22 find tapak portal verwijderen.

[signorita]

Hoi ,graag zou ik hulp willen ontvangen om van 22 find portal af te komen. b.v.d.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:42:28, on 23-2-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IE New Window Maximizer\iemaximizer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Compaq\Downloads\HijackThis.exe

C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: 216.239.32.20 www.google.ae # bck9

O1 - Hosts: 216.239.32.20 www.google.at # bck9

O1 - Hosts: 216.239.32.20 www.google.be # bck9

O1 - Hosts: 216.239.32.20 www.google.ca # bck9

O1 - Hosts: 216.239.32.20 www.google.ch # bck9

O1 - Hosts: 216.239.32.20 www.google.cl # bck9

O1 - Hosts: 216.239.32.20 www.google.co.il # bck9

O1 - Hosts: 216.239.32.20 www.google.co.in # bck9

O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9

O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9

O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9

O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9

O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9

O1 - Hosts: 216.239.32.20 www.google.co.za # bck9

O1 - Hosts: 216.239.32.20 www.google.com # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9

O1 - Hosts: 216.239.32.20 www.google.com.au # bck9

O1 - Hosts: 216.239.32.20 www.google.com.br # bck9

O1 - Hosts: 216.239.32.20 www.google.com.co # bck9

O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9

O1 - Hosts: 216.239.32.20 www.google.com.my # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9

O1 - Hosts: 216.239.32.20 www.google.de # bck9

O1 - Hosts: 216.239.32.20 www.google.dk # bck9

O1 - Hosts: 216.239.32.20 www.google.es # bck9

O1 - Hosts: 216.239.32.20 www.google.fi # bck9

O1 - Hosts: 216.239.32.20 www.google.fr # bck9

O1 - Hosts: 216.239.32.20 www.google.it # bck9

O1 - Hosts: 216.239.32.20 www.google.lt # bck9

O1 - Hosts: 216.239.32.20 www.google.lv # bck9

O1 - Hosts: 216.239.32.20 www.google.nl # bck9

O1 - Hosts: 216.239.32.20 www.google.pl # bck9

O1 - Hosts: 216.239.32.20 www.google.pt # bck9

O1 - Hosts: 216.239.32.20 www.google.ro # bck9

O1 - Hosts: 216.239.32.20 www.google.ru # bck9

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SaveAs - {2734CCBA-7B7A-5CE4-2D29-083C0BBC3071} - C:\ProgramData\SaveAs\50c4d902be092.ocx

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"

O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"

O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: IB Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 15633 bytes

[Jion]

Hoi Signorita,

welkom op PCH.

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Neem in afwachting van de analyse van je logje deze (klik er op) Welkom Gids eens door, dan ben je helemaal "mee"...

[juisterr]

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Standaard Search
    
  • Auto Clean
    
  • Running processes
    
  • Empty All Temp
    
  • Recently Created
    
  • IE Defaults
    
  • Reset Hosts
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[signorita]

oek.exe Version 4.0.0.1 Updated 18-02-2013

Tool run by Compaq on za 23-02-2013 at 17:12:41,35.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

C:\Program Files\BlueStacks\HD-LogRotatorService.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\lxdicoms.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Windows\system32\IoctlSvc.exe

C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files\SMINST\BLService.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\BlueStacks\HD-Service.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Program Files\BlueStacks\HD-Network.exe

C:\Program Files\BlueStacks\HD-BlockDevice.exe

C:\Program Files\BlueStacks\HD-SharedFolder.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\conime.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IE New Window Maximizer\iemaximizer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Compaq\Downloads\zoek.exe

==== Creating Sample_23-02-2013_1720.zip ======================

Process iexplore.exe killed

Copied file C:\Users\Compaq\AppData\Roaming\Avisynth.exe to sample

Copied file C:\Users\Compaq\AppData\Roaming\AvsP.exe to sample

Copied file C:\Users\Compaq\AppData\Roaming\MatroskaSplitter.exe to sample

Copied file C:\Users\Compaq\AppData\Roaming\SetupGFD.exe to sample

sample\Avisynth.exe renamed to 13FDDF73E5A59A2203A38C3C6B41635A

sample\AvsP.exe renamed to 93F22100B7A98769A1976CA520FC8B05

sample\MatroskaSplitter.exe renamed to FF51CCDAA9F86F661A01057EE2DB4FC1

sample\SetupGFD.exe renamed to F6A82E9AAD2D554833CDF2DDBC90ED6B

C:\Users\Public\Desktop\sample_23-02-2013_1720.zip created successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\browser manager deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\browser manager deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

