MissBourix

Ik heb zelf al het één en ander kunnen lokaliseren en verwijderen. In de bijlage in ieder geval de nieuwe log. Gr. Ingrid zoek-results2.txt

Ja. Daar zal het probleem dan ook wel weer vandaan komen.

Gelijk die andere dingen ook maar weer even gedaan log2.txt AdwCleanerS1.txt

Ik was van mijn redirect verlost, tenminste zo leek het. Hij is nu weer terug. MBAM scanlog.txt

Ja, helaas wel. Heb net weer een paar bedreigingen verwijderd. Zoveel had ik er eerst nooit. En Adblocker komt ook iedere keer weer terug.

Op zich best handig om dan ook het bestand bij te voegen AdwCleanerS0.txt

Hallo, In de bijlage de log van AdwCleaner. Plus500 is een programma, dus dat heb ik niet verwijderd. Gr. Ingrid

Hallo, Het duurde even, maar in de bijlage de log van zoek.exe. Gr. Ingrid zoek-results.txt

Hallo, Mijn laptop is getroffen door een redirect virus, namelijk stamplive.com. Hoe kan ik deze verwijderen? Via Rsit heb ik al een log gemaakt, zie hieronder of bijlage. Groeten, Ingrid ------------------------------------------------------------- Logfile of random's system information tool 1.10 (written by random/random) Run by Ingr at 2015-04-06 17:45:15 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 32 GB (7%) free of 456 GB Total RAM: 5611 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:47:26, on 6-4-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Ingr.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 216.239.32.20 google.com www.google.com O1 - Hosts: 216.239.32.20 google.com www.google.ad O1 - Hosts: 216.239.32.20 google.com www.google.ae O1 - Hosts: 216.239.32.20 google.com www.google.com.af O1 - Hosts: 216.239.32.20 google.com www.google.com.ag O1 - Hosts: 216.239.32.20 google.com www.google.com.ai O1 - Hosts: 216.239.32.20 google.com www.google.al O1 - Hosts: 216.239.32.20 google.com www.google.am O1 - Hosts: 216.239.32.20 google.com www.google.co.ao O1 - Hosts: 216.239.32.20 google.com www.google.com.ar O1 - Hosts: 216.239.32.20 google.com www.google.as O1 - Hosts: 216.239.32.20 google.com www.google.at O1 - Hosts: 216.239.32.20 google.com www.google.com.au O1 - Hosts: 216.239.32.20 google.com www.google.az O1 - Hosts: 216.239.32.20 google.com www.google.ba O1 - Hosts: 216.239.32.20 google.com www.google.com.bd O1 - Hosts: 216.239.32.20 google.com www.google.be O1 - Hosts: 216.239.32.20 google.com www.google.bf O1 - Hosts: 216.239.32.20 google.com www.google.bg O1 - Hosts: 216.239.32.20 google.com www.google.com.bh O1 - Hosts: 216.239.32.20 google.com www.google.bi O1 - Hosts: 216.239.32.20 google.com www.google.bj O1 - Hosts: 216.239.32.20 google.com www.google.com.bn O1 - Hosts: 216.239.32.20 google.com www.google.com.bo O1 - Hosts: 216.239.32.20 google.com www.google.com.br O1 - Hosts: 216.239.32.20 google.com www.google.bs O1 - Hosts: 216.239.32.20 google.com www.google.bt O1 - Hosts: 216.239.32.20 google.com www.google.co.bw O1 - Hosts: 216.239.32.20 google.com www.google.by O1 - Hosts: 216.239.32.20 google.com www.google.com.bz O1 - Hosts: 216.239.32.20 google.com www.google.ca O1 - Hosts: 216.239.32.20 google.com www.google.cd O1 - Hosts: 216.239.32.20 google.com www.google.cf O1 - Hosts: 216.239.32.20 google.com www.google.cg O1 - Hosts: 216.239.32.20 google.com www.google.ch O1 - Hosts: 216.239.32.20 google.com www.google.ci O1 - Hosts: 216.239.32.20 google.com www.google.co.ck O1 - Hosts: 216.239.32.20 google.com www.google.cl O1 - Hosts: 216.239.32.20 google.com www.google.cm O1 - Hosts: 216.239.32.20 google.com www.google.cn O1 - Hosts: 216.239.32.20 google.com www.google.com.co O1 - Hosts: 216.239.32.20 google.com www.google.co.cr O1 - Hosts: 216.239.32.20 google.com www.google.com.cu O1 - Hosts: 216.239.32.20 google.com www.google.cv O1 - Hosts: 216.239.32.20 google.com www.google.com.cy O1 - Hosts: 216.239.32.20 google.com www.google.cz O1 - Hosts: 216.239.32.20 google.com www.google.de O1 - Hosts: 216.239.32.20 google.com www.google.dj O1 - Hosts: 216.239.32.20 google.com www.google.dk O1 - Hosts: 216.239.32.20 google.com www.google.dm O1 - Hosts: 216.239.32.20 google.com www.google.com.do O1 - Hosts: 216.239.32.20 google.com www.google.dz O1 - Hosts: 216.239.32.20 google.com www.google.com.ec O1 - Hosts: 216.239.32.20 google.com www.google.ee O1 - Hosts: 216.239.32.20 google.com www.google.com.eg O1 - Hosts: 216.239.32.20 google.com www.google.es O1 - Hosts: 216.239.32.20 google.com www.google.com.et O1 - Hosts: 216.239.32.20 google.com www.google.fi O1 - Hosts: 216.239.32.20 google.com www.google.com.fj O1 - Hosts: 216.239.32.20 google.com www.google.fm O1 - Hosts: 216.239.32.20 google.com www.google.fr O1 - Hosts: 216.239.32.20 google.com www.google.ga O1 - Hosts: 216.239.32.20 google.com www.google.ge O1 - Hosts: 216.239.32.20 google.com www.google.gg O1 - Hosts: 216.239.32.20 google.com www.google.com.gh O1 - Hosts: 216.239.32.20 google.com www.google.com.gi O1 - Hosts: 216.239.32.20 google.com www.google.gl O1 - Hosts: 216.239.32.20 google.com www.google.gm O1 - Hosts: 216.239.32.20 google.com www.google.gp O1 - Hosts: 216.239.32.20 google.com www.google.gr O1 - Hosts: 216.239.32.20 google.com www.google.com.gt O1 - Hosts: 216.239.32.20 google.com www.google.gy O1 - Hosts: 216.239.32.20 google.com www.google.com.hk O1 - Hosts: 216.239.32.20 google.com www.google.hn O1 - Hosts: 216.239.32.20 google.com www.google.hr O1 - Hosts: 216.239.32.20 google.com www.google.ht O1 - Hosts: 216.239.32.20 google.com www.google.hu O1 - Hosts: 216.239.32.20 google.com www.google.co.id O1 - Hosts: 216.239.32.20 google.com www.google.ie O1 - Hosts: 216.239.32.20 google.com www.google.co.il O1 - Hosts: 216.239.32.20 google.com www.google.im O1 - Hosts: 216.239.32.20 google.com www.google.co.in O1 - Hosts: 216.239.32.20 google.com www.google.iq O1 - Hosts: 216.239.32.20 google.com www.google.is O1 - Hosts: 216.239.32.20 google.com www.google.it O1 - Hosts: 216.239.32.20 google.com www.google.je O1 - Hosts: 216.239.32.20 google.com www.google.com.jm O1 - Hosts: 216.239.32.20 google.com www.google.jo O1 - Hosts: 216.239.32.20 google.com www.google.co.jp O1 - Hosts: 216.239.32.20 google.com www.google.co.ke O1 - Hosts: 216.239.32.20 google.com www.google.com.kh O1 - Hosts: 216.239.32.20 google.com www.google.ki O1 - Hosts: 216.239.32.20 google.com www.google.kg O1 - Hosts: 216.239.32.20 google.com www.google.co.kr O1 - Hosts: 216.239.32.20 google.com www.google.com.kw O1 - Hosts: 216.239.32.20 google.com www.google.kz O1 - Hosts: 216.239.32.20 google.com www.google.la O1 - Hosts: 216.239.32.20 google.com www.google.com.lb O1 - Hosts: 216.239.32.20 google.com www.google.li O1 - Hosts: 216.239.32.20 google.com www.google.lk O1 - Hosts: 216.239.32.20 google.com www.google.co.ls O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 20150 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-ab63-b85620afb22b /binaryPath="C:\Program Files (x86)\AVG\AVG2015\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {96F3EFE9-8FAC-4FD8-A89D-ECBB0764FFCE} "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe" "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe" -background "C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe" "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2372.0.1719499913\828605344" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9647 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.901.3.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe" -service "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe" "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" "C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe" "C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe" "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.4.1832351587\453347081" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.12.1493708910\1804757682" /prefetch:673131151 "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe" "C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2015\avgemca.exe" "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY /updatefinished "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="2372.31.611250766\1675117403" --lang=nl /prefetch:845217598 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.32.87259391\980058636" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.39.1904724029\756691287" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.40.99795365\693649935" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.45.58936102\792587801" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.49.278475027\1135821459" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.50.1131135097\2137312385" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.52.2011330899\1053985987" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Freud/DomRel-Enable/disable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/ThreeMonths/SHA1ToolbarUIJanuary2017/HTTP/SHA1ToolbarUIJune2016/Warning/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --device-scale-factor=1 --font-cache-shared-mem-suffix=2372 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2372.53.1452417381\470784427" /prefetch:673131151 C:\Windows\system32\msiexec.exe /V "C:\Users\Ingr\Downloads\RSITx64 (1).exe" C:\Windows\splwow64.exe 8192 C:\Windows\system32\PrintIsolationHost.exe -Embedding ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\Open Chrome.job - c:\program files (x86)\Google\Chrome\Application\chrome.exe --new-window http://toolbar.avg.com/almost-done?pid=safeguard〈=nl C:\Windows\tasks\SK.Enabler-S-1495795506.job - c:\programdata\quickset\sk.enabler\SK.Enabler.exe /schedule /profile "c:\programdata\quickset\sk.enabler\1495795506.ini" =========Mozilla firefox========= ProfilePath - C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default prefs.js - "browser.search.useDBForOrder" - true [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.305 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX] "Description"=Canon Easy-PhotoPrint EX "Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0] "Description"=DivX Web Player "Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] "Description"=Microsoft Lync Plug-in for Firefox "Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App V2 Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 16.0.0.305 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\plugins\ npMeetingJoinPluginOC.