Ga naar inhoud

ULT

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    16

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door ULT

  1. ULT
    Geen merkbare problemen meer! Lijkt alles nu goed / beter? Moet eerlijk zijn dat het een behoorlijke tijd geleden is dat er echt iets aan gedaan is..
  2. ULT
    Opnieuw bedankt. Log: # AdwCleaner v3.310 - Rapport aangemaakt 28/09/2014 op 23:40:47 # Laatste Update 12/09/2014 door Xplode # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits) # Gebruikersnaam : Lammert - LAMMERT-PC # Gestart vanuit : C:\Users\Lammert\Downloads\adwcleaner_3.310.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Program Files\Skillbrains Map Verwijderd : C:\Users\Lammert\AppData\Local\Skillbrains Map Verwijderd : C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio Bestand Verwijderd : C:\Users\Lammert\AppData\LocalLow\SkwConfig.bin ***** [ Taken ] ***** Taak Verwijderd : update-sys Taak Verwijderd : update-S-1-5-21-2583579890-3109938321-3288942902-1001 ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LightShot] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasapi32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasmancs Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_messenger-reviver_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_messenger-reviver_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2009_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2009_RASMANCS Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Sleutel Verwijderd : HKCU\Software\1ClickDownload Sleutel Verwijderd : HKCU\Software\APN PIP Sleutel Verwijderd : HKCU\Software\BabylonToolbar Sleutel Verwijderd : HKCU\Software\Conduit Sleutel Verwijderd : HKCU\Software\Grand Virtual Sleutel Verwijderd : HKCU\Software\IM Sleutel Verwijderd : HKCU\Software\ImInstaller Sleutel Verwijderd : HKCU\Software\InstallCore Sleutel Verwijderd : HKCU\Software\SkillBrains Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKCU\Software\SupHpUISoft Sleutel Verwijderd : HKCU\Software\SweetIM Sleutel Verwijderd : HKCU\Software\WNLT Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijderd : HKLM\SOFTWARE\AVG Secure Search Sleutel Verwijderd : HKLM\SOFTWARE\Babylon Sleutel Verwijderd : HKLM\SOFTWARE\Conduit Sleutel Verwijderd : HKLM\SOFTWARE\istartsurfSoftware Sleutel Verwijderd : HKLM\SOFTWARE\PIP Sleutel Verwijderd : HKLM\SOFTWARE\SkillBrains Sleutel Verwijderd : HKLM\SOFTWARE\SupDp Sleutel Verwijderd : HKLM\SOFTWARE\SupTab Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsMangerProtect Sleutel Verwijderd : HKLM\SOFTWARE\SweetIM Sleutel Verwijderd : HKLM\SOFTWARE\WNLT Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Mozilla Firefox v30.0 (nl) [ Bestand : C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\prefs.js ] -\\ Google Chrome v38.0.2114.2 [ Bestand : C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [search Provider] : hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=& Verwijderd [search Provider] : hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&affID=18474&mntrId=20a2baee0000000000000011d8682b3a Verwijderd [search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=102&systemid=406&q={searchTerms} Verwijderd [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2304157 Verwijderd [search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms} Verwijderd [search Provider] : hxxp://docs.opencart.com/dosearchsite.action?queryString={searchTerms} Verwijderd [search Provider] : hxxp://css-tricks.com/search-results/?q={searchTerms} Verwijderd [search Provider] : hxxp://nl.softonic.com/s/{searchTerms} ************************* AdwCleaner[R0].txt - [12209 octets] - [28/09/2014 23:38:11] AdwCleaner[s0].txt - [12344 octets] - [28/09/2014 23:40:47] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12405 octets] ##########
  3. ULT
    Virusscanner upgegrade naar AVG 2015.
  4. ULT
    Bedankt! Antivirus: Zal deze direct updaten. Log:Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by Lammert on za 27-09-2014 at 17:58:23,53. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Lammert\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 27-9-2014 18:05:50 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Citrix deleted successfully C:\Program Files\PSQLINSTALL deleted successfully C:\PROGRA~2\ALM deleted successfully C:\PROGRA~2\Babylon deleted successfully C:\PROGRA~2\IePluginServices deleted successfully C:\PROGRA~2\ZoomBrowser deleted successfully C:\Users\Lammert\AppData\Roaming\BandExtend deleted successfully C:\Users\Lammert\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Lammert\AppData\Roaming\Vesus deleted successfully C:\Users\Lammert\AppData\Local\Conduit deleted successfully C:\Users\Lammert\AppData\Local\CutePDF Writer deleted successfully C:\Users\Lammert\AppData\Local\DirectDownloader deleted successfully C:\Users\Lammert\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Trntv deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Trntv deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webinstr deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\webinstr deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default user.js not found ---- Lines istart removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.istartsurf.com/newtab/?type=nt&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"); user_pref("browser.search.defaultenginename", "istartsurf"); user_pref("browser.search.selectedEngine", "istartsurf"); user_pref("browser.startup.homepage", "http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"); ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- FireFox user.js and prefs.js backups ---- prefs_27-09-2014_1820_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command] @="C:\\Program Files\\Mozilla Firefox\\firefox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\Lammert\AppData\Roaming\BandExtend not found C:\ProgramData\IePluginServices not found C:\Program Files\SupTab deleted C:\Program Files\ver3BetterMarkIt deleted C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com deleted C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\staged deleted C:\ProgramData\WindowsMangerProtect deleted C:\Users\Lammert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 deleted C:\Program Files\Mozilla Firefox\defaults\preferences\autoconfig.js deleted C:\Program Files\Conduit deleted C:\found.000 deleted C:\Users\Lammert\AppData\Roaming\ZoomBrowser EX deleted C:\Users\Lammert\AppData\Roaming\per.bat deleted C:\Users\Lammert\AppData\Roaming\Babylon deleted C:\PROGRA~2\SweetIM deleted C:\Users\Lammert\AppData\Local\cache deleted C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx deleted C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\System32\dmwu.exe deleted C:\Users\Lammert\Downloads\SoftonicDownloader_voor_anti-update-patch-voor-windows-live-messenger-8-5.exe deleted C:\Users\Lammert\Downloads\SoftonicDownloader_voor_messenger-reviver.exe deleted C:\Users\Lammert\Downloads\SoftonicDownloader_voor_msn-messenger-8-5.exe deleted C:\Users\Lammert\Downloads\SoftonicDownloader_voor_windows-live-messenger-2009.exe deleted C:\Users\Lammert\AppData\LocalLow\PriceGong deleted C:\Users\Lammert\AppData\LocalLow\Conduit deleted C:\Windows\system32\drivers\webinstr.sys deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\ImHttpComm.dll deleted C:\Windows\System32\jmdp deleted C:\Windows\System32\ARFC deleted C:\Windows\System32\WNLT deleted C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\conduit-search.xml deleted C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart Search.xml deleted C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\Sweetpacks Search.xml deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted C:\Users\Lammert\Desktop\Torntv Downloader.lnk deleted C:\Users\Lammert\AppData\Roaming\svchost.exe deleted C:\Users\Lammert\AppData\Local\TempFullTiltPokerEuSetup.exe deleted "C:\Windows\tasks\BetterMarkIt Update.job" deleted "C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart.xml" deleted "C:\Windows\Installer\2db607d.msi" deleted "C:\Windows\Installer\2db6090.msi" deleted "C:\Program Files\Mozilla Firefox\browser\searchplugins\istartsurf.xml" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\CMUtils.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\Interop.IWshRuntimeLibrary.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.Dht.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\CMUtils.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\Interop.IWshRuntimeLibrary.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.Dht.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.dll" deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe" deleted "C:\Program Files\SweetIM\Communicator\mgcommon.dll" deleted "C:\Program Files\SweetIM\Communicator\mgcommunication.dll" deleted "C:\Program Files\SweetIM\Communicator\mgsimcommon.dll" deleted "C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll" deleted "C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted "C:\Program Files\SweetIM\Communicator\mgcommon.dll" deleted "C:\Program Files\SweetIM\Communicator\mgcommunication.dll" deleted "C:\Program Files\SweetIM\Communicator\mgsimcommon.dll" deleted "C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll" deleted "C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted "C:\Program Files\SweetIM" not deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com" not deleted "C:\Program Files\SweetIM" not deleted "C:\Users\Lammert\AppData\Roaming\TornTV.com" not deleted "C:\Program Files\SweetIM\Communicator" not deleted "C:\Program Files\SweetIM\Communicator" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Lammert\AppData\Local\Temp ==== 2014-09-26 07:28:04 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Lammert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl7abpv.dll 2014-09-25 22:06:20 FB85BC0071CF2479F2BD76E1F395E420 98304 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.exe 2014-09-25 22:06:20 613064ACFBD1BB3C885FACB304795D83 406528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\TixR2.exe 2014-09-25 22:06:20 5C6A5FE8CED6619BC14BFC5DDE43EBC2 86528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.dll 2014-09-25 15:31:12 6945CB4718E4E83CD1EF673E8933887B 7170408 ----a-w- C:\Users\Lammert\AppData\Local\Temp\CitrixUpdates\GoToMeeting\1694\G2MCoreInstExtractor.