::1 localhost

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"BrowserMngrDefaultScope"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk" deleted

"C:\extensions.sqlite" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{6F87DAD9-8E7F-4C9E-93B8-EE8BD222BCCE}.job" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{6F87DAD9-8E7F-4C9E-93B8-EE8BD222BCCE}.job" deleted

"C:\user.js" deleted

"C:\Windows\system32\roboot.exe" deleted

"C:\Users\Compaq\AppData\Roaming\Avisynth.exe" deleted

"C:\Users\Compaq\AppData\Roaming\AvsP.exe" deleted

"C:\Users\Compaq\AppData\Roaming\MatroskaSplitter.exe" deleted

"C:\Users\Compaq\AppData\Roaming\SetupGFD.exe" deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\bl" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" not deleted

"C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe" deleted

"C:\Program Files\Common Files\337" deleted

"C:\Program Files\Desk 365" deleted

"C:\Program Files\Conduit" deleted

"C:\Program Files\Common Files\Spigot" deleted

"C:\Program Files\Web Assistant" deleted

"C:\Users\Compaq\AppData\Roaming\Desk 365" deleted

"C:\Users\Compaq\AppData\Roaming\Systweak" deleted

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" not deleted

"C:\ProgramData\Browser Manager" not deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Premium" not deleted

"C:\ProgramData\SaveAs" deleted

"C:\Users\Compaq\AppData\Local\Conduit" deleted

"C:\Users\Compaq\AppData\LocalLow\Softonic" deleted

"C:\Users\Compaq\AppData\LocalLow\Conduit" deleted

"C:\ProgramData\Browser Manager\2.6.1123.78" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}" not deleted

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings" not deleted

"C:\ProgramData\Premium\OptimizerPro1" not deleted

==== System Specs ======================

Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 3003 MB

CPU Info: Genuine Intel® CPU T1600 @ 1.66GHz

CPU Speed: 1037,7 MHz

Sound Card: Luidsprekers (Conexant High Def |

Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1440 X 900 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) | Atheros AR5007 802.11b/g WiFi Adapter

CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A2L-A

Ports: COM3 LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 223,0GB | D: 9,9GB

Hard Disks - Free: C: 124,7GB | D: 1,7GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 02/04/09 | HPQOEM - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Wistron 360C

Sun Java version: 1.6.0_29

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-02-04 14:45:37 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe

====== C:\Users\Compaq\AppData\Local\Temp ====

2013-02-23 09:26:42 0951B8E8DF83CEFD6D9B06D389ECE5D9 335872 ----a-w- C:\Users\Compaq\AppData\Local\Temp\_unps.exe

2013-02-23 08:54:29 1AF5DB05F6E9040EF9320D72DA87BA14 744658 ----a-w- C:\Users\Compaq\AppData\Local\Temp\HomePage22find.exe

====== C:\Windows\system32 =====

2013-02-13 23:14:25 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-13 23:14:25 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-02-13 23:14:24 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-13 23:14:23 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-02-13 23:14:23 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-02-13 23:14:22 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-02-13 23:14:22 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-13 23:14:21 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-02-13 23:14:21 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-02-13 23:14:20 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-02-13 23:14:20 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-13 23:14:20 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll

2013-02-13 23:14:18 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll

2013-02-13 23:14:18 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-13 23:14:17 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll

2013-02-13 23:14:15 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll

2013-02-13 08:42:20 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys

2013-02-13 08:42:18 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2013-02-13 08:42:04 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-02-13 08:42:04 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe

====== C:\Windows\system32\drivers =====

2013-02-13 08:42:17 CD21572F83F7EC6E2C20C465967BEDD9 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2013-02-13 08:42:17 3535CD93F944C00F098E73E12EE7FEB6 914792 ----a-w- C:\Windows\System32\drivers\tcpip.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-02-21 10:30:23 -------- d-----w- C:\Program Files\Bonjour