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll QuickTimePlugin.class C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\ e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com TTSD90021300@PYDKGV101145942.com {FDD8ECF0-451A-414D-8C8F-7B7F78B0ECD3} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10 218776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 881880] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-11-12 2588968] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-28 11786344] "Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2011-08-02 1831016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-27 1374032] "GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-02-19 26232152] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312] ""= [] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888] "Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2015-02-03 127304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool] C:\Program Files (x86)\NTI\NTI Digital Flix 2.5\MediaDetector.exe [2007-12-01 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2014-02-14 450560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Event Monitor] C:\Windows\system32\iprntlgn.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPrint Tray] C:\Windows\system32\iprntctl.exe TRAY_ICON [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lync] C:\Program Files (x86)\Microsoft Office\Office15\lync.exe [2015-02-10 19105944] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive] C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] C:\Users\Ingr\AppData\Roaming\Spotify\Spotify.exe [2015-03-20 6701624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] C:\Users\Ingr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-03-20 1964088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-27 1374032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [2014-07-12 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk] C:\PROGRA~2\MICROS~1\Office15\ONENOTEM.EXE [2014-09-16 194728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^the-island-dut-3304158.lnk] C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8}\the-island-dut-3304158.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-12 343168] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136] "mbot_nl_202"= [] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888] "DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-02-03 1533728] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "VIDC.LAGS"=lagarith.dll "vidc.XVID"=xvidvfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-04-06 17:45:15 ----D---- C:\rsit 2015-04-06 17:45:15 ----D---- C:\Program Files\trend micro 2015-03-25 08:52:59 ----A---- C:\Windows\system32\generaltel.dll 2015-03-25 08:52:59 ----A---- C:\Windows\system32\appraiser.dll 2015-03-25 08:52:59 ----A---- C:\Windows\system32\acmigration.dll 2015-03-25 08:52:58 ----A---- C:\Windows\system32\invagent.dll 2015-03-25 08:52:58 ----A---- C:\Windows\system32\devinv.dll 2015-03-25 08:52:58 ----A---- C:\Windows\system32\aepic.dll 2015-03-25 08:52:58 ----A---- C:\Windows\system32\aepdu.dll 2015-03-25 08:52:58 ----A---- C:\Windows\system32\aeinv.dll 2015-03-24 15:56:57 ----D---- C:\Program Files (x86)\Seagate File Recovery for Windows 2015-03-24 15:35:08 ----D---- C:\Program Files (x86)\Seagate 2015-03-24 15:34:09 ----D---- C:\Users\Ingr\AppData\Roaming\Seagate 2015-03-24 15:32:52 ----D---- C:\Users\Ingr\AppData\Roaming\Leadertech 2015-03-19 11:14:05 ----D---- C:\ProgramData\BlockIt Ad remover 2015-03-19 09:09:00 ----D---- C:\Program Files (x86)\SystemPromote 2015-03-17 17:07:38 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-03-14 18:13:36 ----D---- C:\Program Files (x86)\Plus500 2015-03-11 09:44:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2015-03-11 09:44:32 ----A---- C:\Windows\system32\atmfd.dll 2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\lpk.dll 2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2015-03-11 09:44:31 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2015-03-11 09:44:31 ----A---- C:\Windows\system32\lpk.dll 2015-03-11 09:44:31 ----A---- C:\Windows\system32\fontsub.dll 2015-03-11 09:44:31 ----A---- C:\Windows\system32\dciman32.dll 2015-03-11 09:44:31 ----A---- C:\Windows\system32\atmlib.dll 2015-03-11 09:44:14 ----A---- C:\Windows\SYSWOW64\blackbox.dll 2015-03-11 09:44:14 ----A---- C:\Windows\system32\blackbox.dll 2015-03-11 09:44:13 ----A---- C:\Windows\system32\drmv2clt.dll 2015-03-11 09:44:12 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll 2015-03-11 09:44:11 ----A---- C:\Windows\system32\wmp.dll 2015-03-11 09:44:08 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll 2015-03-11 09:44:08 ----A---- C:\Windows\SYSWOW64\mf.dll 2015-03-11 09:44:08 ----A---- C:\Windows\system32\wmdrmsdk.dll 2015-03-11 09:44:06 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-03-11 09:44:05 ----A---- C:\Windows\SYSWOW64\wmp.dll 2015-03-11 09:44:03 ----A---- C:\Windows\system32\drmmgrtn.dll 2015-03-11 09:44:03 ----A---- C:\Windows\system32\crypt32.dll 2015-03-11 09:44:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll 2015-03-11 09:44:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2015-03-11 09:44:01 ----A---- C:\Windows\system32\drivers\PEAuth.sys 2015-03-11 09:44:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-03-11 09:44:00 ----A---- C:\Windows\system32\quartz.dll 2015-03-11 09:44:00 ----A---- C:\Windows\system32\evr.dll 2015-03-11 09:43:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-03-11 09:43:58 ----A---- C:\Windows\system32\cryptui.dll 2015-03-11 09:43:57 ----A---- C:\Windows\SYSWOW64\quartz.dll 2015-03-11 09:43:57 ----A---- C:\Windows\SYSWOW64\evr.dll 2015-03-11 09:43:57 ----A---- C:\Windows\system32\winresume.exe 2015-03-11 09:43:57 ----A---- C:\Windows\system32\mfplat.dll 2015-03-11 09:43:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll 2015-03-11 09:43:56 ----A---- C:\Windows\SYSWOW64\cryptui.dll 2015-03-11 09:43:56 ----A---- C:\Windows\system32\pcasvc.dll 2015-03-11 09:43:55 ----A---- C:\Windows\SYSWOW64\cryptsp.dll 2015-03-11 09:43:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2015-03-11 09:43:55 ----A---- C:\Windows\system32\cryptsp.dll 2015-03-11 09:43:54 ----A---- C:\Windows\system32\msscp.dll 2015-03-11 09:43:54 ----A---- C:\Windows\system32\mf.dll 2015-03-11 09:43:52 ----A---- C:\Windows\system32\winload.exe 2015-03-11 09:43:51 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2015-03-11 09:43:51 ----A---- C:\Windows\SYSWOW64\msscp.dll 2015-03-11 09:43:51 ----A---- C:\Windows\system32\msnetobj.dll 2015-03-11 09:43:51 ----A---- C:\Windows\system32\cryptnet.dll 2015-03-11 09:43:51 ----A---- C:\Windows\system32\ci.dll 2015-03-11 09:43:51 ----A---- C:\Windows\system32\audiosrv.dll 2015-03-11 09:43:51 ----A---- C:\Windows\system32\appidsvc.dll 2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\msnetobj.dll 2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2015-03-11 09:43:50 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\wintrust.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\srcore.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\rstrui.exe 2015-03-11 09:43:50 ----A---- C:\Windows\system32\qdvd.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\drivers\appid.sys 2015-03-11 09:43:50 ----A---- C:\Windows\system32\cryptsvc.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\AudioSes.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\AUDIOKSE.dll 2015-03-11 09:43:50 ----A---- C:\Windows\system32\audiodg.exe 2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe 2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2015-03-11 09:43:49 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2015-03-11 09:43:49 ----A---- C:\Windows\system32\smss.exe 2015-03-11 09:43:49 ----A---- C:\Windows\system32\rrinstaller.exe 2015-03-11 09:43:49 ----A---- C:\Windows\system32\pcadm.dll 2015-03-11 09:43:49 ----A---- C:\Windows\system32\AudioEng.dll 2015-03-11 09:43:49 ----A---- C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\spwmp.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\mfps.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\mfpmp.exe 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\dxmasf.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\appidapi.dll 2015-03-11 09:43:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\srclient.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\spwmp.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\setbcdlocale.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcawrk.exe 2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcalua.exe 2015-03-11 09:43:48 ----A---- C:\Windows\system32\pcaevts.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\msmmsp.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\mfps.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\mfpmp.exe 2015-03-11 09:43:48 ----A---- C:\Windows\system32\EncDump.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\dxmasf.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\csrsrv.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 09:43:48 ----A---- C:\Windows\system32\appidapi.dll 2015-03-11 09:43:48 ----A---- C:\Windows\system32\apisetschema.dll 2015-03-11 09:43:47 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2015-03-11 09:43:47 ----A---- C:\Windows\system32\wmploc.DLL 2015-03-11 09:43:46 ----A---- C:\Windows\SYSWOW64\mferror.dll 2015-03-11 09:43:46 ----A---- C:\Windows\system32\mferror.dll 2015-03-11 09:43:10 ----A---- C:\Windows\system32\rdpcorets.dll 2015-03-11 09:43:09 ----A---- C:\Windows\system32\rdpudd.dll 2015-03-11 09:43:08 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 09:42:21 ----A---- C:\Windows\SYSWOW64\ubpm.dll 2015-03-11 09:42:21 ----A---- C:\Windows\system32\ubpm.dll 2015-03-11 09:42:18 ----A---- C:\Windows\system32\shell32.dll 2015-03-11 09:42:17 ----A---- C:\Windows\SYSWOW64\shell32.dll 2015-03-11 09:42:06 ----A---- C:\Windows\system32\schannel.dll 2015-03-11 09:42:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2015-03-11 09:42:06 ----A---- C:\Windows\system32\drivers\cng.sys 2015-03-11 09:42:05 ----A---- C:\Windows\system32\lsasrv.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\secur32.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\schannel.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\credssp.dll 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2015-03-11 09:42:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\wdigest.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\TSpkg.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\sspisrv.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\sspicli.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\secur32.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\ncrypt.