 3B4C99625A83D166BA6C5F85486F1FA6 93984 ----a-w- C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim\1.0.0_0\PluginRichmediaplayer.dll 2013-02-16 02:05:12 E763D28DB5DC62EB38527B6F68926A68 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-16 02:05:12 E74C018279BB3FB2596AA4CEEA97EC0C 768000 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll 2013-02-16 02:01:58 ED17AE04E19B5C779703EA35B2F607C0 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2013-02-16 02:01:58 0F4871B3BF0E48664A24D2717F2117A0 149528 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2013-02-16 02:01:57 76497D5AF6F682371DD1D5E18F37352F 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2013-02-16 02:01:56 F7BC1D90C3A976A5259BD1A5D7D43038 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll 2013-02-16 02:01:51 7F73235D527DCF16C38578CD1CD9F7A8 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll 2013-02-16 02:01:50 66E4246FEF8C364611F9782AA0809F42 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll 2013-02-16 02:01:45 EE53ACBBE021BD598230E0FDA8313CB7 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2013-02-16 02:01:45 C2AD78FF88FEC9663B0227A72E65F0C3 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll 2013-02-16 02:01:45 9B70C6CF83DBF5C56E82B7C30F1E300F 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2013-02-16 02:01:45 2E22305A88AD0F37434C896F5A4746F8 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 2013-02-15 18:03:53 BFC68382466436FAE8B7A27966FB98CB 44032 ----a-w- C:\Windows\AppPatch\acwow64.dll 2013-02-15 18:00:00 7114070D9BDA5901B692D896A001EC95 12638576 ----a-w- C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3790545326-4199856892-471022500-1000\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe /background" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun" "Google Update"="C:\Users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe /c" "RockMelt Update"="C:\Users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c" "Facebook Update"="C:\Users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "ooVoo.exe"="C:\program files (x86)\oovoo\oovoo.exe /minimized" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "TkBellExe"="C:\Program Files (x86)\real\realplayer\update\realsched.exe -osboot" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe /background" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun" "Google Update"="C:\Users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe /c" "RockMelt Update"="C:\Users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c" "Facebook Update"="C:\Users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "ooVoo.exe"="C:\program files (x86)\oovoo\oovoo.exe /minimized" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2011-03-05 21:14:19 1239 ----a-w- C:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk 2011-10-17 16:57:02 993 ----a-w- C:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Socialbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/02/2013 13:44] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job --a------ C:\Users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 18:52] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job --a------ C:\Users\Matthias\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 18:52] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job --a------ C:\Users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe [08/12/2011 18:04] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job --a------ C:\Users\Matthias\AppData\Local\Google\Update\GoogleUpdate.exe [08/12/2011 18:04] C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000Core.job --a------ C:\Users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [08/07/2012 17:37] C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3790545326-4199856892-471022500-1000UA.job --a------ C:\Users\Matthias\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [08/07/2012 17:37] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\iqzz7xza.default - PHPNukeDU Community Toolbar - %ProfilePath%\extensions\{46735dee-f862-49d1-876d-6382794dc625} - DVDVideoSoftTB Community Toolbar - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - RuneScape Community Toolbar - %ProfilePath%\extensions\{a8864317-e18b-4292-99d9-e6e65ab905d3} - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\iqzz7xza.default A74B2B17FCE088C437312F9E1F6E0324 - C:\Users\Matthias\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll - RockMelt Update 2616B4D6D04F18C579B7861F02B0B592 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.130.20 8FE7BA502945BE735D09D5703BD76FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Matthias\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 2134E14DFB56952F548487898AE63A89 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FFBC753853D0DC6FAE5494864553C833 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit) 405C0112D5A83D06D1278DF1A76488B3 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit) 09B4E13D25623D879D35286E2D29FF13 - C:\Users\Matthias\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 99F97C9FE748C37528C338A423577FCB - C:\Users\Matthias\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04/12/2012 10:47] fkcdbkhjcaljlfolhllfneigeepmjfim - C:\Users\Matthias\AppData\Local\Rich Media Suite\BrowserExtensions\Chrome\playerextension.crx[15/01/2013 11:35] jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[10/10/2011 15:54] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 10:30] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[23/05/2011 19:24] SiteAdvisor - Matthias - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Rich Media Player extension - Matthias - Default\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim RealPlayer HTML5Video Downloader Extension - Matthias - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [ change_sink.js contentscript.js document_iterator.js find_proxy.js get_html_text.js global_constants.js menu_injection_builder.js menu_injection_handler.js name_injection_builder.js number_injection_builder.js string_finder.js flags.gif numbers_common_active_icon_set.gif numbers_common_inactive_icon_set.gif numbers_free_icon_set.gif skype_name_icon_set.gif space.gif call_icon.png dropdown_menu_icon_set.png numbers_button_skype_logo.png skype.png ] - Matthias - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl DivX Plus Web Player HTML5 \u003Cvideo\u003E - Matthias - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bing Url="http://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=021013&q={searchTerms}&src=IE-SearchBox" {55BBC511-8C3E-4AC9-9B38-07CE375EF7C5} Netlog (NL) Url="http://nl.netlog.com/opensearch/view=search&q={searchTerms}" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlBE380" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Mcx1-MATTHIAS-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0HPHAC0 will be deleted at reboot C:\Users\Matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Matthias\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0HPHAC0" not found "C:\users\Matthias\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ELFNZFGD\home.mcafee.com" not found Eindelijk, hoop dat je er iets mee bent om me op goede weg te helpen

Nu is hij opgestart, maar wanneer ik ergens wil op klikken dan gaat deze vele malen open. kan alles afsluiten, maar de pagina's blijven steeds open komen

Ik heb er de adapter en batterij uitgehaald en teruggestoken. Start terug op en wacht af.

Ik versta het allemaal niet goed meer. zeker een dertigtal het winrar progje dat geopend staat en kan niks afsluiten. zonder al de rest. ook krijg ik de melding van " Er is een uitzondering opgetrede (unknow software exeption). (0x8000003) in toepassing van lokatie 0x642323cc. Heb ook geen andere taken uitgevoerd tijdens het draaien van uw raadgeving