Laptop loopt constant vast

[Gast Richard21]

Heb Skype al een paar keer verwijdert en geinstalleerd. Hielp helaas niet. M'n pc is vandaag helaas weer een aantal keren vastgelopen. Dit gebeurt vaak als ik even 10 min weg ben geweest en weer terugkom.

ComboFix 13-03-12.01 - Rutger 13/03/2013 0:09.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1571 [GMT 1:00]

Gestart vanuit: c:\users\Rutger\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Rutger\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Yontoo

c:\programdata\Tarma Installer

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico

c:\users\Rutger\AppData\Roaming\DSite

c:\users\Rutger\AppData\Roaming\DSite\UpdateProc\prod.dat

c:\users\Rutger\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-02-12 to 2013-03-12 ))))))))))))))))))))))))))))))

.

.

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\Rutger\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres1\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres.PC_van_Rutger\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres.PC_van_Rutger.002\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres.PC_van_Rutger.001\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\postgres.PC_van_Rutger.000\AppData\Local\temp

2013-03-12 23:19 . 2013-03-12 23:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-12 11:20 . 2013-03-12 11:20 -------- d-----r- c:\program files\Skype

2013-03-12 11:20 . 2013-03-12 11:20 -------- d-----w- c:\program files\Common Files\Skype

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\users\Rutger\AppData\Roaming\Malwarebytes

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\programdata\Malwarebytes

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-12 09:47 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-12 08:44 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05DFCCBE-6D98-41A4-8BD0-FD6436C33C01}\mpengine.dll

2013-03-11 23:26 . 2013-03-11 23:26 -------- d-----w- c:\users\UpdatusUser

2013-03-11 23:25 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2013-03-11 23:23 . 2012-10-02 22:20 52584 ----a-w- c:\windows\system32\OpenCL.dll

2013-03-11 23:23 . 2013-03-11 23:23 -------- d-----w- c:\programdata\NVIDIA Corporation

2013-03-11 23:21 . 2012-10-02 22:20 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2013-03-11 23:21 . 2012-10-02 22:20 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2013-03-11 23:21 . 2012-10-02 22:20 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2013-03-11 23:21 . 2012-10-02 22:20 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2013-03-11 23:21 . 2012-10-02 22:20 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-03-11 23:21 . 2012-10-02 22:20 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2013-03-11 23:21 . 2012-10-02 22:20 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2013-03-11 23:21 . 2012-10-02 22:20 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2013-03-11 23:21 . 2012-10-02 22:20 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-03-11 23:21 . 2012-10-02 22:20 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2013-03-11 23:20 . 2013-03-11 23:20 -------- d-----w- C:\NVIDIA

2013-03-11 21:21 . 2013-03-11 21:21 388096 ----a-r- c:\users\Rutger\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-03-11 21:21 . 2013-03-11 21:21 -------- d-----w- c:\program files\Trend Micro

2013-03-09 22:48 . 2013-03-09 22:48 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-07 08:20 . 2013-03-07 08:51 -------- d-----w- c:\users\Rutger\AppData\Roaming\Hewlett-Packard

2013-03-05 20:58 . 2013-03-05 20:58 -------- d-----w- c:\users\Rutger\AppData\Local\Hewlett-Packard

2013-03-05 20:56 . 2013-03-07 08:39 -------- d-----w- c:\users\Rutger\AppData\Roaming\hpqLog

2013-03-05 20:53 . 2013-03-05 20:53 -------- d-----w- c:\users\Rutger\AppData\Roaming\GTek

2013-03-05 15:01 . 2013-03-11 23:26 -------- d-----w- c:\program files\NVIDIA Corporation

2013-02-22 14:08 . 2013-02-22 14:08 -------- d-----w- c:\program files\iPod

2013-02-22 14:08 . 2013-02-22 14:09 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-22 14:08 . 2013-02-22 14:09 -------- d-----w- c:\program files\iTunes

2013-02-21 13:44 . 2013-02-21 13:52 -------- d-----w- c:\users\Rutger\AppData\Local\FullTiltPoker.eu

2013-02-21 13:43 . 2013-03-10 15:14 -------- d-----w- c:\program files\Full Tilt Poker.Eu

2013-02-18 08:22 . 2013-02-18 08:22 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll

2013-02-18 08:22 . 2013-02-18 08:22 67432 ----a-w- c:\windows\system32\nvapo32v.dll

2013-02-18 08:22 . 2013-02-18 08:22 28008 ----a-w- c:\windows\system32\nvhdap32.dll

2013-02-18 08:22 . 2013-02-18 08:22 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys

2013-02-13 11:13 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 11:13 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 11:13 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-13 11:13 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-13 11:13 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-12 20:51 . 2012-04-03 07:46 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-12 20:51 . 2011-05-17 14:09 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-09 22:48 . 2012-06-15 23:19 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-09 22:48 . 2010-07-04 15:54 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-01-17 00:28 . 2009-12-25 09:44 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12 . 2012-12-21 17:47 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-21 17:47 293376 ----a-w- c:\windows\system32\atmfd.dll

2013-03-09 10:45 . 2013-03-09 10:44 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 10:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-04-23 468264]

"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Rutger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-02-07 12:14 17706088 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2399130301-618433952-3316616202-1000]

"EnableNotifications"=dword:00000001

"EnableNotificationsRef"=dword:00000002

.

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-02-26 13:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:51]

.

2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 19:43]

.

2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 19:43]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

FF - ProfilePath - c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - about:blank

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - ExtSQL: 2013-01-16 02:01; {b442f4c0-c292-4998-aabe-48608a73ba75}; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi

FF - ExtSQL: 2013-01-16 02:01; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

FF - ExtSQL: 2013-03-09 10:56; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF

FF - ExtSQL: 2013-03-11 22:18; plugin@yontoo.com; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\plugin@yontoo.com.xpi

FF - ExtSQL: !HIDDEN! 2009-12-28 23:50; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: extentions.y2layers.installId - 9f385a87-cf8c-4512-bf6e-ae618a738dff

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers

FF - user.js: extensions.autoDisableScopes - 14

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe

AddRemove-DSite - c:\users\Rutger\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-03-13 00:19

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-8.4]

"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-8.4]

"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b3,ec,03,8d,db,86,43,81,3d,60,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b3,ec,03,8d,db,86,43,81,3d,60,\

.

[HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56297022-D221-C3C1-3DA6-9F1BBEB8EA89}*]

"hafdcobdaijebcic"=hex:69,61,6c,63,61,62,69,65,6e,64,65,69,68,61,6c,6c,70,6c,

00,dc

"gaoehhfhkgcolj"=hex:61,63,6f,63,6c,6f,69,6d,64,61,65,69,6f,69,62,64,69,64,66,

67,61,63,67,63,6e,6f,6c,63,6e,64,63,62,61,64,62,70,62,6b,68,6a,62,70,6d,6e,\

"ialdaabahieflkgmhb"=hex:69,61,63,63,62,61,67,6d,65,6f,65,67,70,67,6a,6d,6c,69,

00,dc

.

Voltooingstijd: 2013-03-13 00:21:35

ComboFix-quarantined-files.txt 2013-03-12 23:21

ComboFix2.txt 2013-03-12 12:15

.

Pre-Run: 198.922.227.712 bytes beschikbaar

Post-Run: 198.868.520.960 bytes beschikbaar

.

- - End Of File - - 391F159675BD7639386F6056DA862A2C

[kape]

Een deel van de opdracht is gelukt en ander deel niet. Wil je het volgende nog eens uitvoeren, maar doe het nu in "veilige" modus.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\

FF - ExtSQL: 2013-03-11 22:18; plugin@yontoo.com; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\plugin@yontoo.c om

FF - user.js: extentions.y2layers.installId - 9f385a87-cf8c-4512-bf6e-ae618a738dff

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers

FF - user.js: extensions.autoDisableScopes – 14

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.

• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

[Gast Richard21]

Gedaan. Ben nu bezig met Adw cleaner.

ComboFix 13-03-12.01 - Rutger 13/03/2013 14:46:38.3.2 - x86 MINIMAL

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.2629 [GMT 1:00]

Gestart vanuit: c:\users\Rutger\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Rutger\Desktop\CFScript.txt

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-02-13 to 2013-03-13 ))))))))))))))))))))))))))))))

.

.

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\Rutger\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres1\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres.PC_van_Rutger\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres.PC_van_Rutger.002\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres.PC_van_Rutger.001\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\postgres.PC_van_Rutger.000\AppData\Local\temp

2013-03-13 13:54 . 2013-03-13 13:54 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-13 12:17 . 2013-02-02 03:32 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2013-03-13 12:17 . 2013-02-02 03:31 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll

2013-03-13 12:17 . 2013-02-02 03:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-03-13 12:16 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys

2013-03-13 12:16 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-03-12 23:01 . 2013-03-12 23:01 -------- d-----w- C:\avast! sandbox

2013-03-12 11:20 . 2013-03-12 11:20 -------- d-----r- c:\program files\Skype

2013-03-12 11:20 . 2013-03-12 11:20 -------- d-----w- c:\program files\Common Files\Skype

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\users\Rutger\AppData\Roaming\Malwarebytes

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\programdata\Malwarebytes

2013-03-12 09:47 . 2013-03-12 09:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-12 09:47 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-12 08:44 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{05DFCCBE-6D98-41A4-8BD0-FD6436C33C01}\mpengine.dll

2013-03-11 23:26 . 2013-03-11 23:26 -------- d-----w- c:\users\UpdatusUser

2013-03-11 23:25 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2013-03-11 23:23 . 2012-10-02 22:20 52584 ----a-w- c:\windows\system32\OpenCL.dll

2013-03-11 23:23 . 2013-03-11 23:23 -------- d-----w- c:\programdata\NVIDIA Corporation

2013-03-11 23:21 . 2012-10-02 22:20 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2013-03-11 23:21 . 2012-10-02 22:20 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2013-03-11 23:21 . 2012-10-02 22:20 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2013-03-11 23:21 . 2012-10-02 22:20 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2013-03-11 23:21 . 2012-10-02 22:20 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-03-11 23:21 . 2012-10-02 22:20 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2013-03-11 23:21 . 2012-10-02 22:20 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2013-03-11 23:21 . 2012-10-02 22:20 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2013-03-11 23:21 . 2012-10-02 22:20 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-03-11 23:21 . 2012-10-02 22:20 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2013-03-11 23:20 . 2013-03-11 23:20 -------- d-----w- C:\NVIDIA

2013-03-11 21:21 . 2013-03-11 21:21 388096 ----a-r- c:\users\Rutger\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-03-11 21:21 . 2013-03-11 21:21 -------- d-----w- c:\program files\Trend Micro

2013-03-09 22:48 . 2013-03-09 22:48 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-07 08:20 . 2013-03-07 08:51 -------- d-----w- c:\users\Rutger\AppData\Roaming\Hewlett-Packard

2013-03-05 20:58 . 2013-03-05 20:58 -------- d-----w- c:\users\Rutger\AppData\Local\Hewlett-Packard

2013-03-05 20:56 . 2013-03-07 08:39 -------- d-----w- c:\users\Rutger\AppData\Roaming\hpqLog

2013-03-05 20:53 . 2013-03-05 20:53 -------- d-----w- c:\users\Rutger\AppData\Roaming\GTek

2013-03-05 15:01 . 2013-03-11 23:26 -------- d-----w- c:\program files\NVIDIA Corporation

2013-02-22 14:08 . 2013-02-22 14:08 -------- d-----w- c:\program files\iPod

2013-02-22 14:08 . 2013-02-22 14:09 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-22 14:08 . 2013-02-22 14:09 -------- d-----w- c:\program files\iTunes