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\msv1_0.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\msobjs.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\msaudite.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\lsass.exe 2015-03-11 09:42:04 ----A---- C:\Windows\system32\kerberos.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2015-03-11 09:42:04 ----A---- C:\Windows\system32\credssp.dll 2015-03-11 09:42:04 ----A---- C:\Windows\system32\auditpol.exe 2015-03-11 09:42:04 ----A---- C:\Windows\system32\adtschema.dll 2015-03-11 09:41:09 ----A---- C:\Windows\SYSWOW64\msctf.dll 2015-03-11 09:41:09 ----A---- C:\Windows\system32\msctf.dll 2015-03-11 09:41:06 ----A---- C:\Windows\system32\WindowsCodecs.dll 2015-03-11 09:41:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2015-03-11 09:40:57 ----A---- C:\Windows\system32\win32k.sys 2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-03-11 09:40:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-03-11 09:40:53 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-03-11 09:40:53 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-03-11 09:40:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-03-11 09:40:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-03-11 09:40:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 09:40:51 ----A---- C:\Windows\system32\iernonce.dll 2015-03-11 09:40:51 ----A---- C:\Windows\system32\ie4uinit.exe 2015-03-11 09:40:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-03-11 09:40:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-03-11 09:40:48 ----A---- C:\Windows\system32\urlmon.dll 2015-03-11 09:40:48 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 09:40:48 ----A---- C:\Windows\system32\iedkcs32.dll 2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-03-11 09:40:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-03-11 09:40:47 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 09:40:47 ----A---- C:\Windows\system32\msfeeds.dll 2015-03-11 09:40:47 ----A---- C:\Windows\system32\dxtrans.dll 2015-03-11 09:40:46 ----A---- C:\Windows\system32\iesetup.dll 2015-03-11 09:40:46 ----A---- C:\Windows\system32\ieapfltr.dll 2015-03-11 09:40:45 ----A---- C:\Windows\system32\iertutil.dll 2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-03-11 09:40:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-03-11 09:40:43 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-03-11 09:40:43 ----A---- C:\Windows\system32\jsproxy.dll 2015-03-11 09:40:43 ----A---- C:\Windows\system32\ieUnatt.exe 2015-03-11 09:40:42 ----A---- C:\Windows\system32\ieui.dll 2015-03-11 09:40:42 ----A---- C:\Windows\system32\ieframe.dll 2015-03-11 09:40:42 ----A---- C:\Windows\system32\dxtmsft.dll 2015-03-11 09:40:41 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-03-11 09:40:41 ----A---- C:\Windows\system32\mshtmled.dll 2015-03-11 09:40:41 ----A---- C:\Windows\system32\jscript9diag.dll 2015-03-11 09:40:41 ----A---- C:\Windows\system32\jscript9.dll 2015-03-11 09:40:40 ----A---- C:\Windows\system32\wininet.dll 2015-03-11 09:40:40 ----A---- C:\Windows\system32\vbscript.dll 2015-03-11 09:40:39 ----A---- C:\Windows\system32\msrating.dll 2015-03-11 09:40:39 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-03-11 09:40:39 ----A---- C:\Windows\system32\mshtml.dll 2015-03-11 09:37:26 ----A---- C:\Windows\system32\WMPhoto.dll 2015-03-11 09:37:25 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll 2015-03-09 13:51:47 ----D---- C:\Program Files (x86)\GPLGS 2015-03-09 13:51:29 ----A---- C:\Windows\system32\cpwmon64.dll 2015-03-09 13:51:28 ----D---- C:\Program Files (x86)\Acro Software ======List of files/folders modified in the last 1 month====== 2015-04-06 17:47:27 ----D---- C:\Windows\Temp 2015-04-06 17:46:05 ----D---- C:\Users\Ingr\AppData\Roaming\uTorrent 2015-04-06 17:45:15 ----RD---- C:\Program Files 2015-04-06 17:29:24 ----SHD---- C:\Windows\Installer 2015-04-06 17:29:15 ----RD---- C:\Program Files (x86) 2015-04-06 17:27:30 ----SHD---- C:\System Volume Information 2015-04-06 17:25:39 ----D---- C:\Windows 2015-04-06 17:25:03 ----D---- C:\Program Files (x86)\Personal Video Database 2015-04-06 17:24:28 ----D---- C:\CSD 2015-04-06 17:24:01 ----AD---- C:\ProgramData\Temp 2015-04-06 17:17:28 ----D---- C:\Windows\system32\config 2015-04-06 17:00:42 ----D---- C:\Windows\Prefetch 2015-04-06 16:45:40 ----D---- C:\ProgramData\MFAData 2015-04-03 07:00:36 ----D---- C:\Windows\System32 2015-04-03 07:00:36 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-04-03 07:00:35 ----D---- C:\Windows\inf 2015-03-27 09:28:15 ----D---- C:\Windows\pss 2015-03-27 09:19:06 ----D---- C:\Windows\Logs 2015-03-27 09:09:32 ----D---- C:\Users\Ingr\AppData\Roaming\Spotify 2015-03-26 09:22:28 ----D---- C:\Windows\winsxs 2015-03-26 09:19:46 ----SD---- C:\Windows\system32\CompatTel 2015-03-26 09:19:45 ----D---- C:\Windows\system32\wbem 2015-03-26 09:19:45 ----D---- C:\Windows\system32\appraiser 2015-03-26 09:19:45 ----D---- C:\Windows\AppPatch 2015-03-25 22:02:03 ----D---- C:\Aldfaer 2015-03-24 15:38:43 ----D---- C:\Users\Ingr\AppData\Roaming\Nero 2015-03-24 15:38:37 ----D---- C:\Windows\system32\Tasks 2015-03-24 15:35:33 ----D---- C:\ProgramData\Package Cache 2015-03-24 15:35:11 ----D---- C:\ProgramData\Nero 2015-03-24 14:26:46 ----D---- C:\Program Files\Bonjour 2015-03-24 14:26:46 ----D---- C:\Program Files (x86)\Bonjour 2015-03-24 14:26:45 ----D---- C:\Windows\SysWOW64 2015-03-24 13:44:34 ----D---- C:\Users\Ingr\AppData\Roaming\Kodi 2015-03-24 09:10:58 ----D---- C:\Windows\system32\drivers 2015-03-24 09:10:43 ----D---- C:\Windows\system32\DriverStore 2015-03-24 09:08:33 ----D---- C:\Program Files\Common Files\System 2015-03-24 09:06:34 ----D---- C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8} 2015-03-24 08:27:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-23 09:19:29 ----D---- C:\Users\Ingr\AppData\Roaming\3EB11C59-1424695033-E111-9ED5-DC0EA1B82B45 2015-03-19 11:14:05 ----HD---- C:\ProgramData 2015-03-18 19:30:15 ----D---- C:\Windows\MiniDump 2015-03-15 19:00:09 ----D---- C:\Windows\debug 2015-03-14 18:06:43 ----D---- C:\AdwCleaner 2015-03-14 17:59:01 ----D---- C:\Program Files (x86)\QuickTime 2015-03-14 17:56:21 ----D---- C:\Program Files (x86)\Astonsoft 2015-03-14 12:47:11 ----D---- C:\ProgramData\CanonIJPLM 2015-03-13 09:01:41 ----D---- C:\ProgramData\Microsoft Help 2015-03-12 21:37:47 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-03-12 21:37:47 ----D---- C:\Windows\SYSWOW64\Dism 2015-03-12 21:37:47 ----D---- C:\Program Files\Windows Media Player 2015-03-12 21:37:47 ----D---- C:\Program Files (x86)\Windows Media Player 2015-03-12 21:37:46 ----D---- C:\Windows\system32\nl-NL 2015-03-12 21:37:46 ----D---- C:\Windows\system32\Dism 2015-03-12 21:37:45 ----D---- C:\Windows\system32\CodeIntegrity 2015-03-12 21:37:45 ----D---- C:\Windows\system32\Boot 2015-03-12 21:37:41 ----D---- C:\Windows\SYSWOW64\en-US 2015-03-12 21:37:41 ----D---- C:\Windows\system32\en-US 2015-03-12 21:37:41 ----D---- C:\Program Files\Internet Explorer 2015-03-12 21:37:40 ----D---- C:\Program Files (x86)\Internet Explorer 2015-03-12 09:48:50 ----RSD---- C:\Windows\assembly 2015-03-12 09:44:36 ----A---- C:\Windows\win.ini 2015-03-12 09:44:28 ----D---- C:\Windows\system32\MRT 2015-03-12 09:28:56 ----A---- C:\Windows\system32\MRT.exe 2015-03-11 10:56:05 ----D---- C:\Windows\Microsoft.NET 2015-03-11 09:36:53 ----D---- C:\Windows\system32\catroot2 2015-03-11 09:12:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2015-03-09 10:52:13 ----D---- C:\Users\Ingr\AppData\Roaming\DVD Flick 2015-03-09 10:21:01 ----D---- C:\ProgramData\NtiDvdCopy 2015-03-09 09:49:22 ----D---- C:\ProgramData\ALLPlayer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2013-06-18 82048] R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2013-06-18 35456] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-14 50976] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-12 10207232] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-12 317952] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704] R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-05-04 60928] R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-05-04 13312] R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752] R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-09-13 88616] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-11-12 138024] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-06 2826984] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 455888] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-03-26 18432] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-04-18 82816] R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2013-06-18 2609784] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-16 16896] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-08-17 53376] S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2014-03-19 76496] S3 gmhidlow;HID Mouse Lower Filter; C:\Windows\system32\DRIVERS\gmhidlow.sys [2013-06-18 14720] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056] S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-12 204288] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 BroadCamService;BroadCam Video Streaming Server; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2013-06-12 2591304] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360] R2 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-08-02 872552] R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-05-30 36456] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-04-22 244624] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192] R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe [2007-10-12 71096] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-13 144640] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-12-21 390672] R2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2015-02-03 16216] R2 Seagate MobileBackup Service;Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2015-02-03 157992] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2014-07-12 49152] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888] S2 a1851772;System Booster; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544] S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-09 1486664] S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-26 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-17 148080] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-24 50432] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-27 1255736] S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------

