Help scherm komt ongevraagd te voorschijn

kape · 28 maart 2013

Neen, selectief opstarten = OK. Moet eerlijk toegeven dat mijn vaatje met mogelijkheden nu helemaal leeg is. Heb geen idee meer waar dat Help-scherm vandaan kan komen

PolH · 28 maart 2013

Voorlopig zal ik daar verder mee moeten leven, Heb vorig jaar met Norton Ghost een copie van mijn systeem gemaakt misschien zet ik het terug.

Mag ik "Adwcleaner" zomaar gebruiken op een andere pC?

kape · 28 maart 2013

Mag ik "Adwcleaner" zomaar gebruiken op een andere pC?

AdwCleaner is een betrouwbaar en veilig programma. Mag je zonder problemen ook op een andere PC toepassen.

PolH · 5 april 2013

Het probleem is gevonden. Ik gebruik een draadloos toetsenbord en daar is iets mis mee. Ik gebruik het nu niet meer en de helmschermen verschijnen niet meer. Ik heb nu de situatie van vorig jaar op mijn computer, maar daar staat nogal veel brol op. Wat kan ik doen om mijn computer te optimaliseren.

kape · 5 april 2013

Dan gaan we terug met de "grote" middelen scannen ...

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- Running processes
- Installed Programs
- HijackThis Log
- Firefox Look
- Chrome Look
- Firefox Defaults
- Reset Chrome
- Reset IE proxy
- Empty Temp Folders
- System Restore Point
- System Restore Info
- Shortcut Fix
- IE Defaults
- Reset Hosts
- Auto Clean
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

PolH · 5 april 2013

Zoek.exe Version 4.0.0.2 Updated 31-03-2013

Tool run by Pol on vr 05/04/2013 at 17:20:52,49.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

5/04/2013 17:23:03 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\windows\system32\csrss.exe

C:\windows\system32\wininit.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV.exe

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\OpenEdge\bin\AdmSrvc.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\aestsrv.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe

C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe

C:\windows\system32\FsUsbExService.Exe

C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe

C:\Program Files\PDF Complete\pdfsvc.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Fighters\SPAMfighter\sfus.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Fighters\FighterSuiteService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Bandoo\Bandoo.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files\OpenEdge\jre\bin\java.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k bthsvcs

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\windows\system32\wbem\WmiApSrv.exe

C:\Windows\System32\igfxtray.exe

C:\windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\Fighters\SPAMfighter\sfagent.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Fighters\Tray\FightersTray.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Microsoft Office\Office12\GROOVE.EXE

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\windows\system32\conhost.exe

C:\Program Files\OpenEdge\jre\bin\java.exe

C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\windows\system32\DllHost.exe

C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe

C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Program Files\Bandoo\BndCore.exe

C:\windows\system32\taskhost.exe

C:\Users\Pol\Desktop\zoek.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\vssvc.exe

C:\windows\System32\svchost.exe -k swprv

C:\windows\system32\DllHost.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

==== Older Logs ======================

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

Adobe Acrobat 5.0

Adobe ConnectNow Add-in

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.1) - Nederlands

Adobe Shockwave Player 11.6

AllDup 3.3.14

Allway Sync version 10.4.0

ArcSoft PhotoImpression 6

Avery Wizard 4.0

AVS Document Converter 2.0.1

AVS Update Manager 1.0

AVS4YOU Software Navigator 1.4

Babylon toolbar on IE

Bandoo

Belgium e-ID middleware 3.5.4 (build 6535)

BlazePhoto 2.0

Broadcom 2070 Bluetooth 2.1 + EDR

Bubble Shooter Deluxe

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Corel Home Office - CS Templates