2013-02-21 13:44 . 2013-02-21 13:52 -------- d-----w- c:\users\Rutger\AppData\Local\FullTiltPoker.eu

2013-02-21 13:43 . 2013-03-10 15:14 -------- d-----w- c:\program files\Full Tilt Poker.Eu

2013-02-18 08:22 . 2013-02-18 08:22 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll

2013-02-18 08:22 . 2013-02-18 08:22 67432 ----a-w- c:\windows\system32\nvapo32v.dll

2013-02-18 08:22 . 2013-02-18 08:22 28008 ----a-w- c:\windows\system32\nvhdap32.dll

2013-02-18 08:22 . 2013-02-18 08:22 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys

2013-02-13 20:31 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-13 11:13 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 11:13 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 11:13 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-13 11:13 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-13 11:13 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-12 20:51 . 2012-04-03 07:46 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-12 20:51 . 2011-05-17 14:09 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-09 22:48 . 2012-06-15 23:19 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-09 22:48 . 2010-07-04 15:54 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-01-17 00:28 . 2009-12-25 09:44 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12 . 2012-12-21 17:47 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-21 17:47 293376 ----a-w- c:\windows\system32\atmfd.dll

2013-03-09 10:45 . 2013-03-09 10:44 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 10:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-04-23 468264]

"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Rutger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-02-07 12:14 17706088 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2399130301-618433952-3316616202-1000]

"EnableNotifications"=dword:00000001

"EnableNotificationsRef"=dword:00000002

.

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - ECACHE

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-02-26 13:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-03-13 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 20:51]

.

2013-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 19:43]

.

2013-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 19:43]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

FF - ProfilePath - c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - about:blank

FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - ExtSQL: 2013-01-16 02:01; {b442f4c0-c292-4998-aabe-48608a73ba75}; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi

FF - ExtSQL: 2013-01-16 02:01; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

FF - ExtSQL: 2013-03-09 10:56; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF

FF - ExtSQL: 2013-03-11 22:18; plugin@yontoo.com; c:\users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\plugin@yontoo.com.xpi

FF - ExtSQL: !HIDDEN! 2009-12-28 23:50; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: extentions.y2layers.installId - 9f385a87-cf8c-4512-bf6e-ae618a738dff

FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers

FF - user.js: extensions.autoDisableScopes - 14

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-03-13 14:54

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-8.4]

"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\postgresql-8.4]

"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b3,ec,03,8d,db,86,43,81,3d,60,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b3,ec,03,8d,db,86,43,81,3d,60,\

.

[HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{56297022-D221-C3C1-3DA6-9F1BBEB8EA89}*]

"hafdcobdaijebcic"=hex:69,61,6c,63,61,62,69,65,6e,64,65,69,68,61,6c,6c,70,6c,

00,dc

"gaoehhfhkgcolj"=hex:61,63,6f,63,6c,6f,69,6d,64,61,65,69,6f,69,62,64,69,64,66,

67,61,63,67,63,6e,6f,6c,63,6e,64,63,62,61,64,62,70,62,6b,68,6a,62,70,6d,6e,\

"ialdaabahieflkgmhb"=hex:69,61,63,63,62,61,67,6d,65,6f,65,67,70,67,6a,6d,6c,69,

00,dc

.

Voltooingstijd: 2013-03-13 14:56:48

ComboFix-quarantined-files.txt 2013-03-13 13:56

ComboFix2.txt 2013-03-12 23:21

ComboFix3.txt 2013-03-12 12:15

.

Pre-Run: 201.579.388.928 bytes beschikbaar

Post-Run: 201.527.357.440 bytes beschikbaar

.

- - End Of File - - FD3D632A65AC08CD7CE0D9F09D0CA059

[Gast Richard21]

ADW log:

# AdwCleaner v2.114 - Verslag gemaakt op 13/03/2013 om 16:09:59

# Geactualiseerd op 05/03/2013 door Xplode

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

# Gebruiker : Rutger - PC_VAN_RUTGER

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Rutger\AppData\Local\Opera\Opera\temporary_downloads\adwcleaner.exe

# Optie [Zoeken]

***** [Diensten] *****

***** [Files / Mappen] *****

File Aanwezig : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll

Map Aanwezig : C:\Program Files\Viewpoint

Map Aanwezig : C:\Program Files\vShare.tv plugin

Map Aanwezig : C:\ProgramData\Viewpoint

***** [Register] *****

Sleutel Aanwezig : HKCU\Software\Conduit

Sleutel Aanwezig : HKCU\Software\InstallCore

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Sleutel Aanwezig : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Sleutel Aanwezig : HKCU\Software\Softonic

Sleutel Aanwezig : HKCU\Software\StartSearch

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Sleutel Aanwezig : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Sleutel Aanwezig : HKLM\Software\Conduit

Sleutel Aanwezig : HKLM\Software\Freeze.com

Sleutel Aanwezig : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Sleutel Aanwezig : HKLM\Software\MetaStream

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Aanwezig : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Sleutel Aanwezig : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Sleutel Aanwezig : HKLM\Software\Viewpoint

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v19.0 (nl)

File : C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\prefs.js

Aanwezig : user_pref("browser.search.defaultengine", "Web Search");

Aanwezig : user_pref("browser.search.order.1", "Web Search");

Aanwezig : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

Aanwezig : user_pref("extentions.y2layers.installId", "9f385a87-cf8c-4512-bf6e-ae618a738dff");

-\\ Opera v12.14.1738.0

File : C:\Users\Rutger\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [6166 octets] - [13/03/2013 15:40:27]

AdwCleaner[R2].txt - [6133 octets] - [13/03/2013 16:10:01]

########## EOF - C:\AdwCleaner[R2].txt - [6193 octets] ##########

Hij geeft sinds 2 dagen af en toe tijdens het opstarten de melding dat er geen hardrive gevonden is. Dan moet ik hem weer opnieuw opstarten.