Hier zijn de nieuwe logjes: # AdwCleaner v2.007 - Verslag gemaakt op 12/11/2012 om 10:10:09 # Geactualiseerd op 06/11/2012 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : Ingrid - PC_VAN_INGRID # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Ingrid\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files\Mozilla FireFox\Components\AskSearch.js File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml File Verwijdert : C:\user.js File Verwijdert : C:\Users\Ingrid\AppData\Local\funmoods-speeddial.crx File Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\searchplugins\Conduit.xml File Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\searchplugins\search.xml File Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\searchplugins\SearchResults.xml File Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\searchplugins\SweetIm.xml File Verwijdert : C:\Windows\system32\conduitEngine.tmp File Verwijdert : C:\Windows\system32\Macromed\Flash\FlashPlayerTrust\UnifiedToolbar.cfg Map Verwijdert : C:\Program Files\AVG Secure Search Map Verwijdert : C:\Program Files\Bandoo Map Verwijdert : C:\Program Files\ConduitEngine Map Verwijdert : C:\Program Files\GenealogieWerkbalk Map Verwijdert : C:\Program Files\Ilivid Map Verwijdert : C:\Program Files\Windows iLivid Toolbar Map Verwijdert : C:\Program Files\Yontoo Map Verwijdert : C:\ProgramData\AVG Secure Search Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\blekko toolbars Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\Tarma Installer Map Verwijdert : C:\ProgramData\Trymedia Map Verwijdert : C:\Users\Gast\AppData\LocalLow\Bandoo Map Verwijdert : C:\Users\Gast\AppData\LocalLow\Search Settings Map Verwijdert : C:\Users\Gast\AppData\LocalLow\Searchqutoolbar Map Verwijdert : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\jbhycdnk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} Map Verwijdert : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\jbhycdnk.default\Searchqutoolbar Map Verwijdert : C:\Users\Ingrid\AppData\Local\AVG Secure Search Map Verwijdert : C:\Users\Ingrid\AppData\Local\Conduit Map Verwijdert : C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj Map Verwijdert : C:\Users\Ingrid\AppData\Local\Ilivid Player Map Verwijdert : C:\Users\Ingrid\AppData\Local\OpenCandy Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\AGI Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\AVG Secure Search Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\Bandoo Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\ConduitEngine Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\FunWebProducts Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\GenealogieWerkbalk Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\Kiwee Toolbar Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\searchquband Map Verwijdert : C:\Users\Ingrid\AppData\LocalLow\Searchqutoolbar Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Babylon Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Bandoo Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\Conduit Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\ConduitCommon Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\ConduitEngine Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\CT2567693 Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\{d2ab2732-a124-4fb2-8da5-4a6a9e379331} Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\ffxtlbr@babylon.com Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\ffxtlbr@funmoods.com Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\plugin@yontoo.com Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\extensions\staged Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\FCTB Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\Searchqutoolbar Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\SweetIMToolbarData Map Verwijdert : C:\Users\Ingrid\AppData\Roaming\OpenCandy Map Verwijdert : C:\Users\Ingrid\Documents\Software Verwijdert bij het opstarten : C:\Program Files\Common Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AGI Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\GenealogieWerkbalk Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\searchqutoolbar Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Toolbar Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\AVG Secure Search Sleutel Verwijdert : HKCU\Software\BabylonToolbar Sleutel Verwijdert : HKCU\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki Sleutel Verwijdert : HKCU\Software\IGearSettings Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownloader Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1 Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods Web Search Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GenealogieWerkbalk Toolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 406 MediaBar Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2340376-FA00-45C4-A3DB-BAE7A9367EC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260E0CC-0F75-462E-88A3-1E05C248BF4C} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2340376-FA00-45C4-A3DB-BAE7A9367EC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods Web Search Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKLM\Software\AGI Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\Software\BabylonToolbar Sleutel Verwijdert : HKLM\Software\Bandoo Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A5461FCA-320C-4D6F-A150-A53823CE8142} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BHO.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\contenthandler.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{11D7D054-698A-4D89-A2F7-357C8F33EBAB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Conduit.Engine Sleutel Verwijdert : HKLM\SOFTWARE\Classes\f Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoods.dskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoodsApp.appCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT1460988 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2404617 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2425831 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2438727 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2464976 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2567693 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Sleutel Verwijdert : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Sleutel Verwijdert : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\GenealogieWerkbalk Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijdert : HKLM\Software\ilivid Sleutel Verwijdert : HKLM\Software\Iminent Sleutel Verwijdert : HKLM\Software\Messenger Plus!\OpenCandy Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC43C60-082A-4601-8897-47EF83E545E8} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B6F79C3-708F-411F-B6A2-6A712A9388B7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4558AB4-8BEE-41CA-9BE9-11C6B5C5CFBE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11D7D054-698A-4D89-A2F7-357C8F33EBAB} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GenealogieWerkbalk Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijdert : HKLM\Software\SearchquMediabarTb Sleutel Verwijdert : HKLM\Software\Tarma Installer Sleutel Verwijdert : HKLM\Software\TENCENT Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C2340376-FA00-45C4-A3DB-BAE7A9367EC9}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2340376-FA00-45C4-A3DB-BAE7A9367EC9}] Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Verwijdert : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Original Tabs] = hxxp://toolbar.aol.com/browserpages/newtab-winamp-ie-en-us.html --> hxxp://www.google.com -\\ Mozilla Firefox v11.0 (nl) Profielnaam : default File : C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\prefs.js C:\Users\Ingrid\AppData\Roaming\Mozilla\Firefox\Profiles\jz4kbo37.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT2567693..clientLogIsEnabled", true); Verwijdert : user_pref("CT2567693..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Verwijdert : user_pref("CT2567693..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Verwijdert : user_pref("CT2567693.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Verwijdert : user_pref("CT2567693.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijdert : user_pref("CT2567693.AppTrackingLastCheckTime", "Sun Jan 15 2012 15:50:58 GMT+0100"); Verwijdert : user_pref("CT2567693.BrowserCompStateIsOpen_129454535022294167", true); Verwijdert : user_pref("CT2567693.BrowserCompStateIsOpen_129454535022762919", true); Verwijdert : user_pref("CT2567693.BrowserCompStateIsOpen_129454535023544171", true); Verwijdert : user_pref("CT2567693.CTID", "CT2567693"); Verwijdert : user_pref("CT2567693.CurrentServerDate", "15-1-2012"); Verwijdert : user_pref("CT2567693.DialogsAlignMode", "LTR"); Verwijdert : user_pref("CT2567693.DialogsGetterLastCheckTime", "Sun Jan 15 2012 15:50:50 GMT+0100"); Verwijdert : user_pref("CT2567693.DownloadReferralCookieData", ""); Verwijdert : user_pref("CT2567693.EMailNotifierPollDate", "Tue Aug 17 2010 23:09:21 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedLastCount129132861965778220", 511); Verwijdert : user_pref("CT2567693.FeedPollDate128746777097562523", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746777252093961", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746777461468985", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746790824594437", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746790988031938", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791145844439", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791280844460", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791444750814", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791615375007", "Tue Aug 17 2010 23:09:20 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791787562545", "Tue Aug 17 2010 23:09:21 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746791931312886", "Tue Aug 17 2010 23:09:21 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746792089906714", "Tue Aug 17 2010 23:09:21 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedPollDate128746792196156845", "Tue Aug 17 2010 23:09:21 GMT+0200"); Verwijdert : user_pref("CT2567693.FeedTTL128746777252093961", 60); Verwijdert : user_pref("CT2567693.FeedTTL128746777461468985", 60); Verwijdert : user_pref("CT2567693.FeedTTL128746791787562545", 5); Verwijdert : user_pref("CT2567693.FeedTTL128746792089906714", 30); Verwijdert : user_pref("CT2567693.FeedTTL128746792196156845", 30); Verwijdert : user_pref("CT2567693.FirstServerDate", "16-5-2010"); Verwijdert : user_pref("CT2567693.FirstTime", true); Verwijdert : user_pref("CT2567693.FirstTimeFF3", true); Verwijdert : user_pref("CT2567693.FixPageNotFoundErrors", true); Verwijdert : user_pref("CT2567693.GroupingServerCheckInterval", 1440); Verwijdert : user_pref("CT2567693.