Corel Home Office - CT Templates

Corel Home Office - IPM

Corel Home Office - JP Templates

Corel Home Office - KR Templates

Corel Home Office - Launcher

Corel Home Office - Templates RU

Corel Home Office - Templates1

Corel Home Office

CyberLink PowerDVD 11

D3DX10

DirectX 9 Runtime

Dropbox

Elektronisch Groene Boekje

Express Zip File Compression Software

Facemoods Toolbar

Finale PrintMusic 2008 NL

GearDrvs

Google Toolbar for Internet Explorer

Google Update Helper

Harmony Assistant

Hewlett-Packard ACLM.NET v1.1.1.0

HP Advisor

HP Customer Experience Enhancements

HP ESU for Microsoft Windows 7

HP HotKey Support

HP Setup

HP SoftPaq Download Manager

HP Software Framework

HP Software Setup

HP Support Assistant

HP User Guides 0190

HP Web Camera

HP Webcam

HP Webcam Driver

HP Wireless Assistant

IDT Audio

iLivid

iMesh

Intel® Graphics Media Accelerator Driver

Intel© Matrix Storage Manager

Java 2 Runtime Environment, SE v1.4.2_04

Java Auto Updater

Java 6 Update 27

KBC-beveiligingscomponenten

LightScribe System Software

LSI HDA Modem

Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office 2010

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Online Services Aanmelden

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox (3.6.10)

MSVC80_x86_v2

MSVC90_x86

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetObjects Fusion 10.0

Nokia Connectivity Cable Driver

Nokia Ovi Suite

Nokia Ovi Suite Software Updater

Nokia PC Suite

Norton 360

OGA Notifier 2.0.0048.0

OpenEdge 10.2B

OsaSync PRO

Ovi Desktop Sync Engine

OviMPlatform

OVT Scanner X86

Paint Shop Pro 7 Anniversary Edition

PartyGammon

PC Connectivity Solution

PDF Complete Special Edition

PDFCreator

PDFtoMusic

Picasa 3

Realtek Ethernet Controller All-In-One Windows Driver

REALTEK Wireless LAN Software

Rotate Mania v3.1

Roxio Activation Module

Roxio Creator Audio

Roxio Creator Business

Roxio Creator Business v10

Roxio Creator Copy

Roxio Creator Data

Roxio Creator Tools

Roxio Express Labeler 3

Roxio MyDVD

Samsung New PC Studio

SAMSUNG USB Driver for Mobile Phones

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office Groove 2007 (KB2552997)

Security Update for Microsoft Office InfoPath 2007 (KB2510061)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

SkypeT 4.1

Sonic CinePlayer Decoder Pack

SPAMfighter

Stuurprogrammapakket voor Windows - Fedict SmartCard (12/08/2009 4.0.0.2)

Sunny Explorer

swMSM

Symantec Technical Support Advanced Chat Controls

Synaptics Pointing Device Driver

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Unity Web Player

Universal Document Converter

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Wincore MediaBar

Windows-stuurprogrammapakket - Nokia Modem (06/09/2010 4.5)

Windows-stuurprogrammapakket - Nokia Modem (06/09/2010 7.01.0.7)

Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows 7 Default Setting

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

Windows iLivid Toolbar

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bandoo coordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bandoo coordinator deleted successfully

==== Reset Hosts File ======================

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\prefs.js:

user_pref("browser.startup.homepage", "Search");

user_pref("browser.search.defaultenginename", "Search Results");

user_pref("browser.search.selectedEngine", "Search Results");

user_pref("browser.search.order.1", "Search Results");

user_pref("keyword.URL", "Search-results Search=");

Added to C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

user.js not found

---- Lines facemoods removed from prefs.js ----

user_pref("extensions.facemoods.aflt", "ironto");

user_pref("extensions.facemoods.dfltSrch", true);

user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");

user_pref("extensions.facemoods.dnsErr", true);

user_pref("extensions.facemoods.DNSErrUrl","Facemoods Search");

user_pref("extensions.facemoods.firstRun", true);

user_pref("extensions.facemoods.hmpg", true);

user_pref("extensions.facemoods.hmpgUrl", "Facemoods Search");

user_pref("extensions.facemoods.id", "9cd88f9100000000000070f1a1b9c0de");

user_pref("extensions.facemoods.instlDay", "15244");

user_pref("extensions.facemoods.mntz","");

user_pref("extensions.facemoods.newTab", true);

user_pref("extensions.facemoods.newTabUrl", "Facemoods Search");

user_pref("extensions.facemoods.prtnrId", "facemoods.com");

user_pref("extensions.facemoods.searchProviderAdded", true);

user_pref("extensions.facemoods.sid", "19ab00ce9c7e453883695c27c695803e");

user_pref("extensions.facemoods.tlbrSrchUrl","Facemoods Search");

user_pref("extensions.facemoods.vrsn", "1.4.17.11");

---- Lines facemoods modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

---- Lines babylon modified from prefs.js ----

---- Lines searchqu removed from prefs.js ----

---- Lines searchqu modified from prefs.js ----

---- Lines bandoo removed from prefs.js ----

---- Lines bandoo modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20130504_1728_.backup