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-24 10:44:31 C263F3E7E0523556964D661BC7CB9565 2048 ----a-w- C:\Windows\System32\tzres.dll ====== C:\Windows\system32\drivers ===== 2014-09-25 22:07:01 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_webinstr_01009.Wdf ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-27 10:30:10 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Lammert\AppData\Roaming ====== 2014-09-26 07:32:21 -------- d-sh--w- C:\Users\Lammert\AppData\Locallow\EmieUserList 2014-09-26 07:32:21 -------- d-sh--w- C:\Users\Lammert\AppData\Locallow\EmieSiteList 2014-09-25 22:05:58 -------- d-----w- C:\Users\Lammert\AppData\Roaming\TornTV.com ====== C:\Users\Lammert ====== 2014-09-27 10:29:12 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Lammert\Downloads\RSIT.exe 2014-09-18 19:15:53 33A5B53825E6DEF2073DF020E4266921 2003352 ----a-w- C:\Users\Lammert\Downloads\CuteWriter.exe ====== C: exe-files == 2014-09-27 10:30:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Lammert.exe 2014-09-25 22:06:20 FB85BC0071CF2479F2BD76E1F395E420 98304 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.exe 2014-09-25 22:06:20 613064ACFBD1BB3C885FACB304795D83 406528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\TixR2.exe 2014-09-25 15:31:12 6945CB4718E4E83CD1EF673E8933887B 7170408 ----a-w- C:\Users\Lammert\AppData\Local\Temp\CitrixUpdates\GoToMeeting\1694\G2MCoreInstExtractor.exe 2014-09-25 12:33:11 DF6D99835DF28BB67876F46B16632782 584000 ----a-w- C:\Program Files\PokerStars\backup\gameutil1.exe 2014-09-25 12:33:11 294D73284C4207E339C6AB6A6BF64EB4 489792 ----a-w- C:\Program Files\PokerStars\backup\gameutil2.exe 2014-09-24 16:19:17 DBCE9BC36F0148F6C3991134BB9A62EC 371848 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000063de\DRS update.13728286.exe 2014-09-22 17:11:28 69CE796E3BC4F05166792FB6A7A78490 5503536 ----a-w- C:\Program Files\AVG\AVG10\avgcremx.exe === C: other files == 2014-09-25 22:08:54 B36EB1A19A37432B5475A7635D85FCBA 1051731 ----a-w- C:\ProgramData\AVG10\IDS\quarantine\731a115c-0000-1000-8000-000000000000.zip 2014-09-25 22:08:43 7F943DF98D328C5F888AAF2C49DE3B2F 323212 ----a-w- C:\ProgramData\AVG10\IDS\quarantine\218c1a42-0000-1000-8000-000000000000.zip 2014-09-25 22:07:59 1E36A920E3FCE279BD021B4C72F2C9C1 394185 ----a-w- C:\Users\Lammert\AppData\Local\Temp\scoped_dir_19092_22165\newtabv3.crx 2014-09-25 22:07:43 1E36A920E3FCE279BD021B4C72F2C9C1 394185 ----a-w- C:\Users\Lammert\AppData\Local\Temp\scoped_dir_22860_14608\newtabv3.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe" "WinDefender"="C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe" "LightShot"="C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe" [HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1005\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "spchecker"="C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="C:\Program Files\AVG\AVG10\avgtray.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin" "Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" "Adobe_ID0ENQBO"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "AdobeCS5.5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin" "SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "WinampAgent"="C:\Program Files\Winamp\winampa.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe" "WinDefender"="C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe" "LightShot"="C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk" "backup"="C:\\Windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\GAMERS~1\\LIVE!\\Live.exe /silent" "item"="GamersFirst LIVE!" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Lammert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Lammert\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Lammert\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" ==== Startup Folders ====================== 2014-09-18 08:59:05 1053 ----a-w- C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-09-2013 09:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14-07-2013 22:18] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core.job --a------ C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [13-01-2012 14:13] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA.job --a------ C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [13-01-2012 14:13] C:\Windows\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [25-03-2014 18:44] C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [25-03-2014 18:44] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core" [C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA" [C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001" [C:\Program Files\Skillbrains\Updater\Updater.exe] "C:\Windows\system32\tasks\update-sys" [C:\Program Files\Skillbrains\Updater\Updater.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{70D3BDD7-9591-5D4E-560C-2AF0C6DEBAED}"="C:\Program Files\ver3BetterMarkIt\178.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default - Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Lammert\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 CEBC703D0423C181A2BA4AEB06AA874A - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner + ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 3E0EB8CC0526CF152C80628A7EBAD7C3 - C:\Users\Lammert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player FFF2362F6B4A46D4BC1D147E79A7547B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller 4A9325C8C85F54CB32F8954542D6B85A - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin 6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 77B645B655759F574B2555276FA111D9 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Lammert\AppData\Local\Temp\crxE4D4.tmp[] jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx[09-09-2011 04:11] ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\mjcm\SweetNT.crx[24-06-2014 15:09] pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx[] Google Slides - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Bejeweled - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm Google Docs - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Firebug Lite for Google Chromeâ„¢ - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench Last updated at time on date - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Finance - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp Google Sheets - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Analytics Opt-out Add-on by Google - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh AdBlock - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Yesware Email Tracking - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp Hola Better Internet - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio DolceGabbana - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih Free online speed typing tests find whats your WPM words per minute speed improve your typing skills and practice typing. - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm AVG Safe Search - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Google Analytics Debugger - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna PT - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke StayFocusd - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji Graph.tk - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk Google Wallet - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Picky Wallpapers - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj Gmail - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}" "Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X" "Start Page"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X" "Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Mozilla\Firefox\Extensions\{70D3BDD7-9591-5D4E-560C-2AF0C6DEBAED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\Lammert\Desktop\Adobe Dreamweaver CS5.5.lnk - C:\Program Files\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe C:\Users\Lammert\Desktop\Adobe Photoshop CS5.1.lnk - C:\Program Files\Adobe\Adobe Photoshop CS5.1\Photoshop.exe C:\Users\Lammert\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe C:\Users\Lammert\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf C:\Users\Lammert\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Lammert\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Lammert\Desktop\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Lammert\Desktop\PartyCasino.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyCasino C:\Users\Lammert\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker C:\Users\Lammert\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe C:\Users\Lammert\Desktop\PokerStars.EU.