2013-02-16 18:22:32 -------- d-----w- C:\Program Files\IncrediMail

2013-02-07 15:34:55 -------- d-----w- C:\Program Files\Lexmark 3500-4500 Series

2013-01-30 15:29:24 24576 ----a-w- C:\Program Files\Lexmark 3500-4500 Series(271)

======= C: =====

====== C:\Users\Compaq\AppData\Roaming ======

2013-01-29 08:17:30 -------- d-----w- C:\users\Compaq\AppData\Local\Real

====== C:\Users\Compaq ======

2013-02-23 09:01:45 -------- d-----w- C:\Users\Compaq\.Virtualbox.sav

2013-02-23 09:01:09 -------- d-----w- C:\Users\Compaq\youwave

2013-02-22 20:29:05 686ABF7741DB3E6D1835149B4982D2AB 54335 ----a-w- C:\Users\Compaq\.recently-used.xbel

2013-02-21 19:38:48 -------- d-----w- C:\ProgramData\BlueStacks

2013-02-21 18:42:00 DA24ABEBDE71F0FBA51F7F7C78296862 92481 ----a-w- C:\Users\Compaq\final_bstSnapshot_13104.jpg

2013-02-21 18:41:16 8CD11A92E561EE9E05201F9031169698 110362 ----a-w- C:\Users\Compaq\final_bstSnapshot_74277.jpg

2013-02-21 15:09:47 6409CAD442CE10C928BC50B9CF1AB068 91583 ----a-w- C:\Users\Compaq\final_bstSnapshot_41770.jpg

2013-02-21 13:49:10 1188276298D020A71FFD7689B81A199B 98427 ----a-w- C:\Users\Compaq\final_bstSnapshot_41300.jpg

2013-02-21 13:43:41 35475ACB12BEF3268525F3EDE2C26D60 83802 ----a-w- C:\Users\Compaq\final_bstSnapshot_48962.jpg

2013-02-21 13:40:36 3F98724C1CAC264144EDA21CED050172 91720 ----a-w- C:\Users\Compaq\final_bstSnapshot_92857.jpg

2013-02-21 13:40:28 0003EC5B452230E079E96D08774A9262 114139 ----a-w- C:\Users\Compaq\final_bstSnapshot_45383.jpg

2013-02-21 10:47:34 B3F64FB25E2A2B2B687243157FADBA49 91199 ----a-w- C:\Users\Compaq\final_bstSnapshot_77757.jpg

2013-02-21 10:35:59 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-21 10:33:03 07D0A71645A2C730108A95D838B687D2 91739 ----a-w- C:\Users\Compaq\final_bstSnapshot_9644.jpg

2013-02-21 10:32:30 29B9A8E0BA7C4FCD5B4FA266976D15E3 103932 ----a-w- C:\Users\Compaq\final_bstSnapshot_39741.jpg

2013-02-21 10:31:39 E1745889A251C82936B3054E1976D910 78033 ----a-w- C:\Users\Compaq\final_bstSnapshot_57353.jpg

2013-02-21 10:09:03 CAE06C341A182601D5866B791FD7B239 124158 ----a-w- C:\Users\Compaq\final_bstSnapshot_94959.jpg

2013-02-21 10:04:12 066B67960F077E9D8E7784EDA692D1D7 78459 ----a-w- C:\Users\Compaq\final_bstSnapshot_78699.jpg

2013-02-21 10:02:36 7E2933699E15CD548ECFB1A29632FEE5 78365 ----a-w- C:\Users\Compaq\final_bstSnapshot_88790.jpg

2013-02-21 10:01:00 ECC31E2F8043D9606F83B87332F72455 102389 ----a-w- C:\Users\Compaq\final_bstSnapshot_29528.jpg

2013-02-21 09:41:47 1484A8AB0D9FC88463804279935EF4E9 99296 ----a-w- C:\Users\Compaq\final_bstSnapshot_37561.jpg

2013-02-21 09:41:35 D450E7FA9CC47CADEF5BECE8960556F2 76804 ----a-w- C:\Users\Compaq\final_bstSnapshot_86319.jpg

2013-02-21 09:40:51 A1AA3D47D4A2B304AD9C11C48002337D 76733 ----a-w- C:\Users\Compaq\final_bstSnapshot_16515.jpg

2013-02-07 15:52:22 83F08B6E11A9F56B1C28F92787DE11A0 687859 ----a-w- C:\ProgramData\SPL42E4.tmp