13 maart 2013 aangepast door kape
dubbellog verwijderd

[kape]

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

   
  startupall; 
  filesrcm; 
  

  
  

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
  • 
    
  • Running processes
    
  • Recently Created
    
  • Startup Information
    
  • Installed Programs
    
  • Empty Temp Folders
    
  • Shortcut Fix
    
  • IE Defaults
    
  • Auto Clean
    

  [*] Klik daarna op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[Gast Richard21]

Zoek.exe Version 4.0.0.2 Updated 13-March-2013

Tool run by Rutger on wo 13/03/2013 at 22:01:19.36.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\WINDOWS\WindowsMobile\wmdSync.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

C:\Windows\SMINST\BLService.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\PostgreSQL\8.4\bin\postgres.exe

C:\Program Files\PostgreSQL\8.4\bin\postgres.exe

C:\Program Files\PostgreSQL\8.4\bin\postgres.exe

C:\Program Files\PostgreSQL\8.4\bin\postgres.exe

C:\Program Files\PostgreSQL\8.4\bin\postgres.exe

C:\Program Files\Opera\opera.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Rutger\AppData\Local\Opera\Opera\temporary_downloads\zoek.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8FD54B1E-4325-4EEA-AFD7-88AF58CB96A1} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6) - Nederlands

Adobe Shockwave Player

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast Free Antivirus

AviSynth 2.5

AVS Update Manager 1.0

AVS4YOU Software Navigator 1.3

Bejeweled 2 Deluxe

Blasterball 3

Bonjour

Bricks of Egypt

CCleaner

Chuzzle Deluxe

Compatibiliteitspakket voor het 2007 Microsoft Office system

Crystal Maze

CyberLink DVD Suite

CyberLink YouCam

dBpoweramp Music Converter

Digby's Donuts

Diner Dash

Diner Dash 2 Restaurant Rescue

FATE

Fish Tycoon

Full Tilt Poker.Eu

Gem Shop

Google Update Helper

Hewlett-Packard Active Check for Health Check

Hewlett-Packard Asset Agent for Health Check

HiJackThis

Holdem Manager

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP Easy Setup - Frontend

HP Help and Support

HP Integrated Module with Bluetooth wireless technology 6.0.1.6200

HP Quick Launch Buttons 6.40 D1

HP QuickPlay 3.7

HP QuickTouch 1.00 D2

HP Update

HP User Guides 0102

HP Wireless Assistant

HPNetworkAssistant

iCloud

IDT Audio

Insaniquarium Deluxe

Intel© Matrix Storage Manager

iTunes

Java 7 Update 17

Java Auto Updater

Java 6 Update 5

JMicron JMB38X Flash Media Controller

K-Lite Mega Codec Pack 3.5.3

LabelPrint

LightScribe System Software 1.12.33.2

Magic Academy

Mah Jong Quest

Malwarebytes Anti-Malware versie 1.70.0.1100

Microsoft .NET Framework 3.5 Language Pack SP1 - nld

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended NLD Language Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mozilla Firefox 19.0 (x86 nl)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My HP Game Console

My HP Games

NVIDIA-configuratiescherm 306.97

NVIDIA Grafisch stuurprogramma 306.97

NVIDIA HD Audio-stuurprogramma 1.3.18.0

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systeemsoftware 9.12.0604

NVIDIA Update 1.10.8

NVIDIA Update Components

Ocean Express

OGA Notifier 2.0.0048.0

Opera 12.14

Peggle

Penguins

PokerStars

Polar Bowler

Polar Golfer

Polar Golfer Pineapple Cup

PostgreSQL 8.4

Power2Go

PowerDirector

ProtectSmart Hard Drive Protection

Puzzle Express

PVSonyDll

QuickPlay SlingPlayer 0.4.6

Realtek 8169 8168 8101E 8102E Ethernet Driver

Ricochet Lost Worlds

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

SkypeT 6.3

Slingo Deluxe

SopCast 3.3.2

Sudoku Quest

Super Granny

swMSM

Synaptics Pointing Device Driver

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Taalpakket voor Microsoft .NET Framework 4 Extended - NLD

TableNinja

Tradewinds

Treasure Island

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

Virtual Villagers - A New Home

VLC media player 2.0.1

Windows Live - Hulpprogramma voor uploaden

Windows Live aanmeldhulp

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

WinRAR 4.00 (32-bit)

Zuma Deluxe

==== FireFox Fix ======================

ProfilePath: C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default

user.js not found

---- Lines Toggle removed from prefs.js ----

user_pref("extensions.isreaditlater.hotkey_toggle", "alt||W");

user_pref("extensions.smoothwheel.kbToggle_DOM_VK", "0");

---- Lines Toggle modified from prefs.js ----

---- Lines y2layers removed from prefs.js ----

user_pref("extentions.y2layers.installId", "A467CCBA-D170-75DC-D4FE-8859B5FAE481");

user_pref("extentions.y2layers.installId_backup", "A467CCBA-D170-75DC-D4FE-8859B5FAE481");

---- Lines y2layers modified from prefs.js ----

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

user_pref("extensions.enabledAddons", "FasterFox_Lite%40BigRedBrent:3.9.9Lite,%7B5F590AA2-1221-4113-A6F4-A4BB62414FAC%7D:0.45.6.20100202.1,%7Bb442f4c0-c292-4998-aabe-48608a73ba75%7D:10.0,%7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:1.3.1,stefanvandamme%40stefanvd.net:2.1.0.30,donottrackplus%40abine.com:2.2.6.110,%7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8,wrc%40avast.com:7.0.1466,%7Bd62bb6fa-7192-47fd-b640-ad8855c444f3%7D:1.22,plugin%40yontoo.com:1.20.02,%7B99e34760-2754-11e0-91fa-0800200c9a66%7D:5.5");

---- Lines F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB removed from prefs.js ----

---- Lines F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131303_2205_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\plugin@yontoo.com.xpi" deleted

"C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\extensions\plugin@yontoo.com.xpi" deleted