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijdert : user_pref("CT2567693.HasUserGlobalKeys", true); Verwijdert : user_pref("CT2567693.HomePageProtectorEnabled", false); Verwijdert : user_pref("CT2567693.HomepageBeforeUnload", "hxxp://www.searchqu.com//406"); Verwijdert : user_pref("CT2567693.Initialize", true); Verwijdert : user_pref("CT2567693.InitializeCommonPrefs", true); Verwijdert : user_pref("CT2567693.InstallationAndCookieDataSentCount", 3); Verwijdert : user_pref("CT2567693.InstalledDate", "Sun May 16 2010 12:23:20 GMT+0200"); Verwijdert : user_pref("CT2567693.InvalidateCache", false); Verwijdert : user_pref("CT2567693.IsAlertDBUpdated", true); Verwijdert : user_pref("CT2567693.IsGrouping", false); Verwijdert : user_pref("CT2567693.IsMulticommunity", false); Verwijdert : user_pref("CT2567693.IsOpenThankYouPage", false); Verwijdert : user_pref("CT2567693.IsOpenUninstallPage", true); Verwijdert : user_pref("CT2567693.LanguagePackLastCheckTime", "Sun Jan 15 2012 15:50:47 GMT+0100"); Verwijdert : user_pref("CT2567693.LanguagePackReloadIntervalMM", 1440); Verwijdert : user_pref("CT2567693.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijdert : user_pref("CT2567693.LastLogin_2.5.8.6", "Sat Jan 29 2011 16:52:45 GMT+0100"); Verwijdert : user_pref("CT2567693.LastLogin_3.2.3.3", "Mon Jan 09 2012 20:15:58 GMT+0100"); Verwijdert : user_pref("CT2567693.LastLogin_3.9.0.3", "Sun Jan 15 2012 15:50:47 GMT+0100"); Verwijdert : user_pref("CT2567693.LatestVersion", "3.9.0.3"); Verwijdert : user_pref("CT2567693.Locale", "nl-nl"); Verwijdert : user_pref("CT2567693.LoginCache", 4); Verwijdert : user_pref("CT2567693.MCDetectTooltipHeight", "83"); Verwijdert : user_pref("CT2567693.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijdert : user_pref("CT2567693.MCDetectTooltipWidth", "295"); Verwijdert : user_pref("CT2567693.MyStuffEnabledAtInstallation", true); Verwijdert : user_pref("CT2567693.RadioIsPodcast", false); Verwijdert : user_pref("CT2567693.RadioLastCheckTime", "Sun Jan 15 2012 15:50:47 GMT+0100"); Verwijdert : user_pref("CT2567693.RadioLastUpdateIPServer", "3"); Verwijdert : user_pref("CT2567693.RadioLastUpdateServer", "129261087718300000"); Verwijdert : user_pref("CT2567693.RadioMediaID", "20988805"); Verwijdert : user_pref("CT2567693.RadioMediaType", "Media Player"); Verwijdert : user_pref("CT2567693.RadioMenuSelectedID", "EBRadioMenu_CT256769320988805"); Verwijdert : user_pref("CT2567693.RadioShrinkedFromSetup", false); Verwijdert : user_pref("CT2567693.RadioStationName", "Amor%20FM%20105.4%20%5BNetherlands%5D"); Verwijdert : user_pref("CT2567693.RadioStationURL", "hxxp://wm0.xs4all.nl/radio-amorfm"); Verwijdert : user_pref("CT2567693.SHRINK_TOOLBAR", 1); Verwijdert : user_pref("CT2567693.SavedHomepage", "hxxp://nl.msn.com"); Verwijdert : user_pref("CT2567693.SearchEngine", "Zoek||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&[...] Verwijdert : user_pref("CT2567693.SearchEngineBeforeUnload", "Search the Web"); Verwijdert : user_pref("CT2567693.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("CT2567693.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT256[...] Verwijdert : user_pref("CT2567693.SearchInNewTabEnabled", true); Verwijdert : user_pref("CT2567693.SearchInNewTabIntervalMM", 1440); Verwijdert : user_pref("CT2567693.SearchInNewTabLastCheckTime", "Sun Jan 15 2012 15:50:48 GMT+0100"); Verwijdert : user_pref("CT2567693.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Verwijdert : user_pref("CT2567693.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Verwijdert : user_pref("CT2567693.SearchProtectorEnabled", false); Verwijdert : user_pref("CT2567693.SearchProtectorToolbarDisabled", false); Verwijdert : user_pref("CT2567693.ServiceMapLastCheckTime", "Sun Jan 15 2012 15:50:45 GMT+0100"); Verwijdert : user_pref("CT2567693.SettingsCheckIntervalMin", 120); Verwijdert : user_pref("CT2567693.SettingsLastCheckTime", "Sun Jan 15 2012 15:50:45 GMT+0100"); Verwijdert : user_pref("CT2567693.SettingsLastUpdate", "1322558301"); Verwijdert : user_pref("CT2567693.ThirdPartyComponentsInterval", 504); Verwijdert : user_pref("CT2567693.ThirdPartyComponentsLastCheck", "Mon Jan 09 2012 16:15:51 GMT+0100"); Verwijdert : user_pref("CT2567693.ThirdPartyComponentsLastUpdate", "1277123454"); Verwijdert : user_pref("CT2567693.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2567693"); Verwijdert : user_pref("CT2567693.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Verwijdert : user_pref("CT2567693.UserID", "UN41362924549621544"); Verwijdert : user_pref("CT2567693.WeatherNetwork", ""); Verwijdert : user_pref("CT2567693.WeatherPollDate", "Tue Aug 17 2010 23:29:28 GMT+0200"); Verwijdert : user_pref("CT2567693.WeatherUnit", "C"); Verwijdert : user_pref("CT2567693.alertChannelId", "960558"); Verwijdert : user_pref("CT2567693.backendstorage._gpl_firstrun10100", "31333236313232313731"); Verwijdert : user_pref("CT2567693.backendstorage.ct2567693ads1", "25374225323261647325323225334125354225374225323[...] Verwijdert : user_pref("CT2567693.backendstorage.ct2567693current_term", ""); Verwijdert : user_pref("CT2567693.backendstorage.ct2567693sdate", "39"); Verwijdert : user_pref("CT2567693.backendstorage.d_date_ginyas1", "31333236313232313630323531"); Verwijdert : user_pref("CT2567693.backendstorage.d_ginyas1", "30"); Verwijdert : user_pref("CT2567693.backendstorage.for_aoi", "31333136303938313237"); Verwijdert : user_pref("CT2567693.backendstorage.for_ccid", "4C65657577617264656E"); Verwijdert : user_pref("CT2567693.backendstorage.for_cdtr6", "31333136303938313237"); Verwijdert : user_pref("CT2567693.backendstorage.for_cid", "4E4C"); Verwijdert : user_pref("CT2567693.backendstorage.for_ip", "38302E35372E39382E3931"); Verwijdert : user_pref("CT2567693.backendstorage.for_lcut", "31333236313232313630"); Verwijdert : user_pref("CT2567693.backendstorage.for_pid", "31303132"); Verwijdert : user_pref("CT2567693.backendstorage.for_rid", "3032"); Verwijdert : user_pref("CT2567693.backendstorage.for_zoneid", "3130313132"); Verwijdert : user_pref("CT2567693.backendstorage.ginyasstest", "676F6F64"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.miniquarium_closed",[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://dl_gameplaylabs_com/items/conduit._gpl_firstrun10100", "3[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_affid", "6D7367706C75735F6[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_bbrs_leadlasturl", "687474[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_bguid", "6D7367706C75735F6[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_lba", "3232313130363530"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_lba1", "323031322D312D3135[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadshistorydate", "3135")[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadsinternalimp", "30"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadsmax_daily_messages", [...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadsmaxml", "2D2D"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadspiximp", "30"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadsprevious_timestamppol[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadssendmareq", "30"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://rv_ginyas_com/app/conduit.bbrs_leadsversion", "32"); Verwijdert : user_pref("CT2567693.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_affid", "4E65746865726C[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_bguid", "4E65746865726C[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba", "3232313032303335[...] Verwijdert : user_pref("CT2567693.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba1", "323031322D312D3[...] Verwijdert : user_pref("CT2567693.clientLogIsEnabled", true); Verwijdert : user_pref("CT2567693.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Verwijdert : user_pref("CT2567693.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Verwijdert : user_pref("CT2567693.globalFirstTimeInfoLastCheckTime", "Sun Jan 15 2012 15:50:49 GMT+0100"); Verwijdert : user_pref("CT2567693.homepageProtectorEnableByLogin", true); Verwijdert : user_pref("CT2567693.initDone", true); Verwijdert : user_pref("CT2567693.isAppTrackingManagerOn", true); Verwijdert : user_pref("CT2567693.isFirstRadioInstallation", false); Verwijdert : user_pref("CT2567693.myStuffEnabled", true); Verwijdert : user_pref("CT2567693.myStuffPublihserMinWidth", 400); Verwijdert : user_pref("CT2567693.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Verwijdert : user_pref("CT2567693.myStuffServiceIntervalMM", 1440); Verwijdert : user_pref("CT2567693.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijdert : user_pref("CT2567693.oldAppsList", "129132861961715587,129132861961871840,111,129132861963278130,129[...] Verwijdert : user_pref("CT2567693.revertSettingsEnabled", true); Verwijdert : user_pref("CT2567693.searchProtectorDialogDelayInSec", 10); Verwijdert : user_pref("CT2567693.searchProtectorEnableByLogin", true); Verwijdert : user_pref("CT2567693.testingCtid", ""); Verwijdert : user_pref("CT2567693.toolbarAppMetaDataLastCheckTime", "Sun Jan 15 2012 15:50:47 GMT+0100"); Verwijdert : user_pref("CT2567693.toolbarContextMenuLastCheckTime", "Sun Jan 15 2012 15:50:47 GMT+0100"); Verwijdert : user_pref("CT2567693.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2567693/CT2567693[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/NL", "\"0\"")[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2567693", [...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2567693",[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"7043fff7ebd57e[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2567693&octid=[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2567693/CT2567693[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=nl-nl", "\"[...] Verwijdert : user_pref("CommunityToolbar.EngineOwner", "CT2567693"); Verwijdert : user_pref("CommunityToolbar.EngineOwnerGuid", "{d2ab2732-a124-4fb2-8da5-4a6a9e379331}"); Verwijdert : user_pref("CommunityToolbar.EngineOwnerToolbarId", "messenger_plus_live_netherlands"); Verwijdert : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Verwijdert : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Ingrid\\AppData\\Roaming\\Mozilla\\[...] Verwijdert : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2567693"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{d2ab2732-a124-4fb2-8da5-4a6a9e379331}"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "messenger_plus_live_netherlands"); Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www3.searchonthego.net/search.php[...] Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2567693,ConduitEngine"); Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2567693"); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jan 09 2012 16:15:51 GMT+0100"); Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.locale", "en"); Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jan 09 2012 16:15:51 GMT+0100"); Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false); Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Verwijdert : user_pref("CommunityToolbar.alert.userId", "b03ca8ce-7823-43ee-acaa-2b01d3a9798f"); Verwijdert : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Sep 15 2011 16:48:40 GMT+0200"); Verwijdert : user_pref("CommunityToolbar.globalUserId", "a83e3983-9f2b-4d2e-a0b1-7beb6630b007"); Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Verwijdert : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2567693"); Verwijdert : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jan 15 2012 15:50:4[...] Verwijdert : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Verwijdert : user_pref("CommunityToolbar.notifications.locale", "en"); Verwijdert : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Verwijdert : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 15 2012 15:50:46 GMT+0100"); Verwijdert : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Verwijdert : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Verwijdert : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Verwijdert : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Verwijdert : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Verwijdert : user_pref("CommunityToolbar.notifications.userId", "f06a4115-1d5c-42b3-b18a-2bb7644bf8f6"); Verwijdert : user_pref("ConduitEngine.FirstServerDate", "01/29/2011 18"); Verwijdert : user_pref("ConduitEngine.FirstTime", true); Verwijdert : user_pref("ConduitEngine.FirstTimeFF3", true); Verwijdert : user_pref("ConduitEngine.HasUserGlobalKeys", true); Verwijdert : user_pref("ConduitEngine.Initialize", true); Verwijdert : user_pref("ConduitEngine.InitializeCommonPrefs", true); Verwijdert : user_pref("ConduitEngine.InstalledDate", "Sat Jan 29 2011 16:53:23 GMT+0100"); Verwijdert : user_pref("ConduitEngine.IsMulticommunity", false); Verwijdert : user_pref("ConduitEngine.IsOpenThankYouPage", false); Verwijdert : user_pref("ConduitEngine.IsOpenUninstallPage", true); Verwijdert : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jan 09 2012 16:15:55 GMT+0100"); Verwijdert : user_pref("ConduitEngine.LastLogin_3.2.3.3", "Mon Jan 09 2012 19:15:57 GMT+0100"); Verwijdert : user_pref("ConduitEngine.PublisherContainerWidth", 0); Verwijdert : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 09 2012 19:15:55 GMT+0100"); Verwijdert : user_pref("ConduitEngine.UserID", "UN99789303280224918"); Verwijdert : user_pref("ConduitEngine.engineLocale", "nl"); Verwijdert : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jan 09 2012 16:15:55 GMT+0100"); Verwijdert : user_pref("ConduitEngine.initDone", true); Verwijdert : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.1.0.3"); Verwijdert : user_pref("avg.install.userHPSettings", "hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2Y[...] Verwijdert : user_pref("backup.old.browser.startup.homepage", "hxxp://search.babylon.com/?affID=114350&tt=040912_[...] Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Verwijdert : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=114350&tt=040912_ctrl_3612_4&babsr[...] Verwijdert : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Verwijdert : user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live Netherlands Customized Web S[...] Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2Y1L[...] Verwijdert : user_pref("extensions.BabylonToolbar.admin", false); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Verwijdert : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Verwijdert : user_pref("extensions.BabylonToolbar.babExt", ""); Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "affID=114350&tt=040912_ctrl_3612_4"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", "15"); Verwijdert : user_pref("extensions.BabylonToolbar.cntry", "NL"); Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Verwijdert : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.hdrMd5", "EF32B49ED753D3FDC0C032DFBDD4FB9C"); Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", false); Verwijdert : user_pref("extensions.BabylonToolbar.id", "40cc9732000000000000000cf6de6540"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15587"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1223:14:22"); Verwijdert : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Verwijdert : user_pref("extensions.BabylonToolbar.newTab", false); Verwijdert : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"43\",\"lastVrsn\":\"43\",\"vrsnLoad\[...] Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.sg", "tzb"); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "tzb"); Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1223:14:22"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Verwijdert : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar_i.babExt", ""); Verwijdert : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114350&tt=040912_ctrl_3612_4"); Verwijdert : user_pref("extensions.BabylonToolbar_i.hardId", "40cc9732000000000000000cf6de6540"); Verwijdert : user_pref("extensions.BabylonToolbar_i.id", "40cc9732000000000000000cf6de6540"); Verwijdert : user_pref("extensions.BabylonToolbar_i.instlDay", "15470"); Verwijdert : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar_i.newTab", false); Verwijdert : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109217&tt=100512_1[...] Verwijdert : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1223:14:22"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Verwijdert : user_pref("extensions.enabledAddons", "plugin@yontoo.com:1.20.00,thepiratebay@mafiaafire.com:0.2.2.2[...] Verwijdert : user_pref("extensions.funmoods.aflt", "nv1"); Verwijdert : user_pref("extensions.funmoods.autoRvrt", false); Verwijdert : user_pref("extensions.funmoods.brwsrsrc", "ietlbr"); Verwijdert : user_pref("extensions.funmoods.cntry", "NL"); Verwijdert : user_pref("extensions.funmoods.cv", "cv5"); Verwijdert : user_pref("extensions.funmoods.dfltLng", ""); Verwijdert : user_pref("extensions.funmoods.dfltSrch", true); Verwijdert : user_pref("extensions.funmoods.dfltlng", "en"); Verwijdert : user_pref("extensions.funmoods.dfltsrch", "false"); Verwijdert : user_pref("extensions.funmoods.dnsErr", true); Verwijdert : user_pref("extensions.funmoods.envrmnt", "production"); Verwijdert : user_pref("extensions.funmoods.excTlbr", false); Verwijdert : user_pref("extensions.funmoods.hdrMd5", "0783E3F57631BD5B5D7506626136A176"); Verwijdert : user_pref("extensions.funmoods.hmpg", false); Verwijdert : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzutAtN2[...] Verwijdert : user_pref("extensions.funmoods.hrdid", "40cc9732000000000000000cf6de6540"); Verwijdert : user_pref("extensions.funmoods.id", "40cc9732000000000000000cf6de6540"); Verwijdert : user_pref("extensions.funmoods.instlDay", "15502"); Verwijdert : user_pref("extensions.funmoods.instlRef", "nv1"); Verwijdert : user_pref("extensions.funmoods.instlday", "15502"); Verwijdert : user_pref("extensions.funmoods.instlref", "nv1"); Verwijdert : user_pref("extensions.funmoods.isdcmntcmplt", true); Verwijdert : user_pref("extensions.funmoods.keywordurl", ""); Verwijdert : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2214:14:18"); Verwijdert : user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); Verwijdert : user_pref("extensions.funmoods.newTab", true); Verwijdert : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzutAt[...] Verwijdert : user_pref("extensions.funmoods.newtab", true); Verwijdert : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzutAt[...] Verwijdert : user_pref("extensions.funmoods.prdct", "funmoods"); Verwijdert : user_pref("extensions.funmoods.prtnrId", "funmoods"); Verwijdert : user_pref("extensions.funmoods.prtnrid", "funmoods"); Verwijdert : user_pref("extensions.funmoods.savedVrsnTs", "1"); Verwijdert : user_pref("extensions.funmoods.sg", "none"); Verwijdert : user_pref("extensions.funmoods.smplGrp", "none"); Verwijdert : user_pref("extensions.funmoods.smplgrp", "none"); Verwijdert : user_pref("extensions.funmoods.srch", ""); Verwijdert : user_pref("extensions.funmoods.srchPrvdr", "Search"); Verwijdert : user_pref("extensions.funmoods.srchprvdr", "Search"); Verwijdert : user_pref("extensions.funmoods.tlbrId", "base"); Verwijdert : user_pref("extensions.funmoods.tlbrSrchUrl", ""); Verwijdert : user_pref("extensions.funmoods.tlbrid", "base"); Verwijdert : user_pref("extensions.funmoods.tlbrsrchurl", ""); Verwijdert : user_pref("extensions.funmoods.vrsn", "1.5.23.22"); Verwijdert : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2214:14:18"); Verwijdert : user_pref("extensions.funmoods.vrsni", "1.5.23.22"); Verwijdert : user_pref("extensions.funmoods.vrsnts", "1.5.23.2214:14:18"); Verwijdert : user_pref("extensions.funmoods_i.newTab", true); Verwijdert : user_pref("extensions.funmoods_i.smplGrp", "none"); Verwijdert : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2214:14:18"); Verwijdert : user_pref("extensions.snipit.askTbInstalled", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 15); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 15); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1350297838192"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "hxxp%3A//www.searchqu[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Secure-zoeken"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.comp.affiliate.2810218.disabled", false); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "37"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "C74B7503CDAE3E8935EF431EA4054BC8429B[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "73238177"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "95771cabe80c851abeffd3649c261618864[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781"); Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar")[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "64e3a27980eeceb34248bc3e680b[...] Verwijdert : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", true); Verwijdert : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={6C707132-C929-4E6B-83DD-734EA78795F9}&[...] Verwijdert : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Verwijdert : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Verwijdert : user_pref("sweetim.toolbar.mode.debug", "false"); Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www3.yoog.com/search.php?q="); Verwijdert : user_pref("sweetim.toolbar.search.history", "p2000"); Verwijdert : user_pref("sweetim.toolbar.search.history.capacity", "10"); Verwijdert : user_pref("sweetim.toolbar.simapp_id", "{13DB33CD-8CDD-433D-91E2-1260F2D626BE}"); Verwijdert : user_pref("sweetim.toolbar.version", "1.0.0.8"); Verwijdert : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar"); Profielnaam : default File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\jbhycdnk.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v23.0.1271.64 File : C:\Users\Ingrid\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [58836 octets] - [12/11/2012 10:10:09] ########## EOF - C:\AdwCleaner[s1].txt - [58897 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:03:33, on 12-11-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Windows\System32\nvraidservice.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\dvd43\DVD43_Tray.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\System32\mobsync.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Ingrid\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra 'Tools' menuitem: &Instellingen voor Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - Unknown owner - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: DCMessages - Global Graphics Software Ltd - C:\Windows\System32\DCMessages.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- End of file - 17107 bytes

