Maerschalck

Ik heb de computer zeker herstart voor de scan en inderdaad, vind het allemaal nogal vreemd. PC loopt trouwens terug normaal naar mijn gevoel. Hierbij de printscreen:

Ik zie niet direct hoe ik een logje moet maken via spyhunter dus heb even printscreens genomen:

Het gaat terug veel beter met de pc. Nu heb ik als test spyhunter nog eens laten draaien en vreemd genoeg vindt die nog wel vanalles...

Zoek.exe Version 4.0.0.2 Updated 06-May-2013 Tool run by USER on do 09-05-2013 at 19:26:26,34. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Older Logs ====================== C:\zoek-results08-05-2013-1845.log 31951 bytes ==== Deleting Files \ Folders ====================== "C:\users\USER\AppData\Roaming\mixidj" deleted "C:\users\USER\AppData\Roaming\.oit" deleted ==== Registry Exports ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer Empowering Technology Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acer Empowering Technology Monitor" "hkey"="HKLM" "command"="C:\\Windows\\system32\\SysMonitor.exe" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:00000037 "SECOND"=dword:0000001b [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleSyncNotifier] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AppleSyncNotifier" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleSyncNotifier.exe" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATICCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATICCC" "hkey"="HKLM" "command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ccApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ccApp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eDataSecurity Loader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="eDataSecurity Loader" "hkey"="HKLM" "command"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes Anti-Malware (reboot)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes Anti-Malware (reboot)" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaMServer" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaOviSuite2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaOviSuite2" "hkey"="HKCU" "command"="C:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\osCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="osCheck" "hkey"="HKLM" "command"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\"" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="RtHDVCpl.exe" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shockwave Updater] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Shockwave Updater" "hkey"="HKCU" "command"="C:\\Windows\\System32\\Adobe\\SHOCKW~1\\SWHELP~2.EXE -Update -1100465 -\"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Maxthon; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)\" -\"http://cc.porsche.com/icc_euro/ui/pva/application/bpModules/interior_3D.jsp?pluginsInstalled=true&RT=1250973034216\"" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "inimapping"="0" "YEAR"=dword:000007d9 "MONTH"=dword:00000002 "DAY"=dword:00000009 "HOUR"=dword:00000014 "MINUTE"=dword:00000015 "SECOND"=dword:0000003b [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WarReg_PopUp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WarReg_PopUp" "hkey"="HKLM" "command"="C:\\Acer\\WR_PopUp\\WarReg_PopUp.exe" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Winamp\\wianmpa.exe" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WMPNSCFG" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" "inimapping"="0" "YEAR"=dword:000007db "MONTH"=dword:00000006 "DAY"=dword:00000018 "HOUR"=dword:0000000d "MINUTE"=dword:00000022 "SECOND"=dword:00000012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\?????????] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="?????????" "hkey"="HKCU" "command"="??????????????e" "inimapping"="0" "YEAR"=dword:000007d8 "MONTH"=dword:00000003 "DAY"=dword:0000000b "HOUR"=dword:00000012 "MINUTE"=dword:0000002b "SECOND"=dword:00000029