"C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-03-12 12:00:06 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2013-03-12 12:00:06 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2013-03-12 12:00:06 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2013-03-12 12:00:06 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2013-03-12 12:00:06 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

====== C:\Users\Rutger\AppData\Local\Temp ====

2013-03-13 15:39:27 85CAB0CBCF44DF33895F3839DC945521 10563584 ----a-w- C:\Users\Rutger\AppData\Local\Temp\SkypeToolbars.msi

2013-03-13 15:38:42 B06712BF5643BB55600A040F210DC218 20586496 ----a-w- C:\Users\Rutger\AppData\Local\Temp\Skype.msi

====== C:\Windows\system32 =====

2013-03-11 23:25:14 572CBECE3BAA034CD3AF3CBBA5A6F8F2 2557288 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-03-11 23:23:35 353ADD0D05F6265D49C0B95AB6AAF593 52584 ----a-w- C:\Windows\System32\OpenCL.dll

2013-03-11 23:21:33 D820FA30B281E8BAFD24B19BBE198726 888168 ----a-w- C:\Windows\System32\nvdispgenco32.dll

2013-03-11 23:21:33 A9E419A527081E1088FF1A13FBC4690E 19906920 ----a-w- C:\Windows\System32\nvoglv32.dll

2013-03-11 23:21:33 70BA2ED3DE9080D9ED3C65B7ADE6F653 12501352 ----a-w- C:\Windows\System32\nvwgf2um.dll

2013-03-11 23:21:33 54672280A7A9805E3CE4B65FD0350E5D 6127464 ----a-w- C:\Windows\System32\nvopencl.dll

2013-03-11 23:21:33 3F42C367EAC68A81FBED294C15982120 1009512 ----a-w- C:\Windows\System32\nvdispco32.dll

2013-03-11 23:21:32 C937FA0D62CC64FEC133C727611668A0 7697768 ----a-w- C:\Windows\System32\nvcuda.dll

2013-03-11 23:21:32 8A65DE50C4D9BAB60AA04BF47FD31686 2574696 ----a-w- C:\Windows\System32\nvcuvid.dll

2013-03-11 23:21:32 8854614A9792ABCB1D8323B31AF4BF7A 1867112 ----a-w- C:\Windows\System32\nvcuvenc.dll

2013-03-11 23:21:32 2D7F0C68E19E2143986618A25985A5E7 12865 ----a-w- C:\Windows\System32\nvinfo.pb

2013-03-11 23:21:31 AFA6C2B04F74B9F69730D25ED8B9911F 17559912 ----a-w- C:\Windows\System32\nvcompiler.dll

2013-03-09 22:48:44 350C713C2D9B9F5549C50A8D3924E789 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

====== C:\Windows\system32\drivers =====

2013-03-13 12:16:16 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-13 12:16:16 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\Windows\System32\drivers\usb8023x.sys

2013-03-12 09:47:06 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-11 23:21:33 0A1B502CBC8230DA74BEFBAADDB58916 10837352 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys

2013-03-09 10:54:13 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

2013-02-18 08:22:18 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\Windows\System32\drivers\nvhda32v.sys

2013-02-13 11:13:35 74E2D020C47BB2B2FCCBA29A518A7EB4 905576 ----a-w- C:\Windows\System32\drivers\tcpip.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-03-13 20:27:23 -------- d-----w- C:\Program Files\Common Files\Skype

2013-03-13 20:27:23 -------- d-----r- C:\Program Files\Skype

2013-03-11 21:21:26 -------- d-----w- C:\Program Files\Trend Micro

2013-03-05 15:01:58 -------- d-----w- C:\Program Files\NVIDIA Corporation

2013-02-22 14:08:50 -------- d-----w- C:\Program Files\iPod

2013-02-22 14:08:47 -------- d-----w- C:\Program Files\iTunes

2013-02-21 13:43:44 -------- d-----w- C:\Program Files\Full Tilt Poker.Eu

======= C: =====

2013-03-13 15:57:58 187E32B0B20F47DBBF47EDD49E1DB528 717260 ----a-w- C:\blitzerr.txt

2013-03-13 15:16:40 A3E2595A08A197D2772B525E83C92D30 6517 ----a-w- C:\AdwCleaner[s1].txt

2013-03-13 15:10:01 E8F6E9666E162BB5AEBAD5C9FBAA8DD3 6262 ----a-w- C:\AdwCleaner[R2].txt

2013-03-13 14:40:47 6CBBE3240A203B0FF387D9BBDADD49EF 162 ---ha-w- C:\~$wCleaner[R1].txt

2013-03-13 14:40:27 F1279EC2A3CA6826DD77868650E3B19E 6166 ----a-w- C:\AdwCleaner[R1].txt

====== C:\Users\Rutger\AppData\Roaming ======

2013-03-13 13:56:49 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\Rutger\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\Public\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres1\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres.PC_van_Rutger\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres.PC_van_Rutger.002\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres.PC_van_Rutger.001\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\postgres.PC_van_Rutger.000\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\Default\AppData\Local\temp

2013-03-13 13:56:49 -------- d-----w- C:\users\Default User\AppData\Local\temp

2013-03-11 23:26:19 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Temporary Internet Files

2013-03-11 23:26:19 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Geschiedenis

2013-03-11 23:26:19 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Application Data

2013-03-11 23:26:18 -------- d-s---w- C:\users\UpdatusUser\AppData\Roaming\Microsoft

2013-03-11 23:26:18 -------- d-----w- C:\users\UpdatusUser\AppData\Roaming\Media Center Programs

2013-03-11 23:26:18 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Microsoft Help

2013-03-11 23:26:18 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Microsoft

2013-03-07 08:20:11 -------- d-----w- C:\users\Rutger\AppData\Roaming\Hewlett-Packard

2013-03-05 20:58:41 -------- d-----w- C:\users\Rutger\AppData\Local\Hewlett-Packard