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe C:\Users\Lammert\Desktop\War Rock.lnk - C:\Program Files\GamersFirst\War Rock\WRLauncher.exe C:\Users\Lammert\Desktop\XAMPP Control Panel.lnk - C:\xampp\xampp-control.exe C:\Users\Lammert\Desktop\P\888poker.lnk - C:\Program Files\PacificPoker\bin\888poker.exe C:\Users\Lammert\Desktop\P\Betfair.com Poker.lnk - C:\Poker\Betfair.com Poker\casino.exe C:\Users\Lammert\Desktop\P\Black Chip Poker.lnk - C:\Program Files\BlackChipPoker\client.exe C:\Users\Lammert\Desktop\P\BovadaPoker.lnk - C:\Bovada\BovadaPoker.exe C:\Users\Lammert\Desktop\P\Everest Poker.lnk - C:\Program Files\Everest Poker\CStart.exe C:\Users\Lammert\Desktop\P\Full Tilt Poker.lnk - C:\Program Files\Full Tilt Poker\FullTiltPoker.exe C:\Users\Lammert\Desktop\P\Gala Casino Poker.lnk - C:\Poker\Gala Casino Poker\casino.exe C:\Users\Lammert\Desktop\P\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker C:\Users\Lammert\Desktop\P\Poker at bet365.lnk - C:\Poker\Poker at bet365\casino.exe C:\Users\Lammert\Desktop\P\PokerStrategy.com Equilab.lnk - C:\Program Files\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe C:\Users\Lammert\Desktop\P\William Hill Poker.lnk - C:\Poker\William Hill Poker\casino.exe C:\Users\Lammert\Desktop\P\Nieuwe map\Betraiser Poker.lnk - C:\Programs\Betraiser\Poker\betraiser.exe C:\Users\Lammert\Desktop\P\Nieuwe map\HoldemManager2.lnk - C:\Program Files\Holdem Manager 2\HoldemManager.exe C:\Users\Lammert\Desktop\P\Nieuwe map\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe C:\Users\Lammert\Desktop\P\Nieuwe map\PokerStove.lnk - C:\Program Files\PokerStove\PokerStove.exe C:\Users\Lammert\Desktop\P\Nieuwe map\Sure Bet Poker Com.lnk - C:\Users\Lammert\AppData\Local\Sure Bet Poker Com\Loader.exe C:\Users\Lammert\Desktop\P\Nieuwe map\TestPokerStars.com.lnk - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Digital Photo Professional.lnk - C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Lammert\Desktop\PROGRAMMAS\EOS Utility.lnk - C:\Program Files\Canon\EOS Utility\EOS Utility.exe C:\Users\Lammert\Desktop\PROGRAMMAS\EVEREST Home Edition.lnk - C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe C:\Users\Lammert\Desktop\PROGRAMMAS\FileZilla Client.lnk - C:\Program Files\FileZilla FTP Client\filezilla.exe C:\Users\Lammert\Desktop\PROGRAMMAS\GamersFirst LIVE.lnk - C:\Users\Lammert\Desktop\PROGRAMMAS\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\McUICnt.exe SecurityScanner.dll C:\Users\Lammert\Desktop\PROGRAMMAS\Minesweeper.lnk - C:\Users\Lammert\Desktop\PROGRAMMAS\PaxForex MT 4 Terminal.lnk - C:\Program Files\PaxForex MT 4 Terminal\terminal.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Lammert\Desktop\PROGRAMMAS\SonicStage.lnk - C:\Program Files\Sony\SonicStage\Omgjbox.exe C:\Users\Lammert\Desktop\PROGRAMMAS\War Rock.lnk - C:\Program Files\GamersFirst\War Rock\WRLauncher.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\Lammert\Desktop\PROGRAMMAS\Xfire.lnk - C:\Program Files\Xfire\Xfire.exe C:\Users\Lammert\Desktop\PROGRAMMAS\ZoomBrowser EX.lnk - C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe C:\Users\postgres\Desktop\888poker.lnk - C:\Program Files\PacificPoker\bin\888poker.exe C:\Users\postgres\Desktop\EVEREST Home Edition.lnk - C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe C:\Users\postgres\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe C:\Users\postgres\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe C:\Users\UpdatusUser\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe C:\Users\UpdatusUser\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BitTorrent.lnk - C:\Program Files\BitTorrent\BitTorrent.exe C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files\Webteh\BSPlayer\bsplayer.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk - C:\Program Files\Full Tilt Poker.Eu\FullTiltPokerEU.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe istartsurf C:\Users\Public\Desktop\PDF-Viewer.lnk - C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Users\Public\Desktop\TraScript.lnk - C:\Program Files\TraScript\mirc.exe -r"C:\Users\Lammert\AppData\Roaming\TraScript\" C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Learn More.lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\5.1.4.9\learnmore.url C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Lightshot .lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Uninstall LightShot.lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\unins000.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe istartsurf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\Try Free CutePDF Editor.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\PDF Writer\Readme.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files\Webteh\BSPlayer\bsplayer.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyCasino.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyCasino C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk - C:\Program Files\PokerStove\PokerStove.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TestPokerStars.com.lnk - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk - C:\Program Files\WinMerge\WinMergeU.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5959ed024c366a0d\Forex trading application.lnk - C:\Program Files\Markets.com MarketTrader\fx_loader.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Full Tilt Poker.lnk - C:\Program Files\Full Tilt Poker\FullTiltPoker.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Publisher 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PokerStars.EU.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Lammert\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully ==== Empty IE Cache ====================== C:\Users\Lammert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lammert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=704 folders=224 89954076 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Lammert\AppData\Local\Temp will be emptied at reboot C:\Users\postgres\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Lammert\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\SweetIM" not found "C:\Users\Lammert\AppData\Roaming\TornTV.com" not found "C:\Program Files\SweetIM" not found "C:\Users\Lammert\AppData\Roaming\TornTV.com" not found ==== EOF on za 27-09-2014 at 18:40:43,06 ======================
  5. ULT
    Nadat mijn laptop door jullie nagekeken is, en inmiddels weer uitstekend functioneert - hartelijk dank hiervoor - is het tijd voor mijn pc. Klachten: - pc is al tijden verschrikkelijk langzaam, is al een behoorlijke tijd niet veel aan gedaan. - sinds enkele dagen last van spyware - adds by bettermarket - zie ook: Screenshot by Lightshot Alvast heel erg bedankt voor het nakijken! Groet, ULT Rsit log: Logfile of random's system information tool 1.10 (written by random/random) Run by Lammert at 2014-09-27 12:30:09 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 45 GB (19%) free of 238 GB Total RAM: 2014 MB (28% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:35:31, on 27-9-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17280) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\5.1.4.9\Lightshot.exe C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Lammert\Downloads\RSIT.exe C:\Program Files\trend micro\Lammert.exe C:\Program Files\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe O4 - HKCU\..\Run: [WinDefender] "C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe" O4 - HKCU\..\Run: [LightShot] C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Policies\Explorer\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2583579890-3109938321-3288942902-1005\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2583579890-3109938321-3288942902-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: TestPokerStars.com - {809132AF-89D2-4d52-AA03-AB4E35BBDC5B} - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Lammert\Desktop\PartyPoker.lnk (HKCU) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Lammert\Desktop\PartyPoker.lnk (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Torntv Downloader (trntv) - Unknown owner - C:\Users\Lammert\AppData\Roaming\TornTV.com\TornTVSvc.exe -- End of file - 13482 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\BetterMarkIt Update.job - C:\Program Files\ver3BetterMarkIt\o3BetterMarkIte87.exe /update C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core.job - C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA.job - C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate C:\Windows\tasks\update-sys.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate =========Mozilla firefox========= ProfilePath - C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default prefs.js - "browser.startup.homepage" - "http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X" "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\ "faststartff@gmail.com"=C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10 "Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] "Description"= "Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher] "Description"=GamersFirst LIVE! Web Launcher "Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin] "Description"=McAfee Mss Plugin "Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame] "Description"=Nexon Game Controller "Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\ faststartff@gmail.com staged C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\ conduit-search.xml MyStart Search.xml MyStart.xml Sweetpacks Search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-09-26 515464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-09-09 2276704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-30 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-30 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480] {EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2012-08-01 2345592] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] "Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232] ""= [] "Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376] "Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608] "AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] "SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-12-09 74752] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-05 7703072] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 136176] "Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224] "WinDefender"=C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe [2012-08-26 4533760] "LightShot"=C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe [2014-06-18 226560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe [2012-09-13 2835096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lammert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-09-13 36414624] C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Lammert\AppData\Roaming\svchost.exe"="C:\Users\Lammert\AppData\Roaming\svchost.exe:*:Enabled:Windows Messanger" "C:\Windows\Temp\svhost.exe"="C:\Windows\Temp\svhost.