2013-02-04 10:58:05 CD6235E1BBDD43F4431DE70080DF2C26 398056 ----a-w- C:\ProgramData\SPLE5AD.tmp

2013-02-02 11:58:35 -------- d-----w- C:\ProgramData\Xerox

2013-01-30 15:49:14 -------- d-----w- C:\Users\Compaq\{4f2f8c7e-f45b-4e33-b049-2c7d3a203053}

2013-01-24 19:22:34 -------- d-----w- C:\ProgramData\Protexis

====== C: exe-files ==

2013-02-23 09:34:57 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe

2013-02-23 09:26:42 0951B8E8DF83CEFD6D9B06D389ECE5D9 335872 ----a-w- C:\Users\Compaq\AppData\Local\temp\_unps.exe

2013-02-23 08:54:29 1AF5DB05F6E9040EF9320D72DA87BA14 744658 ----a-w- C:\Users\Compaq\AppData\Local\temp\HomePage22find.exe

2013-02-19 14:48:46 3644168EBD9967E2568ED3E723610B8E 177129 ------r- C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

2013-02-17 09:23:47 D645B082E49F8655F14C61DB4EEBBA1D 367016 ----a-w- C:\Program Files\IncrediMail\Bin\IncMail.exe

2013-02-17 09:23:47 CE9890FC0855C48B7540A3B7872CB45E 113064 ----a-w- C:\Program Files\IncrediMail\Bin\ImpCnt.exe

2013-02-17 09:23:47 B1EF295CE776B7D56B6BBF9FD9A77CAA 309672 ----a-w- C:\Program Files\IncrediMail\Bin\ImLc.exe

2013-02-17 09:23:47 7A383F5395F1AD8F9C079FAF7193419E 121256 ----a-w- C:\Program Files\IncrediMail\Bin\ImSetup.exe

2013-02-17 09:23:47 59A409BAB55E72D33409A8A99F50DB17 264616 ----a-w- C:\Program Files\IncrediMail\Bin\ImApp.exe

2013-02-17 09:23:47 53A0EE142B6D218A7723AB32CA6A6EE5 104872 ----a-w- C:\Program Files\IncrediMail\Bin\ImPackr.exe

2013-02-17 09:23:47 1EAB5B79CA0251B261E8A7C640D10FC4 68008 ----a-w- C:\Program Files\IncrediMail\Bin\ImLpp.exe

2013-02-17 09:23:47 18FB2474F327E558748FADB0AB91B3BC 260520 ----a-w- C:\Program Files\IncrediMail\Bin\ImNotfy.exe

2013-02-16 18:21:45 1EEA442D956D3774DBBC05EA5F90D2BA 129368 ----a-w- C:\Program Files\IncrediMail\Bin\ImBpp.exe

2013-02-16 18:21:45 0C93718599A68D1E5A0E76A706874833 26960 ----a-w- C:\Program Files\IncrediMail\Bin\AE\aeldr.exe

=== C: other files ==

2231-04-23 12:00:36 C5334DD82ED64A48168DD324AA5B99D9 237568 ----a-w- C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0\CTB.dll

2231-04-23 12:00:36 1A60DDBD05E3018E29075726C2368B13 194048 ----a-w- C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0\CrmAdpt.dll

2013-02-23 16:20:32 F46168035B6415F846076E9A89E0261F 19347448 ----a-w- C:\Users\Public\Desktop\sample_23-02-2013_1720.zip

2013-02-23 16:02:26 3AEC0B886F527CCD396166927DD1A0DA 19347447 ----a-w- C:\Users\Public\Desktop\sample_23-02-2013_1701.zip

2013-02-17 09:23:58 1F8AF353BCCEE3873F09956009DF0D5B 72104 ----a-w- C:\Program Files\IncrediMail\Bin\wlessfp1.dll

2013-02-17 09:23:57 A202270BD6CC5159308228928720DCB5 1460648 ----a-w- C:\Program Files\IncrediMail\Bin\ImViewU.dll

2013-02-17 09:23:57 9A1816812FAEFA9692C690D6E29E53D4 162216 ----a-w- C:\Program Files\IncrediMail\Bin\ImWrappU.dll

2013-02-17 09:23:56 7C1CE252B5EAF668D4232BD00DB4456F 1464744 ----a-w- C:\Program Files\IncrediMail\Bin\ImUtilsU.dll