2013-03-05 20:53:18 -------- d-----w- C:\users\Rutger\AppData\Roaming\GTek

2013-02-21 13:44:25 -------- d-----w- C:\users\Rutger\AppData\Local\FullTiltPoker.eu

====== C:\Users\Rutger ======

2013-03-12 12:15:25 -------- d-----w- C:\Users\Public\AppData

2013-03-11 23:26:20 -------- d-----w- C:\Users\UpdatusUser\Searches

2013-03-11 23:26:20 -------- d-----w- C:\Users\UpdatusUser\Contacts

2013-03-11 23:26:19 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Sjablonen

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\SendTo

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Recent

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Netwerkprinteromgeving

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\NetHood

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Mijn documenten

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Menu Start

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Local Settings

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Cookies

2013-03-11 23:26:19 -------- d-sh--we C:\Users\UpdatusUser\Application Data

2013-03-11 23:26:18 -------- d--h--w- C:\Users\UpdatusUser\AppData

2013-03-11 23:26:18 -------- d-----w- C:\Users\UpdatusUser\Saved Games

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Videos

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Pictures

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Music

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Links

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Favorites

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Downloads

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Documents

2013-03-11 23:26:18 -------- d-----r- C:\Users\UpdatusUser\Desktop

2013-03-11 23:23:21 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-02-22 14:08:47 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

====== C: exe-files ==

2013-03-13 15:43:46 BDA238D4079311DB2C4C96A5A098C956 597667 ----a-w- C:\Users\Rutger\Desktop\adwcleaner.exe

2013-03-13 14:38:16 BDA238D4079311DB2C4C96A5A098C956 597667 ----a-w- C:\Users\Rutger\Downloads\adwcleaner.exe

2013-03-11 23:26:14 F9836549BDD71EFF316DF2B7D296D776 190312 ----a-w- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe

2013-03-11 23:26:14 50F77D1AFCFD9E1EE865EF9DD0D01BF0 1021288 ----a-w- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe

2013-03-11 23:26:10 0629259E3AF6BB0534FCECA208973404 1258856 ----a-w- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

2013-03-11 23:25:12 D610CDEDF1F702EB0A86B0FBD9BB49E5 1820520 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

2013-03-11 23:25:12 C71F2B4D0151CFEDE5D405C5D60B6FCE 864616 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

2013-03-11 23:25:12 4976584D60CF1ECA6386C6A29F5920EC 55656 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe

2013-03-11 23:25:09 1E7A0C804D259F758A7F38C7E5E1856B 5913448 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

2013-03-11 23:25:03 F0952D0A52375CF2C3855F0D0A7C1905 404328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\Setup.exe

2013-03-11 23:25:03 EB5A13F9139F20AD71ADF4BF79C3AA29 645992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\nvvsvc.exe

2013-03-11 23:25:03 C71F2B4D0151CFEDE5D405C5D60B6FCE 864616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\nvxdsync.exe

2013-03-11 23:25:02 D610CDEDF1F702EB0A86B0FBD9BB49E5 1820520 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\NVTray.exe

2013-03-11 23:25:02 4976584D60CF1ECA6386C6A29F5920EC 55656 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\nvSmartMaxapp.exe

2013-03-11 23:25:01 1E7A0C804D259F758A7F38C7E5E1856B 5913448 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{12AA6B01-D4F2-4B3D-AC20-7C943E3F4AE6}\nvcplui.exe

2013-03-11 23:24:33 F0952D0A52375CF2C3855F0D0A7C1905 404328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.1\Setup.exe

2013-03-11 23:21:34 F9836549BDD71EFF316DF2B7D296D776 190312 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{FE1E7A58-4BA9-45A8-B7D9-A5E078E2091E}\WLMerger.exe

2013-03-11 23:21:34 50F77D1AFCFD9E1EE865EF9DD0D01BF0 1021288 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{FE1E7A58-4BA9-45A8-B7D9-A5E078E2091E}\ComUpdatus.exe

2013-03-11 23:21:33 0629259E3AF6BB0534FCECA208973404 1258856 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{FE1E7A58-4BA9-45A8-B7D9-A5E078E2091E}\daemonu.exe

2013-03-11 23:21:31 E55509AC7EB67621F9CBD8253F497E00 69892848 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5D9880B1-EF20-4479-809D-1DDB97133D18}\NVCPLSetupInt.exe

2013-03-11 23:21:31 C77DF2C91A9C8D69787F3923BD865038 200552 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5D9880B1-EF20-4479-809D-1DDB97133D18}\dbInstaller.exe

2013-03-11 23:21:31 C77DF2C91A9C8D69787F3923BD865038 200552 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe

2013-03-11 23:21:00 0870CD44C62F683A20B904883F1CF309 404328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.0\setup.exe

2013-03-11 23:20:53 FAED0CC8D37C076C03769D4CEFC3442A 1982312 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.NView\nwiz.exe

2013-03-11 23:20:53 F9836549BDD71EFF316DF2B7D296D776 190312 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.Update\WLMerger.exe

2013-03-11 23:20:53 0870CD44C62F683A20B904883F1CF309 404328 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\setup.exe

2013-03-11 23:20:52 CCB77AFC6F137F98C9527B8F8A9F01E9 238952 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.NView\nvTaskbar.exe

2013-03-11 23:20:43 E55509AC7EB67621F9CBD8253F497E00 69892848 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.Driver\NVCPLSetupInt.exe

2013-03-11 23:20:43 C77DF2C91A9C8D69787F3923BD865038 200552 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.Driver\dbInstaller.exe

2013-03-11 23:20:43 7C72F3C973635776301A952E7F9883BA 728424 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.NView\Keystone.exe

2013-03-11 23:20:43 43773A15198EF9EB983EF4F1C5886110 443240 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.NView\nvAppBar.exe

2013-03-11 23:20:43 0629259E3AF6BB0534FCECA208973404 1258856 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.Update\daemonu.exe