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.l3fhg"=mp3fhg.acm "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=yv12vfw.dll "msacm.ac3acm"=ac3acm.acm "VIDC.FFDS"=ff_vfw.dll "VIDC.XFR1"=xfcodec.dll "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1" ======List of files/folders created in the last 3 months====== 2014-09-27 12:30:10 ----D---- C:\Program Files\trend micro 2014-09-27 12:30:09 ----D---- C:\rsit 2014-09-26 00:08:45 ----D---- C:\Users\Lammert\AppData\Roaming\BandExtend 2014-09-26 00:08:31 ----D---- C:\ProgramData\IePluginServices 2014-09-26 00:08:25 ----D---- C:\ProgramData\WindowsMangerProtect 2014-09-26 00:08:23 ----D---- C:\Program Files\SupTab 2014-09-26 00:06:47 ----A---- C:\Windows\system32\drivers\webinstr.sys 2014-09-26 00:06:41 ----D---- C:\Program Files\ver3BetterMarkIt 2014-09-26 00:05:58 ----D---- C:\Users\Lammert\AppData\Roaming\TornTV.com 2014-09-24 12:44:31 ----A---- C:\Windows\system32\tzres.dll 2014-09-12 03:25:11 ----A---- C:\Windows\system32\iesetup.dll 2014-09-12 03:25:10 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-09-12 03:25:10 ----A---- C:\Windows\system32\ieui.dll 2014-09-12 03:25:09 ----A---- C:\Windows\system32\jscript9diag.dll 2014-09-12 03:25:08 ----A---- C:\Windows\system32\msrating.dll 2014-09-12 03:25:08 ----A---- C:\Windows\system32\mshtmled.dll 2014-09-12 03:25:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-09-12 03:25:07 ----A---- C:\Windows\system32\jsproxy.dll 2014-09-12 03:25:07 ----A---- C:\Windows\system32\ieUnatt.exe 2014-09-12 03:25:07 ----A---- C:\Windows\system32\ieapfltr.dll 2014-09-12 03:25:07 ----A---- C:\Windows\system32\dxtmsft.dll 2014-09-12 03:25:06 ----A---- C:\Windows\system32\vbscript.dll 2014-09-12 03:25:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-12 03:25:06 ----A---- C:\Windows\system32\iernonce.dll 2014-09-12 03:25:06 ----A---- C:\Windows\system32\dxtrans.dll 2014-09-12 03:25:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-12 03:25:05 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-09-12 03:25:05 ----A---- C:\Windows\system32\msfeeds.dll 2014-09-12 03:25:05 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-09-12 03:25:05 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-09-12 03:25:04 ----A---- C:\Windows\system32\iedkcs32.dll 2014-09-12 03:25:04 ----A---- C:\Windows\system32\ie4uinit.exe 2014-09-12 03:25:01 ----A---- C:\Windows\system32\wininet.dll 2014-09-12 03:25:01 ----A---- C:\Windows\system32\iertutil.dll 2014-09-12 03:25:00 ----A---- C:\Windows\system32\urlmon.dll 2014-09-12 03:25:00 ----A---- C:\Windows\system32\jscript9.dll 2014-09-12 03:24:59 ----A---- C:\Windows\system32\mshtml.dll 2014-09-12 03:24:58 ----A---- C:\Windows\system32\ieframe.dll 2014-09-12 03:24:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 20:28:05 ----A---- C:\Windows\system32\kerberos.dll 2014-09-11 20:28:04 ----A---- C:\Windows\system32\lsasrv.dll 2014-09-11 20:27:01 ----A---- C:\Windows\system32\d3d10warp.dll 2014-09-11 20:26:59 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-08-28 06:05:53 ----A---- C:\Windows\system32\win32k.sys 2014-08-28 06:05:52 ----A---- C:\Windows\system32\gdi32.dll 2014-08-21 08:27:37 ----A---- C:\Windows\system32\wups2.dll 2014-08-21 08:27:37 ----A---- C:\Windows\system32\wuauclt.exe 2014-08-21 08:27:36 ----A---- C:\Windows\system32\wucltux.dll 2014-08-21 08:27:36 ----A---- C:\Windows\system32\wuaueng.dll 2014-08-21 08:27:19 ----A---- C:\Windows\system32\wups.dll 2014-08-21 08:27:19 ----A---- C:\Windows\system32\wudriver.dll 2014-08-21 08:27:19 ----A---- C:\Windows\system32\wuapi.dll 2014-08-21 08:26:38 ----A---- C:\Windows\system32\wuwebv.dll 2014-08-21 08:26:38 ----A---- C:\Windows\system32\wuapp.exe 2014-08-14 03:06:27 ----A---- C:\Windows\system32\infocardapi.dll 2014-08-14 03:06:26 ----A---- C:\Windows\system32\icardres.dll 2014-08-14 03:06:24 ----A---- C:\Windows\system32\icardagt.exe 2014-08-14 03:06:22 ----A---- C:\Windows\system32\TsWpfWrp.exe 2014-08-14 02:14:15 ----A---- C:\Windows\system32\rpcrt4.dll 2014-08-14 02:14:14 ----A---- C:\Windows\system32\drivers\dxgmms1.sys 2014-08-14 02:14:14 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-08-14 02:14:14 ----A---- C:\Windows\system32\cdd.dll 2014-08-14 02:13:19 ----A---- C:\Windows\system32\msi.dll 2014-08-14 02:13:18 ----A---- C:\Windows\system32\msihnd.dll 2014-08-14 02:13:18 ----A---- C:\Windows\system32\consent.exe 2014-08-14 02:13:18 ----A---- C:\Windows\system32\authui.dll 2014-08-14 02:13:14 ----A---- C:\Windows\system32\shell32.dll 2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDYAK.DLL 2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDTAT.DLL 2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDRU1.DLL 2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDRU.DLL 2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDBASH.DLL 2014-07-25 02:35:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll 2014-07-22 22:44:57 ----D---- C:\Users\Lammert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2014-07-18 17:51:33 ----D---- C:\USB-Gerard 2014-07-09 05:41:07 ----A---- C:\Windows\system32\osk.exe 2014-07-09 05:41:00 ----A---- C:\Windows\system32\qedit.dll 2014-07-09 05:40:59 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-09 05:40:55 ----A---- C:\Windows\system32\schannel.dll 2014-07-09 05:40:55 ----A---- C:\Windows\system32\ncrypt.dll 2014-07-09 05:40:55 ----A---- C:\Windows\system32\msv1_0.dll 2014-07-09 05:40:54 ----A---- C:\Windows\system32\wdigest.dll 2014-07-09 05:40:54 ----A---- C:\Windows\system32\TSpkg.dll 2014-07-09 05:40:54 ----A---- C:\Windows\system32\credssp.dll ======List of files/folders modified in the last 3 months====== 2014-09-27 12:30:21 ----D---- C:\Windows\Prefetch 2014-09-27 12:30:10 ----RD---- C:\Program Files 2014-09-27 09:06:42 ----D---- C:\Windows\Temp 2014-09-27 09:06:37 ----D---- C:\Windows\system32\drivers\AVG 2014-09-27 08:07:08 ----D---- C:\Windows\system32\config 2014-09-26 09:39:13 ----D---- C:\Windows\pss 2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\TeamViewer 2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\FileZilla 2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\BitTorrent 2014-09-26 09:34:44 ----D---- C:\Windows\inf 2014-09-26 09:34:43 ----D---- C:\Windows\debug 2014-09-26 09:34:43 ----D---- C:\Windows 2014-09-26 09:31:50 ----D---- C:\Program Files\CCleaner 2014-09-26 09:30:56 ----D---- C:\Windows\System32 2014-09-26 09:29:58 ----D---- C:\Users\Lammert\AppData\Roaming\Skype 2014-09-26 09:29:44 ----D---- C:\Users\Lammert\AppData\Roaming\Dropbox 2014-09-26 09:26:32 ----D---- C:\ProgramData\AVG10 2014-09-26 09:19:04 ----D---- C:\Program Files\Citrix 2014-09-26 09:18:55 ----D---- C:\Windows\Tasks 2014-09-26 09:14:37 ----SHD---- C:\Windows\Installer 2014-09-26 09:14:12 ----SHD---- C:\Config.Msi 2014-09-26 00:13:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-26 00:08:31 ----HD---- C:\ProgramData 2014-09-26 00:07:01 ----D---- C:\Windows\system32\Tasks 2014-09-26 00:07:01 ----D---- C:\Windows\system32\drivers 2014-09-25 23:58:55 ----D---- C:\Program Files\Full Tilt Poker.Eu 2014-09-25 13:38:39 ----SHD---- C:\System Volume Information 2014-09-25 03:02:15 ----D---- C:\Windows\winsxs 2014-09-25 03:01:58 ----D---- C:\Windows\system32\nl-NL 2014-09-24 12:43:01 ----D---- C:\Windows\system32\catroot 2014-09-20 20:00:52 ----D---- C:\Program Files\Mozilla Maintenance Service 2014-09-20 20:00:52 ----D---- C:\Program Files\Mozilla Firefox 2014-09-16 19:50:51 ----D---- C:\Program Files\Full Tilt Poker 2014-09-15 11:07:28 ----D---- C:\Program Files\PokerStars 2014-09-12 20:42:09 ----D---- C:\Users\Lammert\AppData\Roaming\TraScript 2014-09-12 20:01:30 ----D---- C:\Program Files\TraScript 2014-09-12 04:24:30 ----D---- C:\Windows\rescache 2014-09-12 03:44:32 ----D---- C:\Windows\system32\en-US 2014-09-12 03:44:32 ----D---- C:\Program Files\Internet Explorer 2014-09-12 03:35:04 ----D---- C:\Windows\Microsoft.NET 2014-09-12 03:34:10 ----RSD---- C:\Windows\assembly 2014-09-12 03:27:39 ----D---- C:\ProgramData\Microsoft Help 2014-09-12 03:25:39 ----D---- C:\Windows\system32\catroot2 2014-09-12 03:24:12 ----D---- C:\Windows\system32\MRT 2014-09-12 03:06:34 ----A---- C:\Windows\system32\MRT.exe 2014-08-14 03:33:23 ----D---- C:\Windows\PolicyDefinitions 2014-08-14 03:33:23 ----D---- C:\Windows\ehome 2014-08-14 03:33:17 ----RSD---- C:\Windows\Fonts 2014-08-05 14:21:31 ----D---- C:\Windows\system32\WNLT 2014-08-05 14:19:59 ----D---- C:\Program Files\Microsoft Silverlight 2014-07-23 17:54:32 ----D---- C:\Program Files\Google 2014-07-22 21:48:42 ----D---- C:\Users\Lammert\AppData\Roaming\Adobe 2014-07-18 21:21:40 ----D---- C:\Users\Lammert\AppData\Roaming\Winamp 2014-07-18 20:35:01 ----D---- C:\Windows\system32\mjcm 2014-07-18 20:34:41 ----D---- C:\Windows\system32\ARFC 2014-07-18 15:38:24 ----HD---- C:\Windows\system32\GroupPolicy 2014-07-17 13:43:26 ----A---- C:\Windows\system32\dmwu.exe 2014-07-17 13:38:28 ----A---- C:\Windows\system32\ImHttpComm.dll 2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcr80.dll 2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcp80.dll 2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcm80.dll 2014-07-10 03:22:51 ----D---- C:\Program Files\Windows Journal 2014-07-10 03:22:47 ----D---- C:\Windows\system32\Dism ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-12 255968] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-04-05 297168] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R2 webinstr;webinstr; \??\C:\Windows\system32\Drivers\webinstr.sys [2014-09-26 52360] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144] R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 21968] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2012-03-07 231640] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-05 2745760] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944] R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 112968] R2 mysql;mysql; c:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296] R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760] R2 trntv;Torntv Downloader; C:\Users\Lammert\AppData\Roaming\TornTV.com\TornTVSvc.exe [2014-08-19 10240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-26 250568] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-08 655624] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320] S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11 1343400] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  6. ULT