Zoek.exe Version 4.0.0.2 Updated 06-May-2013 Tool run by USER on wo 08-05-2013 at 18:18:42,95. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Belgacom\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\Rest\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\taskeng.exe ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 32 Bit HP CIO Components Installer AAC Decoder Acer eDataSecurity Management Acer Empowering Technology Acer ePerformance Management Acer Picture Slide DVD Acer Plug and Record Acer ScreenSaver Acer Tour Acer Zone MagicDirector Acer Zone Main Page Acer Zone MakeDisk Acer Zone SoftDMA Ad-Aware 2007 Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Help Center 1.0 Adobe Photoshop CS Adobe Photoshop CS2 Adobe Reader 7.0 Adobe Shockwave Player 11 Adobe Stock Photos 1.0 Apple Application Support Apple Mobile Device Support Apple Software Update Applian FLV Player ATI Catalyst Control Center Ex ATI Catalyst Install Manager AutoUpdate aXbo research 2.0.18 aXbo USB Driver (Driver Removal) Basissoftware voor HP Deskjet 3070 B611 series Belgacom Genius BenVista PhotoZoom Pro 2.3.4 BenVista PhotoZoom Pro 3.1 BenVista PhotoZoom Pro 4.1.2 Bonjour BufferChm CCleaner CustomerResearchQFolder Destinations DeviceManagementQFolder DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Plus Web Player DivX Version Checker Emsisoft Anti-Malware eSupportQFolder Firebird SQL Server - MAGIX Edition Freez FLV to AVI/MPEG/WMV Converter Google Chrome Google Earth Plug-in Google SketchUp 7 Google Update Helper H.264 Decoder HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 8.0 HP Deskjet 3070 B611 series Haelp HP Imaging Device Functions 8.0 HP Photosmart Appliance Printer Driver Software 8.0.D HP Photosmart Essential HP Product Assistant HP Product Detection HP Solution Center 8.0 HP Update HPProductAssistant HPSSupply iCloud iTunes Java 7 Update 21 Java Auto Updater Junk Mail filter update LightScribe 1.4.124.1 MAGIX Music Maker 17 Download-versie MAGIX Screenshare MAGIX Speed burnR (MSI) Malwarebytes Anti-Malware versie 1.75.0.1300 Manage Registry ActiveX Control DEMO 2.1 (Build 2.1.2.221) MarketResearch Maxthon Browser (remove only) Maxthon2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2000 Premium Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MixiDJ chrome Toolbar MKV Splitter MobileMe Control Panel MSVC80_x86_v2 MSVC90_x86 MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Native Instruments Traktor DJ Studio 3 Demo Nokia Connectivity Cable Driver Nokia Ovi Suite Nokia Ovi Suite Software Updater NTI Backup NOW 4.7 NTI CD & DVD-Maker Octoshape add-in for Adobe Flash Player OpenOffice.org Installer 1.0 Ovi Desktop Sync Engine OviMPlatform Patience 1.01 PC Connectivity Solution Picasa 3 PPTX Viewer 2.0 QuickTime Realtek High Definition Audio Driver RegTool Roll Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) SelectionLinks SF_CDD_Software Shockwave Director 11.0 Skype Click to Call SkypeT 6.0 SolutionCenter SoulSeek Client 156b Spybot - Search & Destroy SpyHunter Status Sweet Home 3D Text-To-Speech-Runtime TomTom HOME 2.7.6.2056 TomTom HOME Visual Studio Merge Modules Toolbox TrayApp TubeHunter Ultra Uninstall 1.0.0.1 UnloadSupport Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VC80CRTRedist - 8.0.50727.4053 Virtual DJ Home - Atomix Productions Virtual Earth 3D (Beta) VirtualDJ Home FREE VLC media player 1.0.1 WebReg WinAce Archiver Winamp Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Media Player Firefox Plugin xrecode II 1.0.0.58 ==== FireFox Fix ====================== ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default ---- Lines mixidj removed from prefs.js ---- ---- Lines mixidj modified from prefs.js ---- ---- Lines mixidj removed from user.js ---- user_pref("extensions.mixidj.tlbrSrchUrl", ""); user_pref("extensions.mixidj.id", "5418a96000000000000000064f4dde34"); user_pref("extensions.mixidj.appId", "{A2773ED4-83BD-488A-A186-73590706C916}"); user_pref("extensions.mixidj.instlDay", "15831"); user_pref("extensions.mixidj.vrsn", "1.8.18.8"); user_pref("extensions.mixidj.vrsni", "1.8.18.8"); user_pref("extensions.mixidj.vrsnTs", "1.8.18.80:03:26"); user_pref("extensions.mixidj.prtnrId", "mixidj"); user_pref("extensions.mixidj.prdct", "mixidj"); user_pref("extensions.mixidj.aflt", "babsst"); user_pref("extensions.mixidj.smplGrp", "none"); user_pref("extensions.mixidj.tlbrId", "mdelta"); user_pref("extensions.mixidj.instlRef", "sst"); user_pref("extensions.mixidj.dfltLng", "en"); user_pref("extensions.mixidj.excTlbr", false); user_pref("extensions.mixidj.ffxUnstlRst", false); user_pref("extensions.mixidj.admin", false); user_pref("extensions.mixidj.autoRvrt", "false"); user_pref("extensions.mixidj.rvrt", "false"); user_pref("extensions.mixidj.newTab", false); ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.defaultenginename", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); user_pref("browser.search.selectedEngine", "Ask.com"); ---- Lines ask.com modified from prefs.js ---- ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", ""); ---- Lines asktb modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- user_08-05-2013_1828_.backup prefs_08-05-2013_1828_.backup ==== Deleting Files \ Folders ====================== "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\searchplugins\mixidj.xml" deleted "C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted "C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\searchplugins\askcom.xml" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\searchplugins\search.xml" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\bProtector_extensions.rdf" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\bProtector_prefs.js" deleted "C:\Users\USER\AppData\Roaming\lowsec\local.ds" deleted "C:\Users\USER\AppData\Roaming\lowsec\user.ds" deleted "C:\Users\USER\AppData\Roaming\lowsec" deleted "C:\Users\USER\AppData\Roaming\BabSolution" deleted "C:\Users\USER\AppData\Roaming\Babylon" deleted "C:\Users\USER\AppData\Roaming\DefaultTab" deleted "C:\ProgramData\BrowserProtect" deleted "C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect" deleted "C:\Users\USER\AppData\Local\APN" deleted "C:\Users\USER\AppData\LocalLow\AskToolbar" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\extensions\ffxtlbr@mixidj.com" deleted "C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default\extensions\toolbar@ask.com" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-05-07 17:29:34 8CF2B639F0324328B9902120198FF4AA 97 ----a-w- C:\Windows\DeleteOnReboot.bat ====== C:\Users\USER\AppData\Local\Temp ==== 2013-05-06 22:24:21 E16162E348C6636AB65DFD72AC9E718C 44813392 ----a-w- C:\Users\USER\AppData\Local\Temp\SHSetup.exe ====== C:\Windows\system32 ===== 2013-05-06 22:04:08 6653C22907B7D8732218CFD918030616 2942 ----a-w- C:\Windows\System32\FoxPowerPointVUninstall.ini ====== C:\Windows\system32\drivers ===== 2013-04-10 15:56:51 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-05-06 22:27:04 -------- d-----w- C:\Program Files\Enigma Software Group 2013-05-06 22:04:06 -------- d-----w- C:\Program Files\FoxPDF Software Inc ======= C: ===== 2013-05-07 17:29:13 7C431F398D1EB41E4FC55671491B703C 15066 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\USER\AppData\Roaming ====== 2013-05-06 22:27:28 -------- d-----w- C:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2013-05-06 22:04:31 -------- d-----w- C:\users\USER\AppData\Roaming\.oit 2013-05-06 22:03:23 -------- d-----w- C:\users\USER\AppData\Roaming\mixidj ====== C:\Users\USER ====== ====== C: exe-files == 2013-05-07 17:27:22 