2013-03-11 23:20:42 50F77D1AFCFD9E1EE865EF9DD0D01BF0 1021288 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\Display.Update\ComUpdatus.exe

2013-03-11 23:20:38 C81D64448EC6955BD75F98F1CA22A8FF 22580840 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\NV3DVision\3DVision_306.97.exe

2013-03-09 10:16:37 37F5D71F71C9A38E6F2A38E70C8E80A9 13406 ----a-r- C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{621FF0E8-5890-4B2F-8C39-2FA688F8FD88}\_9AB8A59FDFF6057D9D8CB3.exe

2013-03-09 10:16:37 37F5D71F71C9A38E6F2A38E70C8E80A9 13406 ----a-r- C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{621FF0E8-5890-4B2F-8C39-2FA688F8FD88}\_853F67D554F05449430E7E.exe

2013-03-09 10:16:37 37F5D71F71C9A38E6F2A38E70C8E80A9 13406 ----a-r- C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{621FF0E8-5890-4B2F-8C39-2FA688F8FD88}\_0964014566AFD2998FB0F7.exe

2013-03-07 05:25:40 0459339758DFDFF3CFE8CF67312C753D 1274368 ----a-w- C:\Program Files\TableNinja\TableNinja.exe

=== C: other files ==

2013-03-13 12:16:16 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\WINDOWS\System32\drivers\usb8023.sys

2013-03-13 12:16:16 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\WINDOWS\System32\DriverStore\FileRepository\netrndis.inf_f705a06e\usb8023x.sys

2013-03-13 12:16:16 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\WINDOWS\System32\drivers\usb8023x.sys

2013-03-12 09:47:06 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-03-11 23:21:33 A211AB524324E84C2C805B52DFCDD544 124264 ----a-w- C:\WINDOWS\System32\DriverStore\FileRepository\nvhda.inf_866be38f\nvhda32.sys

2013-03-11 23:21:33 A211AB524324E84C2C805B52DFCDD544 124264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{8AF1BBEE-140E-41B4-9CD5-ED18FEF4A0B8}\nvhda32.sys

2013-03-11 23:21:33 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\WINDOWS\System32\DriverStore\FileRepository\nvhda.inf_866be38f\nvhda32v.sys

2013-03-11 23:21:33 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{8AF1BBEE-140E-41B4-9CD5-ED18FEF4A0B8}\nvhda32v.sys

2013-03-11 23:21:33 57B793C433639053B02E0976E426749E 24936 ----a-w- C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_2ff652b4\nvpciflt.sys

2013-03-11 23:21:33 1F07B814C0BB5AABA703ABFF1F31F2E8 189288 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{8AF1BBEE-140E-41B4-9CD5-ED18FEF4A0B8}\nvhda64v.sys

2013-03-11 23:21:33 0A1B502CBC8230DA74BEFBAADDB58916 10837352 ----a-w- C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_2ff652b4\nvlddmkm.sys

2013-03-11 23:21:33 0A1B502CBC8230DA74BEFBAADDB58916 10837352 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys

2013-03-11 23:21:33 0903639E765829867FE90895651BB558 156520 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{8AF1BBEE-140E-41B4-9CD5-ED18FEF4A0B8}\nvhda64.sys

2013-03-11 23:20:58 A211AB524324E84C2C805B52DFCDD544 124264 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\HDAudio\nvhda32.sys

2013-03-11 23:20:58 8FCA563BDF108984932E4D80A5C44D83 430184 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\NV3DVisionUSB.Driver\nvstusb32.sys

2013-03-11 23:20:58 84948366BDC2D86EC4316A6FCC0C8561 445800 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\NV3DVisionUSB.Driver\nvstusb64.sys

2013-03-11 23:20:58 77F9F9A199B87FE3F852E12F5419240B 149352 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\HDAudio\nvhda32v.sys

2013-03-11 23:20:58 1F07B814C0BB5AABA703ABFF1F31F2E8 189288 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\HDAudio\nvhda64v.sys

2013-03-11 23:20:58 0903639E765829867FE90895651BB558 156520 ----a-w- C:\NVIDIA\DisplayDriver\306.97\Win8_WinVista_Win7\International\HDAudio\nvhda64.sys

2013-03-07 08:44:54 CE2931D19C6156AA2349D7C075766039 97465 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check(61)\ActiveCheck\resources\nl-NL\hcsolutions.zip

2013-03-07 08:44:47 1EE32FA167D4CABB6CD839A6EC3EEAE8 884881 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check(61)\ActiveCheck\resources\guidAcheck.zip

2013-03-07 08:44:43 0609415C6568F545C8E437DAF5B9F680 1459347 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check(61)\ActiveCheck\resources\guid.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

[HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1009\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2399130301-618433952-3316616202-1010\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam update Software\CyberLink\YouCam\2.0"

"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe"

"avast"="C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Sidebar"

"hkey"="HKCU"

"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

==== Startup Folders ======================

2012-05-05 14:41:38 1115 ----a-w- C:\users\Rutger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2013 21:51]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/08/2010 20:43]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/08/2010 20:43]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default

- avast WebRep - C:\Program Files\Alwil Software\Avast5\WebRep\FF

- DoNotTrackMe - %ProfilePath%\extensions\donottrackplus@abine.com

- Fasterfox Lite - %ProfilePath%\extensions\FasterFox_Lite@BigRedBrent

- TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com

- LavaFox V2 - %ProfilePath%\extensions\info@djzig.com

- BlackFox V2-Blue - %ProfilePath%\extensions\zigboom.designs@gmail.com

- BlackFox V2 - %ProfilePath%\extensions\zigboom@hotmail.com

- Bright Aero - %ProfilePath%\extensions\{06bd7e00-2a23-11e2-81c1-0800200c9a66}

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

- 8 Ultimo - %ProfilePath%\extensions\{2b6788a0-0ccd-11e1-be50-0800200c9a66}

- Youtube Video Center - %ProfilePath%\extensions\{34878998-c8be-40bc-bc13-9243a2844976}(134)