    Opnieuw heel hartelijk bedankt! De log ziet er nu als volgt uit: # AdwCleaner v3.216 - Rapport aangemaakt 24/07/2014 op 23:34:07 # Laatste Update 17/07/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Sent - SENT-PC # Gestart vanuit : C:\Users\Sent\Desktop\adwcleaner_3.216.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v3.6.25 (nl) [ Bestand : C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default\prefs.js ] -\\ Google Chrome v [ Bestand : C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [8927 octets] - [24/07/2014 20:21:55] AdwCleaner[R1].txt - [1042 octets] - [24/07/2014 23:32:56] AdwCleaner[s0].txt - [9098 octets] - [24/07/2014 20:25:39] AdwCleaner[s1].txt - [968 octets] - [24/07/2014 23:34:07] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1027 octets] ##########
  7. ULT
    Beste Jion, Hartelijk bedankt. Ik ben nu al van de vervelende adds af. Het logbericht ziet er als volgt uit: Zoek.exe v5.0.0.0 Updated 24-07-2014 Tool run by Sent on do 24-07-2014 at 21:27:54,72. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sent\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 24-7-2014 21:30:53 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\Users\Sent\AppData\Local\CrashDumps deleted successfully C:\Users\Sent\AppData\Local\CutePDF Writer deleted successfully C:\Users\Sent\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1656333082-1529687371-2864326458-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-1656333082-1529687371-2864326458-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\ParetoLogic not found C:\Program Files (x86)\Common Files\ParetoLogic not found C:\Users\Sent\AppData\Roaming\DriverCure not found C:\Users\Sent\AppData\Roaming\ParetoLogic not found C:\ProgramData\ParetoLogic not found C:\ProgramData\McAfee Security Scan deleted C:\Program Files\Enigma Software Group deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\AVG January 2013 Campaign deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Package Cache deleted C:\Users\Sent\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\Sent\Searches deleted C:\Windows\wininit.ini deleted C:\Windows\tasks\ParetoLogic Update Version3_triggeronce.job deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default\extensions\staged deleted C:\Users\Sent\Desktop\Continue Ccleaner.lnk deleted C:\Users\Sent\AppData\Local\TempFullTiltPokerEuSetup.exe deleted "C:\Windows\tasks\RegCure Pro Startup.job" deleted "C:\Windows\tasks\RegCure Pro_sch_1C1ACAD3-FDFB-11E3-A01A-88AE1DA2FBAB.job" deleted "C:\Windows\Installer\1012d93.msi" deleted "C:\PROGRA~3\6b23133c43fb9f6\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted "C:\PROGRA~3\6b23133c43fb9f6\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted "C:\PROGRA~3\6b23133c43fb9f6\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted "C:\PROGRA~3\6b23133c43fb9f6\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" deleted "C:\PROGRA~3\6b23133c43fb9f6" deleted "C:\Program Files\McAfee Security Scan" not deleted "C:\Program Files\McAfee Security Scan\3.8.150" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Sent\AppData\Local\Temp ==== 2014-07-24 18:30:13 D8BE96BC224FB9A6034A01156A527271 43008 ----a-w- C:\Users\Sent\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl0p7eu.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-24 18:22:46 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll 2014-07-24 17:41:33 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\SBRC.dat 2014-07-10 21:38:30 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-07-10 21:38:27 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-07-10 21:38:22 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-07-10 21:38:22 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-07-10 21:38:22 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-07-10 21:38:22 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 21:38:22 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 21:38:22 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 21:38:22 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-07-10 21:38:19 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 21:38:19 448854C4FE94C0FA329CC38FF103DC74 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 21:38:18 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 21:38:18 E3065F51EE0BB099EAAE48C3FC3A25B6 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 21:38:18 BE0EA764820239F7785410CBE3880086 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 21:38:18 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 21:38:18 91CF46BBB827E461C498A1D7D1A71AD6 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-07-10 21:38:18 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-07-10 21:38:17 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-07-10 21:38:17 42BF66A4DC35DAD3564065173372CCE9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 21:38:16 CE94480E78CC3A1A17B53F2BB65639BD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-07-10 21:38:16 A9F8343A3234FC7A42DDA4569827B411 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 21:38:16 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 21:38:16 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-07-10 21:38:15 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-07-10 21:38:15 F2A99A4293CAF7956FF7801D36D5A3B2 442368 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-07-10 21:38:15 A98E303FCB7058C6E78FD1FBBCBB5EEF 240824 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 21:38:15 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 21:38:14 FDA05E78813F543A6E9AC6B23EC696F2 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 21:38:14 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-07-10 21:38:14 09CBE4B1AEF497FC05493B09EA2C1757 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 21:38:13 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-07-10 21:38:13 8046CF629D8AE766C22145F4A6AFFBE1 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-07-10 21:38:13 557D60DF85D61C290A1D09E7115B294B 62464 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 21:38:13 175A663547805367C10746FC416D4605 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 21:38:13 045A91095A605BB20FF2B37546FE62B0 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-07-10 21:37:37 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-07-10 21:37:37 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-07-10 21:38:37 980394E1FF94E460C4D71C1B098A0B4F 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-07-10 21:38:37 03282D1ADC4F64D27D697CBB63F972C2 519168 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-07-10 21:38:30 F1726E14C8F7B40CD828345890AAF764 3157504 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-07-10 21:38:30 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2014-07-10 21:38:27 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-07-10 21:38:22 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-07-10 21:38:22 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-07-10 21:38:22 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-07-10 21:38:22 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-07-10 21:38:22 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-07-10 21:38:22 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-07-10 21:38:22 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-07-10 21:38:19 FC50DF22550C565DD096ACFAF18A37ED 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-07-10 21:38:18 DA5BAC4C5BDB22BBC6771534EA95AD33 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-07-10 21:38:18 C2F62DF01E3552DB0571FEF4D514675B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-07-10 21:38:18 C0F9F52C36E584C0339406ABF6DA1FBA 266424 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-07-10 21:38:18 5E646AD50848A409291418B5759595B9 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-07-10 21:38:16 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-07-10 21:38:16 391D68668CFC061F26BE593A61F745E0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-07-10 21:38:15 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-07-10 21:38:15 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-07-10 21:38:15 7469D4E046BD7D155CAC2697BD28B58B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-07-10 21:38:15 7176CB0FFAAC3E54ABB2014E821120F9 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-07-10 21:38:15 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-07-10 21:38:14 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-07-10 21:38:14 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-07-10 21:38:13 8B2ADE09864BF3F7AA6D395DAFEC41B5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-07-10 21:38:13 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-07-10 21:38:12 CD76B3D60D28634A67B0AD7CB2E45929 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-07-10 21:38:12 945FA19B388FCF0FEA6124B5FD71C72F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-07-10 21:38:12 854C5F171F5CEE272232AC0286F3B3B9 