A95866BA166A09E360BB88DA72D4531D 628743 ----a-w- C:\Users\USER\Rest\Desktop\adwcleaner.exe 2013-05-06 22:27:31 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconF7A21AF7.exe 2013-05-06 22:27:31 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconD7F16134.exe 2013-05-06 22:27:31 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\USER\AppData\Roaming\Microsoft\Installer\{D8167CA8-236B-4334-B77D-F388F494EE18}\IconCF33A0CE.exe 2013-05-06 22:24:21 E16162E348C6636AB65DFD72AC9E718C 44813392 ----a-w- C:\Users\USER\AppData\Local\temp\SHSetup.exe 2013-05-06 22:24:13 0D3336F628629B813C3905EA514A7C78 726464 ----a-w- C:\Users\USER\Documents\Downloads\SpyHunter-Installer.exe 2013-05-06 22:03:00 6B1F117251768D9E0B3B24870178600F 11786751 ----a-w- C:\Users\USER\Downloads\PPTXViewer.exe 2013-05-06 22:01:56 D39160AB60A14E420EBDA3C478FDF381 584600 ----a-w- C:\Users\USER\Documents\Downloads\cbsidlm-tr1_13-PPTX_Viewer-ORG-75788920.exe === C: other files == 2013-05-08 15:48:02 896BD6B5ACA35418C9E0516A0AD5DE96 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1166787086-2058581557-67695525-1000\$I6M5JYD.bat 2013-05-07 17:29:34 8CF2B639F0324328B9902120198FF4AA 97 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-05-07 17:26:15 DC38E53F1E0E9EB867EF23932B295418 418 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1166787086-2058581557-67695525-1000\$R6M5JYD.bat 2013-05-06 22:27:47 E0E7672DBE3AF879971DAA6F1ECA6333 6320000 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1166787086-2058581557-67695525-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe /c" "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN1BS672Q105MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe /P Belgacom" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "emsisoft anti-malware"="c:\program files\emsisoft anti-malware\a2guard.exe /d=60" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe /c" "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN1BS672Q105MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" "MobileDocuments"="C:\Program Files\Common Files\Apple\Internet Services\ubd.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer Empowering Technology Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acer Empowering Technology Monitor" "hkey"="HKLM" "command"="C:\\Windows\\system32\\SysMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleSyncNotifier] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AppleSyncNotifier" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleSyncNotifier.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATICCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATICCC" "hkey"="HKLM" "command"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ccApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ccApp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eDataSecurity Loader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="eDataSecurity Loader" "hkey"="HKLM" "command"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes Anti-Malware (reboot)] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes Anti-Malware (reboot)" "hkey"="HKLM" "command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe\" /runcleanupscript" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaMServer" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaOviSuite2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaOviSuite2" "hkey"="HKCU" "command"="C:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\osCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="osCheck" "hkey"="HKLM" "command"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="RtHDVCpl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shockwave Updater] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Shockwave Updater" "hkey"="HKCU" "command"="C:\\Windows\\System32\\Adobe\\SHOCKW~1\\SWHELP~2.EXE -Update -1100465 -\"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Maxthon; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)\" -\"http://cc.porsche.com/icc_euro/ui/pva/application/bpModules/interior_3D.jsp?pluginsInstalled=true&RT=1250973034216\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sidebar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TkBellExe" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WarReg_PopUp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WarReg_PopUp" "hkey"="HKLM" "command"="C:\\Acer\\WR_PopUp\\WarReg_PopUp.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Winamp\\wianmpa.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WMPNSCFG" "hkey"="HKCU" "command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\?????????] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="?????????" "hkey"="HKCU" "command"="??????????????e" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] "item"="Adobe Gamma Loader" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk" "backup"="C:\\Windows\\pss\\Adobe Gamma Loader.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "item"="Adobe Reader Speed Launch" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk" "backup"="C:\\Windows\\pss\\Adobe Reader Speed Launch.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Empowering Technology Launcher.lnk" "backup"="C:\\Windows\\pss\\Empowering Technology Launcher.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Acer\\EMPOWE~1\\EAPLAU~1.EXE 9999" "item"="Empowering Technology Launcher" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe" ==== Startup Folders ====================== 2008-04-12 17:37:46 1174 ----a-w- C:\users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk 2007-06-04 18:25:43 1879 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22-04-2013 18:06] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-06-2010 17:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-06-2010 17:28] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1166787086-2058581557-67695525-1000Core.job --a------ C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [02-09-2008 23:11] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1166787086-2058581557-67695525-1000UA.job --a------ C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [02-09-2008 23:11] C:\Windows\tasks\Registry Reviver-USER-Startup.job --a------ C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\b98vn5oq.default - Undetermined - C:\Program Files\Mozilla Firefox\extensions\divx@partners.mozilla.com - Undetermined - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org - Undetermined - %ProfilePath%\extensions\staged-xpis - Undetermined - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - DVDVideoSoft Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} AppDir: C:\Program Files\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions kgbadnenegkkgdlldhllpgekejcjnjhl - C:\Program Files\OApps\chrome-sl.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-10-2012 13:14] AdBlock - USER - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - USER - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "SearchMigratedDefaultURL"="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.intl.acer.yahoo.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "SearchMigratedDefaultURL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C57A9992-5271-4150-96A4-00974EC19544} Yahoo//search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kgbadnenegkkgdlldhllpgekejcjnjhl deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\USER\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\USER\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\USER\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