2013-02-17 09:23:55 CBA44593A4F8546E4FAF7588EAE51F10 1583528 ----a-w- C:\Program Files\IncrediMail\Bin\ImSuppU.dll

2013-02-17 09:23:55 BCACDB08F6C7A688A9E7F0C4C25997CF 276904 ----a-w- C:\Program Files\IncrediMail\Bin\ImToolsU.dll

2013-02-17 09:23:54 FF2B4B7D501C449759BE82D326A1E353 133544 ----a-w- C:\Program Files\IncrediMail\Bin\ImShExtU.dll

2013-02-17 09:23:54 BC645075375DC09798E377F91B12AD20 399784 ----a-w- C:\Program Files\IncrediMail\Bin\ImServU.dll

2013-02-17 09:23:54 6D52EFC1A69E40705E39DE12790CE8CF 645544 ----a-w- C:\Program Files\IncrediMail\Bin\ImSpoolU.dll

2013-02-17 09:23:53 F87E543458197DEF9F4766A15CD49D9F 96680 ----a-w- C:\Program Files\IncrediMail\Bin\ImNtUtilU.dll

2013-02-17 09:23:53 F55106CE7FA65F70EEF30D84B221E8F3 645544 ----a-w- C:\Program Files\IncrediMail\Bin\ImParserU.dll

2013-02-17 09:23:53 334B0C2DC33FC972441982769E7F1284 29608 ----a-w- C:\Program Files\IncrediMail\Bin\ImSearchU.dll

2013-02-17 09:23:52 E15C31482534B7844D8D745DE368DB89 620968 ----a-w- C:\Program Files\IncrediMail\Bin\ImLookU.dll

2013-02-17 09:23:52 DDA07663F5DEABA6DA8286335E1DF0E2 47528 ----a-w- C:\Program Files\IncrediMail\Bin\ImMapiU.dll

2013-02-17 09:23:52 52B223B01ABFC33C5C8908EF7937931C 162216 ----a-w- C:\Program Files\IncrediMail\Bin\ImNotfyU.dll

2013-02-17 09:23:52 1B582D1C28CEA5F996A5BB0205EF964A 1141160 ----a-w- C:\Program Files\IncrediMail\Bin\ImMangrU.dll

2013-02-17 09:23:51 E9E2AAEAC5A896C1DD0C79639DEB7C96 715176 ----a-w- C:\Program Files\IncrediMail\Bin\ImImprtU.dll

2013-02-17 09:23:51 A220AB7E89FA579FD60CCC5CCC482963 194984 ----a-w- C:\Program Files\IncrediMail\Bin\ImKeysU.dll

2013-02-17 09:23:51 5DC4C9020326882A863D864EFDA85CDD 268712 ----a-w- C:\Program Files\IncrediMail\Bin\ImLookExU.dll

2013-02-17 09:23:51 55C830B18AE14F4FE45E1AF292DD8F6E 309672 ----a-w- C:\Program Files\IncrediMail\Bin\ImJunkU.dll

2013-02-17 09:23:50 C9715A36DC8083B4183C678BC8F44A2B 522664 ----a-w- C:\Program Files\IncrediMail\Bin\ImFoldrsU.dll

2013-02-17 09:23:50 B756B0AA5D0A7D35FFD2C54855DDF19A 1116584 ----a-w- C:\Program Files\IncrediMail\Bin\ImFeatU.dll

2013-02-17 09:23:50 5F1A922A100C7E3EDFDD16FF9EA2F8A4 33128 ----a-w- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll

2013-02-17 09:23:49 FEF159195D0D3AF650F58FCCEA6FE9F8 317864 ----a-w- C:\Program Files\IncrediMail\Bin\ImABU.dll

2013-02-17 09:23:49 FDA222EABCAADD1A36ED54DFF48F14DD 121256 ----a-w- C:\Program Files\IncrediMail\Bin\ImAnimU.dll

2013-02-17 09:23:49 BBE4B4070DD83339DA35F9BC71D4046D 88488 ----a-w- C:\Program Files\IncrediMail\Bin\ImDbU.dll

2013-02-17 09:23:49 84DE04FFF985DE6D3B77A1A30641F054 113064 ----a-w- C:\Program Files\IncrediMail\Bin\Im3dU.dll