598016 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-07-10 21:38:12 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-07-10 21:38:12 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-07-10 21:38:11 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-07-10 21:38:11 50FF2DD806CC6CF3B3F98F9A1A711603 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-07-10 21:38:11 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-07-10 21:38:11 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-07-10 21:38:11 00401347C3BC466E5F2516387EBBCA7D 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-07-10 21:38:10 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-07-10 21:38:10 F876957CA193B20A21D52F91418657D7 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-07-10 21:38:10 89A53CDE0DA5680AF48A181D82C752CA 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-07-10 21:38:10 52012C83F7E9AF65D13F04415F0508F5 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-07-10 21:37:38 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-07-10 21:38:27 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-24 17:31:33 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Sent\AppData\Roaming ====== ====== C:\Users\Sent ====== 2014-07-21 19:18:07 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Sent\Downloads\mbam-setup-2.0.2.1012 (1).exe ====== C: exe-files == 2014-07-24 17:31:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sent.exe === C: other files == 2014-07-21 21:01:56 D732AC5645E4AB4C0E2579962D19F9DE 1129037 ----a-w- C:\Users\Sent\AppData\Roaming\Dropbox\bin\xui_resources.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1656333082-1529687371-2864326458-1001\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"="C:\Users\Sent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "Google Update"="C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe -h -k" "NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG10\avgtray.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "PlusService"="C:\Program Files (x86)\Yuna Software\Messenger Plus\PlusService.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS5.5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"="C:\Users\Sent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "Google Update"="C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] "item"="GamersFirst LIVE!" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk" "backup"="C:\\Windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\GAMERS~1\\LIVE!\\Live.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk] "item"="VideoWebCamera.exe" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\VideoWebCamera.exe.lnk" "backup"="C:\\Windows\\pss\\VideoWebCamera.exe.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\VIDEOW~1\\VIDEOW~1.EXE" ==== Startup Folders ====================== 2012-09-24 10:00:58 1059 ----a-w- C:\Users\Sent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001Core.job --a------ C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe [05-12-2010 22:14] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001UA.job --a------ C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe [05-12-2010 22:14] C:\Windows\tasks\update-S-1-5-21-1656333082-1529687371-2864326458-1001.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Sent-PC-Sent" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001Core" [C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001UA" [C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\update-S-1-5-21-1656333082-1529687371-2864326458-1001" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "uise@qwpf.net"="C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default\extensions" [24-07-2014 21:40] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default - AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4 - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - Check4Change - %ProfilePath%\extensions\check4change-owner@mozdev.org - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default E64819B6014A93E2503BB52419A0F6F3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll - Shockwave Flash ==== Chrome Look ====================== YTBookMark - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp Classic Popup Blocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp Classic Popup Blocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp Classic Popup Blocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp YTBookMark - Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp Nederland.FM - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahopcicfccpamfcapccjfoichdnplpch Oeps Google Chrome kan geen verbinding maken met localhost - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\behpapjjikbaegcfhigmjdogoppioaip Firebug Lite for Google Chrome\u2122 - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench Tampermonkey - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Finance - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp AdBlock - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom PT - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke StayFocusd - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji Classic Popup Blocker - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp Graph.tk - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk Picky Wallpapers - Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj YTBookMark - Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld grreatsaaver - Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk YoutubeAdblocker - Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa Classic Popup Blocker - Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp ==== Chrome Fix ====================== C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adgldnmoelbfkiklpjjeaeomjbbpijld deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmabjdpkgeheekofpidaecbmkpjkbgoa deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egababbbohdgloakenjmjjgkhmcbephk deleted successfully C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Sent\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lijicndbkjoplmhnclmoahmcaffaeapp_0.localstorage deleted successfully C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lijicndbkjoplmhnclmoahmcaffaeapp_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=easynote_tm85&r=273612108705l0494z175f4732c306" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_nlNL408" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1656333082-1529687371-2864326458-1001\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\a5215b3b-7dc8-4131-b13b-54cff2195dfa deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\cc6be57b-c6d4-43a7-a135-19155483c5b6 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sent\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Sent\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=449 folders=141 68110240 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Sent\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sent\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\McAfee Security Scan" not found ==== EOF on do 24-07-2014 at 22:09:39,42 ======================
  8. ULT
    Beste Pc-helpforum experts, Sinds kort ben ik de niet zo trotse bezitter van een uiterst vervelende stukje ??mallware?? Hierdoor worden er op willekeurige pagina`s vreemde links en afbeeldingen geplaatst. Zie ook: Screenshot by Lightshot Ik kan het programma niet vinden op mijn laptop om het zo handmatig te verwijderen en ook pogingen met zowel ccleaner als Malwarebytes hebben mijn probleem niet opgelost. Kunnen jullie mij hierbij helpen? Momenteel ben ik bezig met het scannen van mijn computer met RSIT. De log hiervan zal ik plaatsen als deze beschikbaar is. Klopt het dat dit een (behoorlijke) poosje duurt? Alvast bedankt en met vriendelijke groet, ULT - - - Updated - - - Het logbericht: Logfile of random's system information tool 1.10 (written by random/random) Run by ... at 2014-07-24 19:31:31 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 174 GB (38%) free of 463 GB Total RAM: 3959 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:42:16, on 24-7-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17207) Boot mode: Normal Running processes: C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Users\Sent\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\trend micro\Sent.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=easynote_tm85&r=273612108705l0494z175f4732c306 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid=&mid=695dbe017e3447d68ab059e75b461258-d98f306448806add63d0fe190a41561b0726761c〈=en&ds=AVG&pr=fr&d=&pid=avg&sg=&v=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKCU\..\Run: [LightShot] C:\Users\Sent\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = Sent\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Sent\Desktop\PartyPoker.lnk (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Sent\Desktop\PartyPoker.lnk (file missing) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15316 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG10\avgchsva.exe /boot %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe" "C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" "C:\Program Files (x86)\AVG\AVG10\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG10\avgemca.exe" \??\C:\Windows\system32\conhost.exe "-7648752261330367128729738285-1715373817-214298680114672427231117437236368719366 "C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe" "taskhost.exe" taskeng.exe {25AEA237-9B21-473E-8271-5C1C0B4BB8EC} "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "C:\Users\Sent\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe" Flags: uninsdeletevalue "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" HydraDM64.exe -h:65908 "Maximaliseren tot volledig bureaublad" "Maximaliseren tot volledig venster" "Bureaublad herstellen" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe KHALMNPR.EXE /API "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files (x86)\AVG\AVG10\avgtray.exe" "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe" "C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3320.0.720408278\506086384" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.0.