# AdwCleaner v2.300 - Verslag gemaakt op 07/05/2013 om 19:29:13 # Geactualiseerd op 28/04/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : USER - PC_VAN_USER # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\USER\Rest\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Program Files\Ask.com Map Verwijdert : C:\Program Files\DefaultTab Map Verwijdert : C:\Program Files\mixidj Map Verwijdert : C:\Program Files\OApps Map Verwijdert : C:\Program Files\Winamp Toolbar Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Winamp Toolbar Map Verwijdert : C:\Windows\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} Map Verwijdert : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Verwijdert bij het opstarten : C:\ProgramData\BrowserProtect ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\5e2dfd1e535ea41 Sleutel Verwijdert : HKCU\Software\APN Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\AskToolbar Sleutel Verwijdert : HKCU\Software\Ask.com Sleutel Verwijdert : HKCU\Software\BabylonToolbar Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\Default Tab Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Sleutel Verwijdert : HKCU\Software\mixidj Sleutel Verwijdert : HKCU\Software\Winamp Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\5e2dfd1e535ea41 Sleutel Verwijdert : HKLM\Software\APN Sleutel Verwijdert : HKLM\Software\AskToolbar Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.Downloader Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper Sleutel Verwijdert : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\Default Tab Sleutel Verwijdert : HKLM\Software\DefaultTab Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20} Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar Sleutel Verwijdert : HKLM\Software\mixidj Sleutel Verwijdert : HKLM\SOFTWARE\Software Sleutel Verwijdert : HKLM\Software\Winamp Toolbar Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] ***** [browsers] ***** -\\ Internet Explorer v7.0.6002.18005 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://mixidj.delta-search.com/?affID=121136&tt=gc_&babsrc=NT_ss&mntrId=541800064F4DDE34 --> hxxp://www.google.com -\\ Mozilla Firefox v [Onmogelijk de versie te verkrijgen] -\\ Google Chrome v26.0.1410.64 ************************* AdwCleaner[s1].txt - [14935 octets] - [07/05/2013 19:29:13] ########## EOF - C:\AdwCleaner[s1].txt - [14996 octets] ########## Mappen verwijderen "C:\ProgramData\BrowserProtect" Bestand niet verwijderd "C:\Program Files\Ask.com" Bestand niet verwijderd "C:\Users\USER\Desktop\Virus Removal Tool" Niet gevonden Bij de commando's in het opdrachtprompt kreeg ik volgende melding bij sc Stop DefaultTabSearch: controlservice mislukt 1062: de service is niet gestart

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:46:31, on 7-5-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Belgacom\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Emsisoft Anti-Malware\a2guard.exe C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mixi Dj Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files\mixidj\mixidj\1.8.18.8\bh\mixidj.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files\OApps\SelectionLinks.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60 O4 - HKCU\..\Run: [Google Update] "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BS672Q105MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: is-9QKVN.lnk = C:\Users\USER\Desktop\Virus Removal Tool\is-9QKVN\startup.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx2.mail.live.com/mail/w1/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1366051909724 O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://www.adobe.com/products/acrobat/nos/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\261249~1.132\{c16c1~1\browse~1.dll O23 - Service: Emsisoft Anti-Malware 7.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 10402 bytes

Hallo, Mijn pc is geïnfecteerd door malware. Malwarebytes vindt niks, maar ik vertrouwde het zaakje dus niet, daarom heb ik een dubbelcheck gedaan met SpyHunter. Deze vind dus wel vanalles... Probleem is dat ik (nog?) met de gratis versie werk (programma kost 30€) en daarmee kan je dus niks verwijderen. Wat raden jullie aan? (buiten spyhunter aanschaffen xD) Mvg

Allereerst: bedankt gasten voor de input, Ik ben duidelijk op een forum beland waar men de voorkeur geeft aan zelf samenstellen i.p.v. een bepaald merk/model te kopen. xD Nu moet ik bekennen dat zo'n Dell Inspiron Zino in mijn hoofd blijft zitten. Het ding is supercompact, heeft mooie specificaties (voor zover mijn kennis reikt uiteraard), is niet overdreven duur en blijkbaar zou een HTPC in regel best stil zijn. Bovendien blijkt het modelletje net een update gekregen te hebben: link specificaties: link Voor we verder gaan, wat is jullie mening hieromtrent?

Ik kreeg ook van iemand het advies eens te kijken naar de business reeksen van grote merken. bv: Dell Optiplex, Lenove ThinkCentre,...

Als ik zo eens rondkijk, heb ik de indruk dat het nog kleiner kan. Als je kijkt wat Dell bijvoorbeeld in die Inspiron Zino weet te proppen... Dat is pas compact! Ik ben die lompe kast echt beu! Toch dank ik je al op voorhand voor je hulp

Als dat te doen is voor een leek, wil ik die Windows 7 nog zelf installeren ja. De afmetingen hierboven zijn de afmetingen van mijn huidge kast. Het zou toch liefst compacter moeten zijn. ---------- Post toegevoegd om 22:03 ---------- Vorige post was om 22:02 ---------- Nee dat hoeft niet.

Beste kenners, graag jullie hulp, de nood aan een nieuwe pc dringt zich op. De huidige is meer dan 3 jaar oud en ik ben hem echt beu. Maakt veel lawaai (altijd al gehad), loopt regelmatig vast, is onhandig groot, enz… Specs van het huidig systeem : Acer T671 Intel Pentium D (dualcore) 2 GB RAM 320 GB HD kloksnelheid 3000 MHz Profiel : Internet, Office, veel muziek (maar geen zware toepassingen) af en toe filmpje. Geen games. Wat ik zoek in het volgende systeem : - wegens beperkte ruimte: compact ! (maar hoeft geen laptop te zijn) - liefst geen Mac - snelhheid - stilte ! (dus geen apparaat met overijverige blowers, temperatuur?) - grote harde schijf is minder belangrijk - stabiliteit - moet weer een paar jaar meegaan - Windows 7 - all in one ? Zelf samenstellen? Nee, daar ga ik niet aan beginnen. (te weinig kennis, te veel rompslomp…) Ik heb me niet echt vastgepind op een bepaald budget maar geen extreem dure zaken en ik wil liefst waar voor m’n centjes. Samengevat: PC voor alledaags gebruik. Geen games. Compact, stil, stabiel en performant. Laat maar eens wat horen.