==== Deleting Files \ Folders ======================

"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\searchplugins\SearchResults.xml" deleted

"C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe" deleted

"C:\windows\system32\appdata" deleted

"C:\Program Files\Bandoo" deleted

"C:\Program Files\facemoods.com" deleted

"C:\Program Files\BabylonToolbar" deleted

"C:\Program Files\iMesh Applications\MediaBar" deleted

"C:\Program Files\Windows iLivid Toolbar" deleted

"C:\Users\Pol\AppData\Roaming\Babylon" deleted

"C:\Users\Pol\AppData\Roaming\Bandoo" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Bandoo" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo" deleted

"C:\Users\Pol\AppData\Local\Ilivid Player" deleted

"C:\Users\Pol\AppData\Local\PackageAware" deleted

"C:\Users\Pol\AppData\Local\Babylon" deleted

"C:\Users\Pol\AppData\LocalLow\mediabarim" deleted

"C:\Users\Pol\AppData\LocalLow\facemoods.com" deleted

"C:\Users\Pol\AppData\LocalLow\DataMngr" deleted

"C:\Users\Pol\AppData\LocalLow\searchquband" deleted

"C:\Users\Pol\AppData\LocalLow\searchqutoolbar" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\ffxtlbr@Facemoods.com" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\searchqutoolbar" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\ffox@bandoo.com" deleted

"C:\Program Files\iMesh Applications\MediaBar\Datamngr" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

2013-04-05 13:59:07 2AAD8C9A7E3A4E539D54FC2144D85EB4 384 ----a-w- C:\windows\myClean.bat

2013-04-04 20:14:36 91FB7CF09EFBC7C5A295384300471E3C 39 ---ha-w- C:\windows\spfid.bin

====== C:\Users\Pol\AppData\Local\Temp ====

====== C:\windows\system32 =====

2013-04-05 14:13:06 9C3A85450DDFA14A958146305F6C8EFE 237088 ------w- C:\windows\System32\MpSigStub.exe

2013-04-05 07:44:36 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\windows\System32\wups2.dll

2013-04-05 07:44:36 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\windows\System32\wuauclt.exe

2013-04-05 07:44:36 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\windows\System32\wucltux.dll

2013-04-05 07:44:35 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\windows\System32\wuaueng.dll

2013-04-05 07:44:20 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\windows\System32\wudriver.dll

2013-04-05 07:44:20 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\windows\System32\wups.dll

2013-04-05 07:44:20 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\windows\System32\wuapi.dll

2013-04-05 07:44:09 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\windows\System32\wuwebv.dll

2013-04-05 07:44:09 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\windows\System32\wuapp.exe

2013-04-04 20:14:37 91FB7CF09EFBC7C5A295384300471E3C 39 ---ha-w- C:\windows\System32\spfid.bin

====== C:\windows\system32\drivers =====

2013-04-05 13:50:18 C940F10C31E2C60CC967FFD6A370720C 142496 ----a-w- C:\windows\System32\drivers\SYMEVENT.SYS

2013-04-05 13:50:18 8378774ABC9CAA2C60B298AE0C084FB7 7446 ----a-w- C:\windows\System32\drivers\SYMEVENT.CAT

2013-04-05 13:50:18 2A8DCC2EC2AC5C0588F818B16E606CED 806 ----a-w- C:\windows\System32\drivers\SYMEVENT.INF

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

2013-04-05 08:23:55 -------- d-----w- C:\Program Files\Common Files\Common Toolkit Suite

======= C: =====

====== C:\Users\Pol\AppData\Roaming ======

====== C:\Users\Pol ======

2013-04-05 14:00:19 -------- d-----w- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

2013-04-05 09:02:29 -------- d-----w- C:\ProgramData\PCSettings

====== C: exe-files ==

2013-04-05 15:17:07 A79EFB649E3CA9A7DA3C2E7400EACC8B 544 -c--a-w- C:\$Recycle.Bin\S-1-5-21-3740741272-41367026-2587978378-1001\$IJCY7FD.exe

2013-04-05 13:21:10 2908AF0DABE8D664A0F006B092EF993D 866592 ----a-w- C:\$Recycle.Bin\S-1-5-21-3740741272-41367026-2587978378-1001\$RJCY7FD.exe