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.2.1426387055\1743604735" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.3.1313072876\1488695553" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.8.470199640\1279445624" /prefetch:673131151 "C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe" "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3320.12.910617015\2039116907" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.14.1943854006\1297779339" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.16.2097005109\600137550" /prefetch:673131151 C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Users\Sent\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrunupdate 1 /TAGS:@FULL-{D28A0FFE-22B5-4AFB-8FB8-7C091BC818AB} C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=e1922475-8c36-4808-9e99-8c11a020966a /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\db16fd25-1851-4964-9419-0e29e533dc41-17f4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\35.0.1916.153\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe WicaInventory.exe /devices /output "C:\Windows\TEMP\CompatTelemetryLogs\WICA_Devices_SENT-PC.xml" /filterdevices "C:\Windows\TEMP\CompatTelemetryLogs\WicaDeviceFilters.xml" /log "C:\Windows\TEMP\CompatTelemetryLogs" "C:\Windows\system32\CompatTel" \??\C:\Windows\system32\conhost.exe "-16554445561859615794766776764-828135819894795015630862942541093400872462419 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.21.242983675\1553544048" /prefetch:673131151 C:\Windows\servicing\TrustedInstaller.exe "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.25.1341335579\391389001" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.27.1332830490\1506068763" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.28.575761774\597286249" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.30.1435995384\1639290558" /prefetch:673131151 "C:\Users\Sent\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3320.32.1774572366\538453554" /prefetch:673131151 taskeng.exe {1EF0B709-0658-4F77-90E3-449ADF794BB3} C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\System32\svchost.exe -k WerSvcGroup "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001Core.job - C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1656333082-1529687371-2864326458-1001UA.job - C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe C:\Windows\tasks\ParetoLogic Update Version3_triggeronce.job - c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe C:\Windows\tasks\RegCure Pro Startup.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe C:\Windows\tasks\RegCure Pro_sch_1C1ACAD3-FDFB-11E3-A01A-88AE1DA2FBAB.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe /schedule:"1C1ACAD3-FDFB-11E3-A01A-88AE1DA2FBAB" C:\Windows\tasks\ROC_REG_JAN_DELETE.job - C:\ProgramData\AVG January 2013 Campaign\ROC.exe /DELETE_FROM_SYSTEM=1 C:\Windows\tasks\update-S-1-5-21-1656333082-1529687371-2864326458-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate =========Mozilla firefox========= ProfilePath - C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default prefs.js - "browser.startup.homepage" - "http://isearch.avg.com/?cid=&mid=695dbe017e3447d68ab059e75b461258-d98f306448806add63d0fe190a41561b0726761c〈=en&ds=AVG&pr=fr&d=&pid=avg&sg=&v=&sap=hp" prefs.js - "extensions.enabledItems" - "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, check4change-owner@mozdev.org:1.9.3, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.6.602.171 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gamersfirst.com/LiveLauncher] "Description"=GamersFirst LIVE! Web Launcher "Path"=C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.6.602.171 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} C:\Program Files (x86)\Mozilla Firefox\components\ browser.xpt browserdirprovider.dll brwsrcmp.dll components.list FeedConverter.js FeedProcessor.js FeedWriter.js fuelApplication.js GPSDGeolocationProvider.js jsconsole-clhandler.js NetworkGeolocationProvider.js nsAddonRepository.js nsBadCertHandler.js nsBlocklistService.js nsBrowserContentHandler.js nsBrowserGlue.js nsContentDispatchChooser.js nsContentPrefService.js nsDefaultCLH.js nsDownloadManagerUI.js nsExtensionManager.js nsFormAutoComplete.js nsHandlerService.js nsHelperAppDlg.js nsINIProcessor.js nsLivemarkService.js nsLoginInfo.js nsLoginManager.js nsLoginManagerPrompter.js nsMicrosummaryService.js nsPlacesAutoComplete.js nsPlacesDBFlush.js nsPlacesTransactionsService.js nsPrivateBrowsingService.js nsProxyAutoConfig.js nsSafebrowsingApplication.js nsSearchService.js nsSearchSuggestions.js nsSessionStartup.js nsSessionStore.js nsSetDefaultBrowser.js nsSidebar.js nsTaggingService.js nsTryToClose.js nsUpdateService.js nsUpdateServiceStub.js nsUpdateTimerManager.js nsUrlClassifierLib.js nsUrlClassifierListManager.js nsURLFormatter.js nsWebHandlerApp.js pluginGlue.js storage-Legacy.js storage-mozStorage.js txEXSLTRegExFunctions.js WebContentConverter.js C:\Program Files (x86)\Mozilla Firefox\plugins\ npdeployJava1.dll npnul32.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ bolcom-nl.xml google.xml marktplaats-nl.xml vandale-nl.xml wikipedia-nl.xml yahoo-nl.xml C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default\extensions\ check4change-owner@mozdev.org staged {e4a8a97b-f2ed-450b-b12d-ee082ba24781} {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} C:\Users\Sent\AppData\Roaming\Mozilla\Firefox\Profiles\iac8prmh.default\searchplugins\ avg-secure-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376] "Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1680976] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"=C:\Users\Sent\AppData\Local\Skillbrains\lightshot\Lightshot.exe [2014-03-06 226592] "HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2014-01-31 389120] "Google Update"=C:\Users\Sent\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-05 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] C:\PROGRA~2\GAMERS~1\LIVE!\Live.exe [2011-08-16 2589808] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk] C:\PROGRA~2\VIDEOW~1\VIDEOW~1.EXE [2010-05-18 4867400] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-03-09 258560] "NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2012-08-01 2345592] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "PlusService"=C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [2011-09-20 801792] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696] "AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992] "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] "AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe C:\Users\Sent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Sent\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 66640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - .js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 month====== 2014-07-24 19:41:33 ----A---- C:\Windows\SYSWOW64\SBRC.dat 2014-07-24 19:31:33 ----D---- C:\Program Files\trend micro 2014-07-24 19:31:31 ----D---- C:\rsit 2014-07-10 23:38:37 ----A---- C:\Windows\system32\aepdu.dll 2014-07-10 23:38:37 ----A---- C:\Windows\system32\aeinv.dll 2014-07-10 23:38:30 ----A---- C:\Windows\SYSWOW64\osk.exe 2014-07-10 23:38:30 ----A---- C:\Windows\system32\win32k.sys 2014-07-10 23:38:30 ----A---- C:\Windows\system32\osk.exe 2014-07-10 23:38:27 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-07-10 23:38:27 ----A---- C:\Windows\system32\qedit.dll 2014-07-10 23:38:27 ----A---- C:\Windows\system32\drivers\afd.sys 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-07-10 23:38:22 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\wdigest.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\TSpkg.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\schannel.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\ncrypt.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\msv1_0.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\kerberos.dll 2014-07-10 23:38:22 ----A---- C:\Windows\system32\credssp.dll 2014-07-10 23:38:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-07-10 23:38:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-07-10 23:38:19 ----A---- C:\Windows\system32\iernonce.