Hallo, Nog even een vraagje. Gisteren na het posten van mijn logjes, dacht ik dat het wel een goed idee zou zijn om schijfdefragmentatie te doen. Ik heb deze gisteren aangezet en tot dit moment toe is hij er nog steeds mee bezig. Bij windows xp kon ik altijd zien hoever hij was in het proces, een analyse wat schijfgebruik voor en na de defragmentatie zou zijn etc. Nu met vista zie ik alleen het menu in beeld met daarin het schema, schema aanpassen, volumes selecteren en nu defragmenteren. In het verleden heb ik dit ook wel gedaan, maar heb toen de computer na een tijd uitgezet, dus ik weet ook niet of je ook een logje krijgt over hoe de defragmentatie is verlopen. Is er een mogelijk om het gehele proces te volgen, zien hoever het proces is en wat het heeft gedaan? - - - Updated - - - Zou iemand tevens mijn eerder gestelde vraag kunnen beantwoorden? Alvast bedankt!

Naast hijackthis heb ik net ook nog malwarebytes gedraaid, daar heb ik het volgende logje van opgeslagen en voor de zekerheid nu ook maar op mijn bureaublad omdat hij het de vorige keer niet had opgeslagen. Ik heb alles aangevinkt en het programma is nu bezig om de troep te verwijderen. De pc zegt alleen in de balk bovenin het programma dat het programma reageert niet. Maar de pc klinkt wel druk, dus laat ik het voorlopig gewoon draaien en kijk ik over een tijdje wel of het gelukt is. Dit was het logje: Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.11.11.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Ingrid :: PC_VAN_INGRID [administrator] Realtime bescherming: Uitgeschakeld 11-11-2012 12:13:37 mbam-log-2012-11-11 (12-40-16).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 255408 Verstreken tijd: 14 minuut/minuten, 18 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 28 HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Geen actie ondernomen. HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Geen actie ondernomen. HKCR\Typelib\{2EE92BCA-74C4-4D4B-88DA-DB9F9E3C9F93} (Trojan.BHO) -> Geen actie ondernomen. HKCR\Interface\{8CBB349A-6B7B-445B-8296-1586B859E942} (Trojan.BHO) -> Geen actie ondernomen. HKCR\CLSID\{10000000-1000-1000-1000-100000000000} (Trojan.BHO) -> Geen actie ondernomen. HKCR\TBSB05288.TBSB05288.3 (Trojan.BHO) -> Geen actie ondernomen. HKCR\TBSB05288.TBSB05288 (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10000000-1000-1000-1000-100000000000} (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10000000-1000-1000-1000-100000000000} (Trojan.BHO) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB05288.TBSB05288Toolbar (Trojan.BHO) -> Geen actie ondernomen. HKCR\CLSID\{6714ADBD-C6C1-42A8-BD84-9C9339059421} (Trojan.BHO) -> Geen actie ondernomen. HKCR\Toolbar3.TBSB05288.1 (Trojan.BHO) -> Geen actie ondernomen. HKCR\Toolbar3.TBSB05288 (Trojan.BHO) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6714ADBD-C6C1-42A8-BD84-9C9339059421} (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6714ADBD-C6C1-42A8-BD84-9C9339059421} (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6714ADBD-C6C1-42A8-BD84-9C9339059421} (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\6df8bb5a-6d8e-1bca-6af0-062076ef76b1 (Adware.AdRotator) -> Geen actie ondernomen. HKCR\TBSB05288.IEToolbar (Trojan.BHO) -> Geen actie ondernomen. HKCR\TBSB05288.IEToolbar.1 (Trojan.BHO) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Geen actie ondernomen. HKCU\Software\WEK9EMDHI9 (Trojan.Agent) -> Geen actie ondernomen. HKCU\Software\YVIBBBHA8C (Trojan.Agent) -> Geen actie ondernomen. HKLM\SOFTWARE\p2pmax (Adware.P2Pmax) -> Geen actie ondernomen. HKLM\SOFTWARE\ppcbooster (Malware.Trace) -> Geen actie ondernomen. HKLM\SOFTWARE\runit (Malware.Trace) -> Geen actie ondernomen. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\p2pmax (Malware.Trace) -> Geen actie ondernomen. Registerwaarden gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{10000000-1000-1000-1000-100000000000} (Trojan.BHO) -> Data: -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{10000000-1000-1000-1000-100000000000} (Trojan.BHO) -> Data: -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Geen actie ondernomen. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Geen actie ondernomen. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 7 C:\Users\Ingrid\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Geen actie ondernomen. Bestanden gedetecteerd: 54 C:\Program Files\IEToolbar\ECO Bar\ecobar.dll (Trojan.BHO) -> Geen actie ondernomen. C:\Windows\System32\6df8bb5a-6d8e-1bca-6af0-062076ef76b1.exe (Adware.AdRotator) -> Geen actie ondernomen. C:\Windows\System32\brc_Server.dat (Backdoor.Bot) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836167 (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836686 (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836770.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836879.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D8369EF.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836ABA.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0D836B95 (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0DAE2810.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0DAE29A6.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0DAE2BC8.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Cache\0DAE2CC2.bin (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut3.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut3b.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\repmidsm.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebsearch) -> Geen actie ondernomen. C:\Users\Ingrid\AppData\LocalLow\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebsearch) -> Geen actie ondernomen. (einde)