2013-02-17 09:23:49 4A7193CDE187E524991E26E55425D8BA 133544 ----a-w- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll

2013-02-16 18:21:53 D7E69C070B2EB5908E9F81F0F267E9E2 325984 ----a-w- C:\Program Files\IncrediMail\Bin\wflash3.dll

2013-02-16 18:21:53 C00D87AACDE8B454933EB0BE9D9E211E 476584 ----a-w- C:\Program Files\IncrediMail\Bin\sqlite3.dll

2013-02-16 18:21:53 732F0CB39DD3B562C0E250773050E3CA 108888 ----a-w- C:\Program Files\IncrediMail\Bin\PMC.dll

2013-02-16 18:21:53 477BFEB123DFC08087A8997CE7FE8936 219560 ----a-w- C:\Program Files\IncrediMail\Bin\ssce5432.dll

2013-02-16 18:21:53 313432437C67DF2B42E0203C35B49C79 584104 ----a-w- C:\Program Files\IncrediMail\Bin\SftTree_IX86_U_60.dll

2013-02-16 18:21:53 1250E5F1847E2D3F2A4EBBC8B055382F 633184 ----a-w- C:\Program Files\IncrediMail\Bin\msvcr80.dll

2013-02-16 18:21:52 E64E9D1C7BD5471DB68545DF807DCA56 301480 ----a-w- C:\Program Files\IncrediMail\Bin\ImViewRU.dll

2013-02-16 18:21:52 9CB43BB352A472C3D8FEFCCE1263B6A1 555360 ----a-w- C:\Program Files\IncrediMail\Bin\msvcp80.dll

2013-02-16 18:21:52 4085EFF28D46AFF767FFDD6565514E78 1099616 ----a-w- C:\Program Files\IncrediMail\Bin\mfc80u.dll

2013-02-16 18:21:52 10F31DEF826BB90548D61D5153EDEFEF 53672 ----a-w- C:\Program Files\IncrediMail\Bin\IncMailRU.dll

2013-02-16 18:21:50 A8FBE8276C2EBFEE9893792FA9580310 37800 ----a-w- C:\Program Files\IncrediMail\Bin\ImpCntRU.dll

2013-02-16 18:21:50 85B4A57D9EE5C3EB4D6F644323920DA0 739752 ----a-w- C:\Program Files\IncrediMail\Bin\ImSuppRU.dll

2013-02-16 18:21:49 D82FE78BFFE3590447D68C8855EFEC2F 66984 ----a-w- C:\Program Files\IncrediMail\Bin\ImPackrRU.dll

2013-02-16 18:21:49 C05633A7EDAFAEDC042E7A54C4EED0BD 567720 ----a-w- C:\Program Files\IncrediMail\Bin\ImMangrRU.dll

2013-02-16 18:21:49 94F14B90DE866E2B4875036154E3B784 207272 ----a-w- C:\Program Files\IncrediMail\Bin\ImNotfyRU.dll

2013-02-16 18:21:48 B3EC466BFADE770B8D992AE43126E42B 47016 ----a-w- C:\Program Files\IncrediMail\Bin\ImImprtRU.dll

2013-02-16 18:21:48 244EB1B6ABAAE6FEEFB9C566AC06C09A 330152 ----a-w- C:\Program Files\IncrediMail\Bin\ImLcRU.dll

2013-02-16 18:21:47 F8F9EB6AB45BBC6A350641FE805707FC 3144104 ----a-w- C:\Program Files\IncrediMail\Bin\dten600.dll

2013-02-16 18:21:47 C5808EC567E3E85CC73C46354EB5626B 842152 ----a-w- C:\Program Files\IncrediMail\Bin\ImFeatRU.dll

2013-02-16 18:21:47 64944E0E81AB56CCA93CE05281829FB4 80296 ----a-w- C:\Program Files\IncrediMail\Bin\ImAppRU.dll

2013-02-16 18:21:46 9F33F5AFE6693F5EF2BAB1FF9B68CA52 1034096 ----a-w- C:\Program Files\IncrediMail\Bin\AE\ActionEngine.dll

2013-02-16 18:21:46 870302350BB51A6FFA4F8F1E65CE32B7 356776 ----a-w- C:\Program Files\IncrediMail\Bin\d3drm.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED"