2013-04-05 08:58:45 34B24D365D941FB99ADC6EBF6AD958B8 908792 ----a-w- C:\Users\Pol\Downloads\AutoDetectPkg (2).exe

2013-04-05 08:25:05 34B24D365D941FB99ADC6EBF6AD958B8 908792 ----a-w- C:\Users\Pol\Downloads\AutoDetectPkg (1).exe

2013-04-05 08:22:12 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe

2013-04-05 08:22:12 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe

2013-04-05 08:22:12 D72C46A6A7BA572162B0B8DA6F9A8C65 44344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe

2013-04-05 08:22:12 773F287C664866AB432F55A30C29057C 20184 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\LowDiskSpaceDetection.exe

2013-04-05 08:22:12 65C74D0981EFCBBAEFC4DC6D077380AA 27864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe

2013-04-05 08:19:06 34B24D365D941FB99ADC6EBF6AD958B8 908792 ----a-w- C:\Users\Pol\Downloads\AutoDetectPkg.exe

2013-04-05 07:50:52 35249BED5BDDF27BD7039E7C9D0A8F9D 1216392 ----a-w- C:\Users\Pol\Documents\My Dropbox\Gebruikershandleiding\PDFCreatorSetup.exe

2013-04-04 20:11:39 5CA39C1D83B285427FC20044A14F0F4A 1718808 ----a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_0BB4946B2EEAC900.exe

2013-04-04 20:11:35 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe

2013-04-04 20:11:31 BAD663957F682F95B22C4E83AB49CB52 308368 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_38F27E698DCE3952.exe

2013-04-04 20:11:27 4A001CFD8565634EC6891B6BFAB04183 1053840 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe

2013-04-04 20:10:46 88C48DAAB78EEE9F856C8BFF2141F09B 530464 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3607.2246\GoogleToolbarInstaller_updater_signed.exe

2013-04-04 20:09:01 0EF4E7E582711D151E8B78727B406F05 33039712 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.43\26.0.1410.43_chrome_installer.exe

2013-04-04 20:03:32 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-04-04 20:03:32 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-04-04 20:03:30 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-04-04 20:02:47 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-04-04 20:02:47 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-04-04 20:02:41 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-04-04 20:02:37 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe

2013-04-03 04:34:14 842C9F04F3AA7A22A63C5E20C1EEE075 207000 ----a-w- C:\Users\Pol\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe

2013-04-03 04:33:12 48CF3775E43C222AACBF1167C88042BA 26353760 ----a-w- C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

=== C: other files ==

2013-04-05 13:59:07 2AAD8C9A7E3A4E539D54FC2144D85EB4 384 ----a-w- C:\Windows\myClean.bat

2013-04-05 13:50:18 C940F10C31E2C60CC967FFD6A370720C 142496 ----a-w- C:\Windows\System32\drivers\SYMEVENT.SYS

2013-04-05 13:49:58 FE9BD381778A344F0E39AE2D5E607D7F 32344 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\srtspx.sys

2013-04-05 13:49:58 8C9B9036E301A9965CF15BEC91C58A12 175264 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\Ironx86.sys

2013-04-05 13:49:58 6EA77FF0CE4E839EA8B1CEA5F5B28C00 367704 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\SymDS.sys

2013-04-05 13:49:58 40D7124FB57EB208E3DD56A73545FB64 21400 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\SymELAM.sys

2013-04-05 13:49:58 21698476A90ACAA056B8CFE09A82785F 338592 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\symnets.sys

2013-04-05 13:49:58 1773FB2920EBB3A8BAD0360618091470 934488 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\SymEFA.sys

2013-04-05 13:49:58 1277AD8F053CC60C17CAFAB411F3CF40 134304 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\ccSetx86.sys

2013-04-05 13:49:58 0A8F71E1DB5432A5B9285111421E77EC 602712 ----a-r- C:\Windows\System32\drivers\N360\1403000.024\srtsp.sys

2013-04-05 08:16:01 EE6E1BFF88DC540A4480E1255C9F15EF 70670405 ----a-w- C:\Users\Pol\Documents\My Dropbox\koor\Project 2012\WeTransfer-Q0U3wpcz.zip

2013-04-05 08:05:44 53C5415A49289DCF059EDDCC32F5ABA0 502460 ----a-w- C:\Users\Pol\Documents\My Dropbox\Anpoka\dump.zip