- Organize Status Bar - %ProfilePath%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}

- Vendetta Online Theme - %ProfilePath%\extensions\{3AF52343-6FC5-4f8e-AFE7-773054020BE9}

- Oskar - %ProfilePath%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}

- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}(135)

- FT GraphiteGlow - %ProfilePath%\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}

- PitchDark - %ProfilePath%\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}

- AmbientFox - %ProfilePath%\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}

- Gradient iCool - %ProfilePath%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}

- Theme Font amp; Size Changer - %ProfilePath%\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}(136)

- Aero Improved - %ProfilePath%\extensions\aeroimproved@rsjtdrjgfuzkfg.com.xpi

- Australis - %ProfilePath%\extensions\Australis@SoapyHamHocks.xpi

- IE6 Toolbar - %ProfilePath%\extensions\ie6@anonymous.net.xpi

- mp3it - %ProfilePath%\extensions\info@mp3it.eu.xpi

- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi

- Office Black - %ProfilePath%\extensions\Office2007Black@JBBS.xpi

- Simple White - %ProfilePath%\extensions\Simple@White.Theme.xpi

- FastestFox - %ProfilePath%\extensions\smarterwiki@wikiatic.com.xpi

- Turn Off the Lights - %ProfilePath%\extensions\stefanvandamme@stefanvd.net.xpi

- SmallringFX DARKBlue - %ProfilePath%\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}.xpi

- mx3 - %ProfilePath%\extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi

- Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi

- Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

- SmoothWheel AMO - %ProfilePath%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi

- Smartest Bookmarks Bar - %ProfilePath%\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi

- FXChrome - %ProfilePath%\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi

- Shine Bright Skin Aero - %ProfilePath%\extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- Youtube Hide Annotations - %ProfilePath%\extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi

- Sky Pilot - %ProfilePath%\extensions\{dbd63b80-1735-11df-8a39-0800200c9a66}.xpi

- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

- FXOpera - %ProfilePath%\extensions\{e7c7d1b3-5984-410e-9f1e-54e3f8490e8e}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Rutger\AppData\Roaming\Mozilla\Firefox\Profiles\hevfdcn5.default

47299371607DC2FB234444EEACB1639E - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U17

D4BD9F86123C87ECA570418B69326F99 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

A5C14075B571AF1C9592595BE724D9D2 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

81D388824634378A37765FD943FB3144 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

8E9A08E2092B3E1ADFF3C46BC1A5124B - C:\Windows\system32\TVUAx\npTVUAx.dll - TVU Web Player for FireFox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

699C563EB0B7428838CA3A796500E2E8 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)

89CFC74DC27D34419BFADDDF5D8835DF - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin

699C563EB0B7428838CA3A796500E2E8 - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)

89CFC74DC27D34419BFADDDF5D8835DF - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll - RealPlayer Version Plugin

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

2AA3703D87E1327A2290C9D416D89A28 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

kpionmjnkbpcdpcflammlgllecmejgjj - C:\Program Files\vShare.tv plugin\vshareplg.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{02CACCBE-FA6D-4135-9F9A-A044E3DB93E7} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-nl"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{E39606B2-8367-4E20-8956-633684457DDB} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta="

{E5D50DA1-4FB0-41ED-9ECE-AAB347408906} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}"

{EFF898FC-63E5-4A10-8DC0-C3C92D446EDF} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== shortcuts on Users Desktops ======================

C:\Users\postgres.PC_van_Rutger.002\Desktop\MiPony.lnk - C:\Program Files\MiPony\MiPony.exe

C:\Users\postgres1\Desktop\MiPony.lnk - C:\Program Files\MiPony\MiPony.exe

C:\Users\Rutger\Desktop\HiJackThis.lnk - C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Rutger\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Rutger\Desktop\TableNinja.lnk - C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{621FF0E8-5890-4B2F-8C39-2FA688F8FD88}\_9AB8A59FDFF6057D9D8CB3.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk - C:\Program Files\Full Tilt Poker.Eu\FullTiltPokerEU.exe

C:\Users\Public\Desktop\HoldemManager.lnk - C:\Program Files\RVG Software\Holdem Manager\HoldemManager.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Rutger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja.lnk - C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{621FF0E8-5890-4B2F-8C39-2FA688F8FD88}\_0964014566AFD2998FB0F7.exe

C:\Users\Rutger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Rutger\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker.Eu\Full Tilt Poker.Eu verwijderen.lnk - C:\Program Files\Full Tilt Poker.Eu\uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker.Eu\Full Tilt Poker.Eu.lnk - C:\Program Files\Full Tilt Poker.Eu\FullTiltPokerEU.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager\Holdem Manager.lnk - C:\Program Files\RVG Software\Holdem Manager\HoldemManager.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager\Uninstall Holdem Manager.lnk - C:\Program Files\RVG Software\Holdem Manager\UninstallHoldemManager.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\postgres.PC_van_Rutger.002\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files\MiPony\MiPony.exe

C:\Users\postgres1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files\MiPony\MiPony.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj deleted successfully

==== Empty IE Cache ======================

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Rutger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Rutger\AppData\Local\Mozilla\Firefox\Profiles\hevfdcn5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Rutger\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Rutger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

[kape]

Prima zo ... en dan weer de vraag: hoe staan de zaken nu ?

[Gast Richard21]

De laptop is sinds gister niet meer vastgelopen. Alleen de 3 min wachten voor het internetconnectie symbool en het crashen van de pc na het inloggen bij skype komen nog voor.

[Gast Richard21]

Vaag mn laptop liep weer eens vast toen ik skype probeerde te starten. Begint mn pc tijdens de opstart een schijfopruiming en vervolgens werkt Skype opeens weer.

[Gast Richard21]

Mn laptop werkt tot nu toe weer prima. Hartstikke bedankt voor je hulp kape. Echt top. Ik waardeer het zeer.