Hallo, Sorry voor de late reactie. Ik had/ heb grote problemen nu met mijn pc. Ik was klaar met het draaien van ccleaner en herstart windows. Toen kwam er in beeld dat Microsoft Security Essentials een probleem had gevonden en dat mijn pc mogelijk niet beschermd zou zijn. Ik heb toen op nu scannen gedrukt en vervolgens vond hij een probleem, dat was iets in system32 en had de naam van opencandy zo goed ik me herinner. Ik kon toen kiezen voor opschonen, daar heb ik op geklikt, toen had hij lang werk nodig, moest ik de pc herstarten en dit duurde lang, wel meer dan 10minuten, hij was al bij het bureaublad, maar bleef daar hangen. Ik heb toen na nog 5 minuten wachten op het laatst de pc uitgedaan door de aan/uit knop ingedrukt te houden. Dit was denk ik een fout die ik niet had moeten doen. de pc werkte daarna bijna helemaal niet meer. Zeer traag, druk met van alles en nog wat, wilde bijna niet opstarten. Dus ik dacht laat ik een systeemherstel doen, dit werkte niet, nog eens een systeemherstel vanaf een ander punt, nog geen succes, toen nog 1 gedaan. Dit werkte allemaal niet, daarna kon ik geen systeemherstel meer uitvoeren. Kreeg errors in beeld. Googlechrome en andere programma's wilden niet meer starten, kreeg de melding dat ze dll bestanden enzo misten. Nu de pc weer opgestart en nu kom ik wel op internet. De pc is druk bezig, geen idee waarmee, hij ratelt maar door. Tevens komt dat microsoft security essentials ook weer in beeld. Wat moet ik hiermee doen? Ik heb nu tevens maar weer een hijack logje gemaakt, volgens mijn staan er weer oude fouten in. Wat kan ik nu het beste doen om mijn pc weer normaal te krijgen? Hopelijk is het allemaal nog te repareren en moet ik niet opnieuw windows installeren. Dit is het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:01:58, on 11-11-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Windows\System32\nvraidservice.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\dvd43\DVD43_Tray.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Users\Ingrid\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\System32\mobsync.exe C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Ingrid\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Corel\Standby\Standby.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - (no file) R3 - URLSearchHook: GenealogieWerkbalk Toolbar - {c2340376-fa00-45c4-a3db-bae7a9367ec9} - C:\Program Files\GenealogieWerkbalk\prxtbGen0.dll R3 - URLSearchHook: (no name) - {69d1a568-ffdf-4ef5-8919-7003582e0ee8} - (no file) R3 - URLSearchHook: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: TBSB05288 Class - {6714ADBD-C6C1-42A8-BD84-9C9339059421} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: Loader Class - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: GenealogieWerkbalk - {c2340376-fa00-45c4-a3db-bae7a9367ec9} - C:\Program Files\GenealogieWerkbalk\prxtbGen0.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: ECO Bar - {10000000-1000-1000-1000-100000000000} - C:\Program Files\IEToolbar\ECO Bar\ecobar.dll O3 - Toolbar: Kiwee Toolbar - {1c99b848-84cb-4ce4-8cd8-ed5719484d9f} - mscoree.dll (file missing) O3 - Toolbar: GenealogieWerkbalk Toolbar - {c2340376-fa00-45c4-a3db-bae7a9367ec9} - C:\Program Files\GenealogieWerkbalk\prxtbGen0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Ingrid\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [AVG PC Tuneup] "C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe" -UseTray O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Ingrid\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB0.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; InfoPath.2; .NET CLR 3.0.30729; HYVES)" -"http://www.king.com/play.jsp?tournamentId=3780" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [AVG PC Tuneup] "C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe" -UseTray (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [spotify Web Helper] "C:\Users\Ingrid\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?') O4 - HKUS\S-1-5-21-2885663270-3905816761-3658334378-1000\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB0.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; InfoPath.2; .NET CLR 3.0.30729; HYVES)" -"http://www.king.com/play.jsp?tournamentId=3780" (User '?') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra 'Tools' menuitem: &Instellingen voor Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\iebho.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - Unknown owner - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: DCMessages - Global Graphics Software Ltd - C:\Windows\System32\DCMessages.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- End of file - 22429 bytes

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.11.04.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Ingrid :: PC_VAN_INGRID [administrator] Realtime bescherming: Ingeschakeld 4-11-2012 20:12:36 mbam-log-2012-11-04 (20-12-36).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 254751 Verstreken tijd: 9 minuut/minuten, 17 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

Oja.... Ik heb AVG free als virus scanner, maar er staat ook nog AVG pc tuneup op de pc. Is het noodzakelijk deze op de pc te hebben of kan deze worden verwijderd? - - - Updated - - - Ja dat klopt Asus, maar daar staat echt alleen maar dat logje wat ik in bovenstaande bericht heb gezet. Ik heb zowel onder het tabblad als in de bestanden zelf gezocht, maar dit logje is de enige die ik kan vinden. Ik laat Malwarebytes nu nogmaals een scan doen voor de zekerheid.