2013-04-05 08:03:23 ACA8BF845311E08CEA1480DCB8D74A10 14505117 ----a-w- C:\Users\Pol\Documents\My Dropbox\Davidsfonds\100 jaar\DF Geschiedenis\Df-geschiedenis A5 met foto's.zip

2013-04-05 07:57:15 8462D9ECD3C559770C43E924DE6FCAFF 50403 ----a-w- C:\Users\Pol\Documents\My Dropbox\Administratie\W7.zip

2013-04-05 07:55:24 6923F39E009EBAEFCACADF621BDA5720 437941 ----a-w- C:\Users\Pol\Documents\My Dropbox\Davidsfonds\2012 - 2013\BNP\NNDC.zip

2013-04-05 07:51:02 D5E8E218EA85B75F4F9561DFD85D7763 1475196 ----a-w- C:\Users\Pol\Documents\My Dropbox\koor\webber-pieJesu-partitura.zip

2013-04-05 07:51:02 1EDB2940AABCD7360A2B42A0919C3525 1475350 ----a-w- C:\Users\Pol\Documents\My Dropbox\koor\webber-pieJesu-partitura (2).zip

======== System Restore Points ========

RP40: 5/04/2013 17:22:43 - zoek.exe restore point

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Skype"="C:\Program Files\Skype\\Phone\Skype.exe /nosplash /minimized"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"NokiaOviSuite2"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe"

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"SignIn"="C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe /autorun"

"beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"

"sfagent"="C:\Program Files\Fighters\SPAMfighter\sfagent.exe"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"

"IsaKbcCertUpdate"="C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe"

"DATAMNGR"="C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"facemoods"="C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe /md I"

"RemoteControl11"="C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe"

"CommonToolkitTray"="C:\Program Files\Fighters\Tray\FightersTray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Skype"="C:\Program Files\Skype\\Phone\Skype.exe /nosplash /minimized"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"NokiaOviSuite2"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Folders ======================

2010-09-14 12:02:00 1048 ----a-w- C:\users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2011-10-04 08:45:30 1151 ----a-w- C:\users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk

2010-09-13 16:43:30 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/06/2011 12:54]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19/06/2011 12:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

- Undetermined - C:\Program Files\McAfee\SiteAdvisor Enterprise

- Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

- Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

- Wincore Mediabar - %ProfilePath%\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}

- Absolutist Games Toolbar - %ProfilePath%\extensions\{631ac2d4-57b3-42b0-a148-da33b462c1a3}

- Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

- Undetermined - %AppDir%\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

==== Firefox Plugins ======================

Profilepath: C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default

2BCA54CB6A12A5EFBF922C0C1856F30D - C:\Program Files\Java\j2re1.4.2_04\bin\NPJPI142_04.dll - Java Plug-in

22E022C1B47866F29ACE50693AB656B0 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in

9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system

==== Deleting Files \ Folders ======================

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}" deleted

"C:\Users\Pol\AppData\Roaming\Mozilla\Firefox\Profiles\0pkevk53.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dloejdefkancmfajekobpfoacecnhpgp - C:\Program Files\Bandoo\ChromePackage.crx[]

ihflimipbcaljfnojhhknppphnnciiif - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\20.3.0.36\Exts\Chrome.crx[13/02/2013 21:02]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="De Standaard Online"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="Facemoods Search"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Facemoods Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Start Page"="De Standaard Online"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{16365DD7-2B7D-46A0-AA77-88F9A092D4A7}"

{16365DD7-2B7D-46A0-AA77-88F9A092D4A7} Google Url="{searchTerms} - Google zoeken"

{34E06CAD-35C0-4201-9B09-1529B6FAD270} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{28387537-e3f9-4ed7-860c-11e69af4a8a0} deleted successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Norton 360.lnk - C:\Program Files\Norton 360\Engine\20.3.0.36\uiStub.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten\C3050.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=d0176af8dbe6

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten\Nokia 6700s.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=a04e046f96cc

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall.lnk - C:\Users\Pol\AppData\Roaming\Dropbox\bin\Uninstall.exe

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton Installation Files.lnk - C:\Users\Public\Downloads\Norton\{N360203036-SHPD-FSD33017}

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{N360203036-SHPD-FSD33017}

C:\Users\Pol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Aanpassen.lnk - C:\Program Files\Fighters\SPAMfighter\uninstall.exe Change