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-07-10 23:38:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-07-10 23:38:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 23:38:18 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-07-10 23:38:18 ----A---- C:\Windows\system32\iedkcs32.dll 2014-07-10 23:38:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-07-10 23:38:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-07-10 23:38:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-07-10 23:38:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-07-10 23:38:16 ----A---- C:\Windows\system32\urlmon.dll 2014-07-10 23:38:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 23:38:15 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-07-10 23:38:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-07-10 23:38:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-07-10 23:38:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-07-10 23:38:15 ----A---- C:\Windows\system32\msfeeds.dll 2014-07-10 23:38:15 ----A---- C:\Windows\system32\iesetup.dll 2014-07-10 23:38:15 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-07-10 23:38:15 ----A---- C:\Windows\system32\ie4uinit.exe 2014-07-10 23:38:15 ----A---- C:\Windows\system32\dxtmsft.dll 2014-07-10 23:38:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-07-10 23:38:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-07-10 23:38:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-07-10 23:38:14 ----A---- C:\Windows\system32\iertutil.dll 2014-07-10 23:38:13 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-07-10 23:38:13 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-07-10 23:38:13 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-07-10 23:38:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-07-10 23:38:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-07-10 23:38:13 ----A---- C:\Windows\system32\jsproxy.dll 2014-07-10 23:38:13 ----A---- C:\Windows\system32\dxtrans.dll 2014-07-10 23:38:12 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-07-10 23:38:12 ----A---- C:\Windows\system32\mshtmled.dll 2014-07-10 23:38:12 ----A---- C:\Windows\system32\ieUnatt.exe 2014-07-10 23:38:12 ----A---- C:\Windows\system32\ieui.dll 2014-07-10 23:38:12 ----A---- C:\Windows\system32\ieframe.dll 2014-07-10 23:38:11 ----A---- C:\Windows\system32\wininet.dll 2014-07-10 23:38:11 ----A---- C:\Windows\system32\vbscript.dll 2014-07-10 23:38:11 ----A---- C:\Windows\system32\jscript9diag.dll 2014-07-10 23:38:11 ----A---- C:\Windows\system32\jscript9.dll 2014-07-10 23:38:11 ----A---- C:\Windows\system32\ieapfltr.dll 2014-07-10 23:38:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 23:38:10 ----A---- C:\Windows\system32\msrating.dll 2014-07-10 23:38:10 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-07-10 23:38:10 ----A---- C:\Windows\system32\mshtml.dll 2014-07-10 23:37:38 ----A---- C:\Windows\system32\lsasrv.dll 2014-07-10 23:37:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-07-10 23:37:37 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-07-01 16:54:25 ----A---- C:\Windows\system32\MRT.exe 2014-06-27 13:00:12 ----D---- C:\Users\Sent\AppData\Roaming\DriverCure 2014-06-27 13:00:11 ----D---- C:\Users\Sent\AppData\Roaming\ParetoLogic 2014-06-27 12:59:55 ----D---- C:\ProgramData\ParetoLogic 2014-06-27 12:59:55 ----D---- C:\Program Files (x86)\ParetoLogic ======List of files/folders modified in the last 1 month====== 2014-07-24 19:41:33 ----D---- C:\Windows\SysWOW64 2014-07-24 19:41:24 ----D---- C:\Windows\system32\config 2014-07-24 19:38:02 ----D---- C:\Windows\Prefetch 2014-07-24 19:31:33 ----RD---- C:\Program Files 2014-07-24 19:28:32 ----D---- C:\Users\Sent\AppData\Roaming\Dropbox 2014-07-24 19:28:12 ----D---- C:\Windows\Temp 2014-07-24 19:27:51 ----D---- C:\Windows\system32\drivers\AVG 2014-07-24 19:27:40 ----A---- C:\Windows\wininit.ini 2014-07-24 19:26:29 ----SHD---- C:\System Volume Information 2014-07-24 19:23:15 ----A---- C:\Windows\SYSWOW64\log.txt 2014-07-21 21:19:06 ----D---- C:\Windows\SYSWOW64\drivers 2014-07-21 21:19:03 ----D---- C:\Windows\system32\drivers 2014-07-21 21:19:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-21 19:09:11 ----D---- C:\Windows\winsxs 2014-07-21 19:08:51 ----D---- C:\Windows\inf 2014-07-21 19:05:10 ----D---- C:\Program Files\Windows Journal 2014-07-21 19:05:09 ----SD---- C:\Windows\system32\CompatTel 2014-07-21 19:05:08 ----D---- C:\Windows\System32 2014-07-21 19:05:07 ----D---- C:\Windows\SYSWOW64\Dism 2014-07-21 19:05:05 ----D---- C:\Windows\system32\Dism 2014-07-21 19:05:01 ----D---- C:\Windows\ehome 2014-07-21 19:04:57 ----D---- C:\Windows\system32\nl-NL 2014-07-21 19:04:56 ----D---- C:\Program Files\Internet Explorer 2014-07-21 19:04:54 ----D---- C:\Windows\SYSWOW64\en-US 2014-07-21 19:04:51 ----D---- C:\Windows\system32\en-US 2014-07-21 19:04:48 ----D---- C:\Program Files (x86)\Internet Explorer 2014-07-12 22:10:33 ----SHD---- C:\Windows\Installer 2014-07-12 22:10:27 ----SHD---- C:\Config.Msi 2014-07-12 22:10:26 ----D---- C:\ProgramData\Microsoft Help 2014-07-12 22:05:56 ----D---- C:\Windows\system32\MRT 2014-07-10 23:37:25 ----D---- C:\Windows\system32\catroot 2014-07-10 23:37:24 ----D---- C:\Windows\system32\catroot2 2014-07-06 18:56:42 ----D---- C:\Windows\rescache 2014-07-04 19:39:55 ----SD---- C:\Users\Sent\AppData\Roaming\Microsoft 2014-07-03 17:22:58 ----D---- C:\Users\Sent\AppData\Roaming\mIRC 2014-07-01 16:54:28 ----D---- C:\Windows\debug 2014-07-01 15:45:15 ----D---- C:\Users\Sent\AppData\Roaming\TeamViewer 2014-06-27 16:46:02 ----D---- C:\Program Files (x86)\Full Tilt Poker.Eu 2014-06-27 15:51:39 ----D---- C:\Windows 2014-06-27 15:47:18 ----D---- C:\ProgramData\6b23133c43fb9f6 2014-06-27 15:47:17 ----D---- C:\Windows\Downloaded Program Files 2014-06-27 15:47:00 ----D---- C:\Program Files (x86) 2014-06-27 15:03:43 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-06-27 15:01:45 ----D---- C:\Windows\Tasks 2014-06-27 15:01:45 ----D---- C:\Windows\system32\Tasks 2014-06-27 14:54:36 ----D---- C:\Program Files\McAfee Security Scan 2014-06-27 14:44:08 ----D---- C:\Windows\system32\wfp 2014-06-27 14:44:07 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-06-27 14:44:03 ----D---- C:\Windows\system32\wbem 2014-06-27 14:42:09 ----D---- C:\Windows\SYSWOW64\wbem 2014-06-27 14:42:09 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-06-27 14:42:09 ----D---- C:\Windows\PolicyDefinitions 2014-06-27 14:41:14 ----D---- C:\Windows\system32\NDF 2014-06-27 14:41:13 ----D---- C:\Windows\system32\DriverStore 2014-06-27 14:41:13 ----D---- C:\Windows\system32\drivers\etc 2014-06-27 14:41:13 ----D---- C:\Windows\system32\CodeIntegrity 2014-06-27 14:41:08 ----D---- C:\Windows\pss 2014-06-27 14:41:07 ----RSD---- C:\Windows\Fonts 2014-06-27 14:40:57 ----D---- C:\Windows\AppCompat 2014-06-27 14:40:42 ----D---- C:\ProgramData\Symantec 2014-06-27 14:40:41 ----D---- C:\ProgramData\McAfee Security Scan 2014-06-27 14:40:40 ----D---- C:\Program Files\PB Accessory Store 2014-06-27 14:40:39 ----D---- C:\Program Files\Common Files\Microsoft Shared 2014-06-27 14:40:39 ----D---- C:\Program Files\CCleaner 2014-06-27 14:40:32 ----D---- C:\Program Files (x86)\Common Files 2014-06-27 14:40:30 ----D---- C:\Program Files (x86)\Google 2014-06-27 14:40:25 ----D---- C:\Program Files\Google 2014-06-27 14:39:24 ----D---- C:\Windows\registration 2014-06-27 14:36:23 ----D---- C:\Windows\system32\wdi 2014-06-27 14:35:21 ----D---- C:\Windows\NAPP_Dism_Log 2014-06-27 14:35:19 ----D---- C:\Windows\Microsoft.NET 2014-06-27 14:35:07 ----RSD---- C:\Windows\assembly 2014-06-27 14:34:25 ----D---- C:\Users\Sent\AppData\Roaming\MaxCoin 2014-06-27 14:34:25 ----D---- C:\Users\Sent\AppData\Roaming\Macromedia 2014-06-27 14:34:25 ----D---- C:\Users\Sent\AppData\Roaming\Ducats 2014-06-27 14:34:03 ----HD---- C:\ProgramData 2014-06-27 14:33:58 ----D---- C:\ProgramData\Malwarebytes 2014-06-27 14:33:58 ----D---- C:\ProgramData\Google 2014-06-27 14:33:44 ----D---- C:\Program Files (x86)\TeamViewer 2014-06-27 14:33:41 ----D---- C:\Program Files (x86)\MathType 2014-06-27 14:33:34 ----HD---- C:\OEM 2014-06-27 14:26:35 ----D---- C:\Windows\SoftwareDistribution 2014-06-27 13:13:00 ----D---- C:\Users\Sent\AppData\Roaming\BitTorrent 2014-06-27 13:13:00 ----D---- C:\ProgramData\Partner 2014-06-27 13:12:59 ----D---- C:\Windows\Panther 2014-06-27 13:12:59 ----D---- C:\Windows\Minidump 2014-06-27 13:12:59 ----D---- C:\Users\Sent\AppData\Roaming\Dogecoin ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-12 312160] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-19 283200] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 63568] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 57936] S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-08-24 41040] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280] S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336] R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-05 867080] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 357456] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [2010-10-18 20549] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [2010-12-24 8133120] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-08 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
  9. ULT
    Hallo allemaal, Sorry voor de late reactie. Het leek goed te gaan. AVG had nog wel enkele waarschuwingen maar het leek mij mee te vallen. Een dag later is mijn pc echter toch gecrashed, ik kon op geen enkele manier meer in windows komen. Zelfs de veilige modus waren geen optie. Uiteindelijk maar een backup van de harde schijf gemaakt en windows er op nieuw opgezet. Ben vandaag bezig met het installeren met het een en ander. Bedankt voor jullie hulp in elk geval!
  10. ULT
    En alweer het nieuwe logje!: [ATTACH]7537[/ATTACH] C_log2.txt
  11. ULT
    Bijgaande het ComboFix logbestand: [ATTACH]7533[/ATTACH] Iedereen bedankt voor de hulp! C_log.txt
  12. ULT
    Ik kan ComboFix niet installeren zonder AVG te installeren. Moet dit persé? Het programma heb ik wel uitgezet zoals beschreven stond in de link. Mvg
  13. ULT
    Hallo Kweezie Wabbit, Ik heb nog een complete scan gemaakt met de vernieuwde AVG. De volgende resultaten gaf deze aan: Mvg, ULT
  14. ULT
    Hartelijk bedankt! Ik heb alle stappen ondernomen die jullie beiden hebben genoemd. De log van MBAM is de volgende: [ATTACH]7500[/ATTACH] En de nieuwe HijackThis log deze: [ATTACH]7501[/ATTACH] Mvg, ULT mbam-log-2010-11-12 (00-28-24).txt hijackthis_v2.txt
  15. ULT
    Heey Jürgen, bedankt voor je snelle reactie. Ik heb IE vandaag net deïnstalleerd en nog niet opnieuw geinstaleerd, vandaar de lagere versie. `K gebruik eigenlijk alleen Firefox en GG. Ik zal wel direct even updaten naar service pack 3!
  16. ULT
    Hallo mensen, Wanneer ik AVG opstart krijg ik ongeveer om de 5 seconden het scherm te zien die toegevoegd is in de bijlage: Ook belangrijk om te weten: wanneer ik google, en druk op een resultaat, dan wordt ik naar een compleet andere link gestuurd. Veelal hele verkeerde sites. Er is iets goed mis met mijn pc, dat weet ik wel Bijgevoegde bestand is een log van Hijack: [ATTACH]7477[/ATTACH] Ik weet niet wat ik er mee moet en ik hoop dat jullie me kunnen helpen! Mvg, hijackthis.log
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.