"IE New Window Maximizer"="C:\Program Files\IE New Window Maximizer\iemaximizer.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe"

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"

"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"FaxCenterServer"="C:\Program Files\\Lexmark Fax Solutions\fm3032.exe /s"

"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript"

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"PMBVolumeWatcher"="C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"lxdimon.exe"="C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"

"lxdiamon"="C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"

"BlueStacks Agent"="C:\Program Files\BlueStacks\HD-Agent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"KiesPDLR"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED"

"IE New Window Maximizer"="C:\Program Files\IE New Window Maximizer\iemaximizer.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"HP Health Check Scheduler"="c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe"

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

"TkBellExe"="\"c:\\program files\\real\\realplayer\\Update\\realsched.exe\" -osboot"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 15:28]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bcjgjlhkohpekppiaehfpoijklddkelf - C:\ProgramData\SaveAs\bcjgjlhkohpekppiaehfpoijklddkelf.crx[]

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Compaq\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

elkilpmcckfdnohjpdfdgngknljaejnj - C:\ProgramData\Bcool\elkilpmcckfdnohjpdfdgngknljaejnj.crx[]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files\DealPly\DealPly.crx[]

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]

jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]

ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Compaq\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Compaq\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files\DealPly\DealPly.crx[]

ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Compaq\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]

Softonic Chrome Toolbar - Compaq - Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"

"Default_Page_URL"="22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="Google"

"SearchAssistant"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

"Default_Page_URL"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{80c554b9-c7f8-4a21-9471-06d606da78a2}"

{03F4F01C-F772-4A5F-9485-C68416A6759F} Unknown Url="Not_Found"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{0743CB96-259A-4DBA-B258-2B8CB252683C} Unknown Url="Not_Found"

{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{49FF36BA-A4A1-4BF4-AE40-3E92B6316F42} Unknown Url="Not_Found"

{4fa67103-5daf-45a1-9ddb-236d1ff7a590} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="{searchTerms} - Bing"

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Unknown Url="Not_Found"

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Unknown Url="Not_Found"

{AD60DF91-A7F6-41B1-95FF-C92B12251141} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2734CCBA-7B7A-5CE4-2D29-083C0BBC3071} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{03F4F01C-F772-4A5F-9485-C68416A6759F} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0743CB96-259A-4DBA-B258-2B8CB252683C} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{49FF36BA-A4A1-4BF4-AE40-3E92B6316F42} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4fa67103-5daf-45a1-9ddb-236d1ff7a590} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD60DF91-A7F6-41B1-95FF-C92B12251141} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{2734CCBA-7B7A-5CE4-2D29-083C0BBC3071} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2734CCBA-7B7A-5CE4-2D29-083C0BBC3071} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bcjgjlhkohpekppiaehfpoijklddkelf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\elkilpmcckfdnohjpdfdgngknljaejnj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost

O1 - Hosts: 216.239.32.20 www.google.ae # bck9

O1 - Hosts: 216.239.32.20 www.google.at # bck9

O1 - Hosts: 216.239.32.20 www.google.be # bck9

O1 - Hosts: 216.239.32.20 www.google.ca # bck9

O1 - Hosts: 216.239.32.20 www.google.ch # bck9

O1 - Hosts: 216.239.32.20 www.google.cl # bck9

O1 - Hosts: 216.239.32.20 www.google.co.il # bck9

O1 - Hosts: 216.239.32.20 www.google.co.in # bck9

O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9

O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9

O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9

O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9

O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9

O1 - Hosts: 216.239.32.20 www.google.co.za # bck9

O1 - Hosts: 216.239.32.20 www.google.com # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9

O1 - Hosts: 216.239.32.20 www.google.com.au # bck9

O1 - Hosts: 216.239.32.20 www.google.com.br # bck9

O1 - Hosts: 216.239.32.20 www.google.com.co # bck9

O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9

O1 - Hosts: 216.239.32.20 www.google.com.my # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9

O1 - Hosts: 216.239.32.20 www.google.de # bck9

O1 - Hosts: 216.239.32.20 www.google.dk # bck9

O1 - Hosts: 216.239.32.20 www.google.es # bck9

O1 - Hosts: 216.239.32.20 www.google.fi # bck9

O1 - Hosts: 216.239.32.20 www.google.fr # bck9

O1 - Hosts: 216.239.32.20 www.google.it # bck9

O1 - Hosts: 216.239.32.20 www.google.lt # bck9

O1 - Hosts: 216.239.32.20 www.google.lv # bck9

O1 - Hosts: 216.239.32.20 www.google.nl # bck9

O1 - Hosts: 216.239.32.20 www.google.pl # bck9

O1 - Hosts: 216.239.32.20 www.google.pt # bck9

O1 - Hosts: 216.239.32.20 www.google.ro # bck9

O1 - Hosts: 216.239.32.20 www.google.ru # bck9

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

==== Empty IE Cache ======================

C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Compaq\AppData\Local\VirtualStore\Windows\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Compaq\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\bl" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\03" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\13" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22" not found

"C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\23" not found

"C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\ProgramData\Browser Manager" not found

"C:\ProgramData\Premium" not found

[juisterr]

Poef wat een meuk, wil je dezelfde tool nog eens starten maar dan volgens onderstaande aanwijzingen.

Vertel daarna even hoe het gaat.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

   
  shortcutfix;
  emptyclsid;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Auto Clean
    
  • Chrome Look
    
  • Reset Chrome
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[signorita]

Ik had zoiets al gedacht ,opstarten en afsluiten duurt ook zo lang .

Zoek.exe Version 4.0.0.1 Updated 18-02-2013

Tool run by Compaq on za 23-02-2013 at 19:19:18,41.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" deleted

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]

Softonic Chrome Toolbar - Compaq - Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Startpagina.nl | Jouw startpagina voor weer, verkeer en meer"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{80c554b9-c7f8-4a21-9471-06d606da78a2}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="{searchTerms} - Bing"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Compaq\AppData\Local\VirtualStore\Windows\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Compaq\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

[signorita]

Het is nog hetzelfde de 22 find tapak portal is er nog steeds

[juisterr]

Plaats even een nieuw gemaakt HijackThis logje aub.

[signorita]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:09:33, on 24-2-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IE New Window Maximizer\iemaximizer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\BlueStacks\HD-Adb.exe

C:\Program Files\BlueStacks\HD-Frontend.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O1 - Hosts: 216.239.32.20 www.google.ae # bck9

O1 - Hosts: 216.239.32.20 www.google.at # bck9

O1 - Hosts: 216.239.32.20 www.google.be # bck9

O1 - Hosts: 216.239.32.20 www.google.ca # bck9

O1 - Hosts: 216.239.32.20 www.google.ch # bck9

O1 - Hosts: 216.239.32.20 www.google.cl # bck9

O1 - Hosts: 216.239.32.20 www.google.co.il # bck9

O1 - Hosts: 216.239.32.20 www.google.co.in # bck9

O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9

O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9

O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9

O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9

O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9

O1 - Hosts: 216.239.32.20 www.google.co.za # bck9

O1 - Hosts: 216.239.32.20 www.google.com # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9

O1 - Hosts: 216.239.32.20 www.google.com.au # bck9

O1 - Hosts: 216.239.32.20 www.google.com.br # bck9

O1 - Hosts: 216.239.32.20 www.google.com.co # bck9

O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9

O1 - Hosts: 216.239.32.20 www.google.com.my # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9

O1 - Hosts: 216.239.32.20 www.google.de # bck9

O1 - Hosts: 216.239.32.20 www.google.dk # bck9

O1 - Hosts: 216.239.32.20 www.google.es # bck9

O1 - Hosts: 216.239.32.20 www.google.fi # bck9

O1 - Hosts: 216.239.32.20 www.google.fr # bck9

O1 - Hosts: 216.239.32.20 www.google.it # bck9

O1 - Hosts: 216.239.32.20 www.google.lt # bck9

O1 - Hosts: 216.239.32.20 www.google.lv # bck9

O1 - Hosts: 216.239.32.20 www.google.nl # bck9

O1 - Hosts: 216.239.32.20 www.google.pl # bck9

O1 - Hosts: 216.239.32.20 www.google.pt # bck9

O1 - Hosts: 216.239.32.20 www.google.ro # bck9

O1 - Hosts: 216.239.32.20 www.google.ru # bck9

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"

O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"

O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 14293 bytes

[juisterr]

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

   
  resethosts;
  filesrcm;
  shortcutfix;
  emptyclsid;
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.