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Deïnstalleren.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Instellingen.lnk - C:\Program Files\Fighters\SPAMfighter\spamcfg.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Koop SPAMfighter Pro.lnk - C:\Program Files\Fighters\SPAMfighter\spamcfg.exe /F:GotoURL=BuyNow

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Repareren.lnk - C:\Program Files\Fighters\SPAMfighter\uninstall.exe Reinstall

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\SPAMfighter.lnk - C:\Program Files\Fighters\FighterLauncher.exe SFPRO

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Crash Dumps.lnk - C:\Users\Pol\AppData\Roaming\Fighters\SPAMfighter\Dumps

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Logbestanden.lnk - C:\Users\Pol\AppData\Roaming\Fighters\SPAMfighter\Logs

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Verzamel logbestanden.lnk - C:\Program Files\Fighters\LogFilesCollector.exe /product:SFPRO

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Tools voor Ondersteuning\Vraag Ondersteuning aan.lnk - C:\Program Files\Fighters\SPAMfighter\spamcfg.exe /F:Support

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Veelgestelde vragen en Licentieovereenkomst\Licentieovereenkomst.lnk - C:\Program Files\Fighters\SPAMfighter\Documents\License.rtf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters\SPAMfighter\Veelgestelde vragen en Licentieovereenkomst\Veelgestelde Vragen.lnk - C:\Program Files\Fighters\SPAMfighter\spamcfg.exe /F:GotoURL:FAQ

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\LiveUpdate.lnk - C:\Program Files\Norton 360\Engine\20.3.0.36\uiStub.exe /lu

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\NBRT.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Norton 360.lnk - C:\Program Files\Norton 360\Engine\20.3.0.36\uiStub.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Support.lnk - C:\Program Files\Norton 360\Engine\20.3.0.36\symerr.exe /support

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360\Uninstall Norton 360.lnk - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\20.3.0.36\InstStub.exe /X /shortcut

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dloejdefkancmfajekobpfoacecnhpgp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Standaard Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [signIn] "C:\Program Files\Microsoft Online Services\Sign In\SignIn.exe" /autorun

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I

O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Pol\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: Microsoft Office Groove.lnk = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE

O4 - Global Startup: Bluetooth.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Pol\Desktop\PartyGammon.lnk (file missing)

O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Users\Pol\Desktop\PartyGammon.lnk (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: CBC (HKLM)

O15 - Trusted Zone: http://www.isabel.be (HKLM)

O15 - Trusted Zone: PC Helpforum - Gratis hulp bij computer problemen (HKLM)

O15 - Trusted Zone: http://www.isabel.eu (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: KBC (HKLM)

O15 - Trusted Zone: KBC Asset Management (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: http://www.kbcbankingforbusiness.com (HKLM)

O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)

O15 - Trusted Zone: http://*.mcafee.com (HKLM)

O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) - http://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\iebho.dll c:\progra~1\bandoo\bndhook.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: AdminService for OpenEdge 10.2B (AdminService10.2B) - Unknown owner - C:\Program Files\OpenEdge\bin\AdmSrvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe

O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe

O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe

O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe

O23 - Service: Norton Online Backup (NOBU) - Unknown owner - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe (file missing)

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\Pol\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Pol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

kape · 5 april 2013

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java SE 7 en download daar de juiste Java versie naar uw bureaublad, 32 of 64 bit. Voor 32 bit download je Windows x86, voor 64 bit download je Windows x64.

Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-7-windows-x64 / x86 op je Bureaublad om de nieuwste versie van Java te installeren.

Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
 [HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Run];r
 "DATAMNGR"=;r
 "facemoods"=;r
 C:\Program Files\facemoods.com;fs
 C:\Program Files\Java\j2re1.4.2_04;fs
 C:\Program Files\iMesh Applications\MediaBar;fs

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- HijackThis Log
- System Restore Point
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

PolH · 6 april 2013

Zoek.exe Version 4.0.0.2 Updated 05-April-2013

Tool run by Pol on za 06/04/2013 at 20:50:14,59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

6/04/2013 20:51:33 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-3740741272-41367026-2587978378-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"DATAMNGR"=

"facemoods"=

==== Deleting Files \ Folders ======================

"C:\Program Files\facemoods.com" not found

"C:\Program Files\Java\j2re1.4.2_04" not found

"C:\Program Files\iMesh Applications\MediaBar" not found

"C:\windows\system32\appdata" deleted

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = De Standaard Online

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll