malware op computer?

[bart0]

Hallo,

ik heb denk ik drie weken geleden een programma gedownload waarmee je muziek kon downloaden. Toen ik het programma downloadde was er niks aan de hand en enkele dagen later ook nog niet, maar nu, ongeveer een week of twee geleden begon het.

In mijn standaard browser (google chrome), startte naast de door mij ingestelde opstartpagina's, nog een andere site op (http://www.delta-search.com/)

Later gaf google chrome aan dat deze site een malware site was en of je door wilde gaan, dit deed ik uiteraard niet. 2 dagen later kwam er naast de door mij niet ingestelde opstartsite nog een andere site bij. Weer wat later (nu dus) is de eerste site (die werd gedecteerd door google weer verdwenen en wordt dus ook niet meer opgestart) en is er nog maar een site die verschijnt bij het opstarten (http://searchou.com/?id=e4547e760000000000000017c458ce10)

Ik heb het programma nog niet verwijderd, want weet niet of het dan nog mogelijk is om andere verborgen bestanden te verwijderen.

Ik ben bang dat ik malware op mijn computer heb en ik hoop dat jullie mij kunnen helpen met het verwijderen ervan.

Alvast super bedankt!!!

P.s. Ik zag dat andere allemaal een hijack-bestand moesten sturen, dus die heb ik er alvast bij gezet:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:56:04, on 16-4-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Livedrive\Livedrive.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe

C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Bart\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files\Industriya\privitize\1.8.16.22\bh\privitize.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: BrowserHelper Class - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files\Livedrive\LivedriveExplorerExtensions.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll

O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue

O4 - HKCU\..\Run: [Livedrive] "C:\Program Files\Livedrive\Livedrive.exe" /setup

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

O4 - HKCU\..\Run: [spotify] "C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bart\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://navigram.com/engine/v1140/Navigram.cab

O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\magnipic\sprote~1.dll

O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll

O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Livedrive VSS Service (LivedriveVSSService) - Unknown owner - C:\Program Files\Livedrive\VSSService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe

--

End of file - 10324 bytes

[Mako]

Hallo bart0,

Ik zal je log bekijken.

Ik moet echter mijn advies eerst laten keuren door een gekwalificeerd helper, hierdoor kan het iets langer duren voordat ik je verder kan helpen.

Alvast bedankt voor je begrip.

Met vriendelijke groet,

Mako

[bart0]

geen probleem, ik wacht geduldig af.

Ben al heel blij als jullie mij willen helpen.

[Mako]

Hoi,

Je hebt inderdaad een infectie opgelopen. We zullen je helpen hier opnieuw vanaf te geraken

1. Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:
   O2 - BHO: privitize Helper Object - {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files\Industriya\privitize\1.8.16.22\bh\privitize.dll
   O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll
   O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll
   O4 - HKCU\..\Run: [b89371320B2EE11FC054C53F0A75C821DF3B361D._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
   O20 - AppInit_DLLs: c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll c:\progra~1\magnipic\sprote~1.dll
   Klik op 'Fix checked' om de items te verwijderen.
   Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.
   
2. Download zoek.exe naar het bureaublad.
   
   • 
     
   • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
     (hier of hier) kan je lezen hoe je dat doet.
     
   • Dubbelklik op Zoek.exe om de tool te starten.
     
   • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
     
   • Kopieer nu onderstaande code en plak die in het grote invulvenster:
     
   • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
     

 
process;
startupall; 
filesrcm; 
uninstall-list;
autoclean;
firefoxlook;
chromelook;
BrowserProtect;s

• 
  
• Klik daarna op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Groet,

Mako

[bart0]

Hallo Mako,

Hieronder is het bestand dat ik moest sturen.

Ik hoop dat je mij weer verder kan helpen

Moet ik het gedownloade programma, waarna de problemen ontstonden, al verwijderen of is dat (nog) niet nodig?

Nogmaals heeeeeel erg bedankt!!!

groetjes,

Bart

Zoek.exe Version 4.0.0.2 Updated 15-April-2013

Tool run by Bart on wo 17-04-2013 at 21:43:47,52.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

C:\Prey\platform\windows\cronsvc.exe

C:\Windows\system32\schtasks.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Livedrive\VSSService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Livedrive\Livedrive.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe

C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Bart\Desktop\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted

"C:\Users\Bart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted

"C:\ProgramData\MyaagniPPicc" deleted

"C:\Program Files\Delta" deleted

"C:\Program Files\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files\Industriya" deleted

"C:\Users\Bart\AppData\Roaming\Industriya" deleted

"C:\Users\Bart\AppData\Roaming\BabSolution" deleted

"C:\Users\Bart\AppData\Roaming\Babylon" deleted

"C:\Users\Bart\AppData\Roaming\Delta" deleted

"C:\Users\Bart\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\BrowserProtect" not deleted

"C:\ProgramData\CLSoft LTD" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Premium" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyaagniPPicc" deleted

"C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect" deleted

"C:\Users\Bart\AppData\Local\PackageAware" deleted

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Bart\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-04-14 17:21:01 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-14 17:21:00 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-04-14 17:21:00 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-04-14 17:21:00 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-04-14 17:20:59 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-04-14 17:20:59 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-04-14 17:20:58 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-04-14 17:20:58 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-04-14 17:20:58 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-04-14 17:20:57 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-14 17:20:57 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\System32\url.dll

2013-04-14 17:20:56 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-04-14 17:20:55 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\System32\urlmon.dll

2013-04-14 17:20:54 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-04-14 17:20:53 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\System32\mshtml.dll

2013-04-14 17:20:52 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\System32\ieframe.dll

2013-04-10 19:50:48 6FCC2090F055F5C96236DCD057DD705D 2347008 ----a-w- C:\Windows\System32\win32k.sys

2013-04-10 19:50:43 80A652978002318C9723D43CFA618816 3916632 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-04-10 19:50:43 3DFCBEEE97DF8BBAA749CAACFC9C43E1 3972440 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-04-10 19:50:42 47C2D6C4F7080A9D67259E83A617B08D 97792 ----a-w- C:\Windows\System32\appidpolicyconverter.exe

2013-04-10 19:50:42 0106C36DFF51A161DB4C34C4C14ECC41 29696 ----a-w- C:\Windows\System32\appidsvc.dll

2013-04-10 19:50:41 DE91DCC7BC55E940979097E98F743205 69632 ----a-w- C:\Windows\System32\smss.exe

2013-04-10 19:50:41 5B7C7A3C706A90FBCCC319ABEFF14F3A 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe

2013-04-10 19:50:41 23AB7E36551C6BA5370EF7F05142F0EB 38912 ----a-w- C:\Windows\System32\csrsrv.dll

2013-04-10 19:50:41 0624CB85816C748DA16DB347FCF3352F 50688 ----a-w- C:\Windows\System32\appidapi.dll

2013-04-10 19:50:34 0B7E6782CCC28D1068E267554B566A60 3218432 ----a-w- C:\Windows\System32\mstscax.dll

2013-04-10 19:50:33 3E675B1FB08210BE724E79D7D1DA4D79 131584 ----a-w- C:\Windows\System32\aaclient.dll

2013-04-10 19:50:33 162F39D5C94A807296EC4B46D0C7A9CB 36864 ----a-w- C:\Windows\System32\tsgqec.dll

2013-04-10 19:50:33 064C778BFF3A323645F73FB09625905A 223744 ----a-w- C:\Windows\System32\wksprt.exe

2013-04-10 19:50:33 04FF24D66412FC1072F8D0B7CB83BCF5 1051136 ----a-w- C:\Windows\System32\mstsc.exe

2013-04-09 15:31:23 0FECB3FB879F3ED7AB5BB878D947E87A 225280 ----a-w- C:\Windows\System32\rewire.dll

2013-04-09 15:31:07 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm

====== C:\Windows\system32\drivers =====

2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-04-10 19:50:46 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-04-10 19:50:42 8FF93E6F3894067000986599E96012CF 50176 ----a-w- C:\Windows\System32\drivers\appid.sys

2013-04-10 19:50:16 BDC9CE1B497B6C266ED70E3D34184F40 1213272 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-03-26 15:39:12 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-04-10 20:48:25 -------- d-----w- C:\Program Files\Trend Micro

2013-04-09 16:07:05 -------- d-----w- C:\Program Files\ASIO4ALL v2

2013-04-09 15:31:23 -------- d-----w- C:\Program Files\VstPlugins

2013-04-09 15:31:02 -------- d-----w- C:\Program Files\Outsim

2013-04-09 15:25:47 -------- d-----w- C:\Program Files\Image-Line

2013-04-09 15:16:40 -------- d-----w- C:\Program Files\Plugin

2013-04-09 15:16:20 -------- d-----w- C:\Program Files\MagniPic

2013-04-02 14:16:50 -------- d-----w- C:\Program Files\Spotydl

======= C: =====

====== C:\Users\Bart\AppData\Roaming ======

2013-04-09 16:07:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2

2013-04-02 14:18:43 -------- d-----w- C:\users\Bart\AppData\Local\Bundled software uninstaller

2013-04-02 14:17:05 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotydl

2013-03-20 16:11:27 -------- d-----w- C:\users\Bart\AppData\Local\Spotify

2013-03-20 16:11:02 -------- d-----w- C:\users\Bart\AppData\Roaming\Spotify

====== C:\Users\Bart ======

2013-04-16 16:58:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Bart\11782303.cvr

2013-04-09 15:31:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line

2013-04-02 14:18:42 -------- d-----w- C:\ProgramData\BrowserProtect

2013-04-02 14:17:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl

====== C: exe-files ==

2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0WKUILP\SetupAdmin[1].exe

2013-04-16 15:58:43 F456E0CEE6A1BEE196C42A0B48FD11E2 77128 ----a-w- C:\ProgramData\Apple\Installer Cache\iCloud Control Panel 2.1.2.8\SetupAdmin.exe

2013-04-14 17:20:56 32732CEDE2A1106B736EF3D84054EE04 757376 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-04-10 20:52:10 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\WSCTool.exe

2013-04-10 20:52:09 F3C17AF5E896B57EBE35F01AEE3A9F7E 159464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallSettingMigrate.exe

2013-04-10 20:52:09 B2A167A07D0662236D8EF62382906B9C 497304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\InstallUCWrapper.exe

2013-04-10 20:52:09 6A942B9FC6157B7CCFAAF38CC0D0FC44 2223584 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TisEzIns.exe

2013-04-10 20:52:09 62599DCCB5EE66F5F94E76DE34CE420A 295424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPatch.exe

2013-04-10 20:52:09 08202704062E8DD8ED5E60545408A1B4 316024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Vizor32\TiPreAU.exe

2013-04-10 20:52:04 9124DDBBC48BD623029A76C09B67D23B 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\TMSToolEx.exe

2013-04-10 20:52:04 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\WSCTool.exe

2013-04-10 20:52:03 B78FF5B2E79EC5CE238596383D2B6D11 3492544 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\SupportTool.exe

2013-04-10 20:51:59 6E5C18D0C98333DC16B29AD26C60F49E 1959904 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\setup.exe

2013-04-10 20:51:16 A4BB970D51FF548864AEBB850C830EDB 217144 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe

2013-04-10 20:51:16 6EEB1CA09DC0E82774BEBB01A921164B 245984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe

2013-04-10 20:51:15 9AAE82DBDBE99EDECE53E1B9E48721E8 625024 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe

2013-04-10 20:51:15 7F9454A776CA6BFB655D8F49CA6110F6 133456 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe

2013-04-10 20:51:15 41B63501ADA84FFFCCC0DB7E2B80B7F3 479536 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe

2013-04-10 20:51:15 102596AFB271F540E0C77C3634775FE6 1374864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe

2013-04-10 20:51:14 FC1BD22EA4A0E04D5430D0C34AD245E3 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe

2013-04-10 20:51:14 F26C4F4B9128AFE6522D07160D1D9BA9 241864 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1703v0.0.0l1p1r1o1\UfIfAvIm.exe

2013-04-10 20:51:14 780AEC23F2A36521CC0C33F4FCCBBFEB 40056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe

2013-04-10 20:51:14 6C15AA98FDD8731CE9560A36F5771986 1035736 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe

2013-04-10 20:51:14 40102E21AF66C3617BF9CDAFE3D42B7B 324264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe

2013-04-10 20:51:14 2E088D9D545AFD4A4FECA1D08D7E3E13 39984 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe

2013-04-10 20:51:14 2989E0FD82B9BD0B6BFB7B09C20E245A 192424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe

2013-04-10 20:51:13 F176291A59D0518A850D607E4A8880EF 381944 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe

2013-04-10 20:51:13 85A2488E78A4EADF0AFA8F8174BEC489 122384 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe

2013-04-10 20:51:13 53E46968985308CA81601CD8185E8801 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe

2013-04-10 20:51:13 43E2B963DF6BBF43CFE4A2D48D329472 340744 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe

2013-04-10 20:51:12 F746894E3C713B8C9F8E647292F1E111 167704 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe

2013-04-10 20:51:12 6F335706463254CC016590C39ABD4BEB 262464 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe

2013-04-10 20:51:12 63B272259EE49FECADDB8019FF74D0C8 1016424 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe

2013-04-10 20:51:12 310DE5B33C3EFD7443D8CCE27FE2E449 303664 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe

2013-04-10 20:51:11 63DC34F8620723A713B3FFE6FD9A6470 112824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe

2013-04-10 20:51:11 60B028274D438E982AE5EE8303CFF574 68824 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe

2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1094\TmExtIns.exe

2013-04-10 20:48:33 783CF19637B70F3B7BF4BA201A305CBC 67120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1093\TmExtIns.exe

2013-04-10 20:48:33 6936B0F88764C7996582F57B42305C72 188304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\utilRollback.exe

2013-04-10 20:48:33 413DBD496EF19DBD588C79887B7156C3 71216 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.0.1170\TmopExtIns.exe

2013-04-10 20:48:32 F52603B708438E39FF38475807A01CBC 221264 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\coreServiceShell.exe

2013-04-10 20:48:32 8A199030ABA071199C11BB9544D64690 26128 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.6.1018\DREBoot.exe

2013-04-10 20:48:32 533DFD7D7320EF9FDB20FDE5C8B6A408 121360 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe

2013-04-10 20:46:41 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Bart\Downloads\mbam-setup-1.75.0.1300.exe

2013-04-10 20:45:22 7F0BB7B4AB781BDF7912AF3BB394A072 6160960 ----a-w- C:\Users\Bart\Downloads\Ti_60_PR_SIA_EWEB.exe

2013-04-10 19:54:18 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe

=== C: other files ==

2013-04-10 20:52:01 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_systeminfo.bat

2013-04-10 20:52:01 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\ForceRemove.bat

2013-04-10 20:52:01 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\mk_debug_dir.bat

2013-04-10 20:52:00 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_processes_list.bat

2013-04-10 20:52:00 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\AMSPForceRemove.bat

2013-04-10 20:52:00 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_registry.bat

2013-04-10 20:52:00 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_copy_config.bat

2013-04-10 20:52:00 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_ipconfig.bat

2013-04-10 20:52:00 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\SupportTool\32bit\tool\AMSP_folder_tree.bat

2013-04-10 20:50:44 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat

2013-04-10 20:50:44 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat

2013-04-10 20:50:44 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat

2013-04-10 20:50:44 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat

2013-04-10 20:50:44 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat

2013-04-10 20:50:44 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat

2013-04-10 20:50:44 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat

2013-04-10 20:50:44 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat

2013-04-10 20:50:43 6CC6C743FAFAC589BBFEBB86DB6ADC7B 3477 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat

2013-04-10 20:49:05 4EA7AD2C5B743F48ECFF282BBC62D076 152176 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\7.5.1107\chrome_tmbep.crx

2013-04-10 20:49:04 9BCCA50CD9F8DD5AFF4C5108F04FA7BE 56632 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.0.1169\tmusa.sys

2013-04-10 20:49:04 63828FBD740F178DE2E2D42C3136FDEE 75624 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmevtmgr.sys

2013-04-10 20:49:04 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys

2013-04-10 20:49:04 211EA740D2EB1A26AE098D1DD1518098 28056 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959815l1p1r1o1\1.0.1014\tmel.sys

2013-04-10 20:49:04 0C40396F071A8092964C8DC951F62B17 171064 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\1.5.1012\tmnciesc.sys

2013-04-10 20:49:03 D0B08F941C0B06846533C6A38DD09B22 94200 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmactmon.sys

2013-04-10 20:49:03 B966E2400AB813527F656759C9C03A89 38328 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.0.1023\TMEBC32.sys

2013-04-10 20:49:03 7AC66D3A5BA87C6CD16B457A3786DF64 90808 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1104\tmeext.sys

2013-04-10 20:49:03 2A61B4210D92D17F0E3E13CC6B908662 84792 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1104\tmeevw.sys

2013-04-10 20:49:03 0C9ACEF23B537D6E8B1373C98D066B1C 257928 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\5.50.1043\tmcomm.sys

2013-04-10 20:48:27 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat

2013-04-10 20:48:27 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_systeminfo.bat

2013-04-10 20:48:26 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_copy_config.bat

2013-04-10 20:48:26 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_registry.bat

2013-04-10 20:48:26 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_ipconfig.bat

2013-04-10 20:48:26 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Program Files\Trend Micro\Trend_Micro\Setup32\AMSP\debug\script\AMSP_processes_list.bat

2013-04-10 20:47:38 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup"

"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"

"Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IJNetworkScanUtility"="C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RIMBBLaunchAgent.exe"="C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Livedrive"="C:\Program Files\Livedrive\Livedrive.exe /setup"

"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"com.apple.dav.bookmarks.daemon"="C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"

"Spotify"="C:\Users\Bart\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Bart\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"

==== Startup Folders ======================

2012-12-02 20:34:58 1162 ----a-w- C:\users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk

2012-12-14 23:48:48 1995 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 18:57]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-12-2012 21:31]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[04-03-2013 14:32]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[01-12-2012 12:22]

Google Search - Bart - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - Bart - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://searchou.com/?id=e4547e760000000000000017c458ce10"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{B036AE61-D84B-4457-96A2-84B0A925E900}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B036AE61-D84B-4457-96A2-84B0A925E900}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=E4540017C458CE10"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully

==== Uninstall List x86 ======================

Aangifte inkomstenbelasting 2012 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2012]

Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]

Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}]

Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}]

Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]

ASIO4ALL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASIO4ALL]

BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}]

BlackBerry Desktop Software 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlackBerry_Desktop]

Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}]

BrowserProtect [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]

Bundled software uninstaller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller]

Canon IJ Network Scan Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_Scan_UTILITY]

Canon IJ Network Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_UTILITY]

Canon MP Navigator EX 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MP Navigator EX 2.0]

Canon MP980 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series]

Canon My Printer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonMyPrinter]

Delta Chrome Toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]

Delta toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta]

Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{10CD364B-FFCC-48BE-B469-B9622A033075}]

Fences [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fences]

Free Studio version 5.8.0.1201 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Studio_is1]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google SketchUp 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13FE3480-9E41-48C0-930F-BFC0767CC340}]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925F1DB6-E86E-4378-9091-D1F68B0583C9}]

Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]

iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47C6C88F-FA95-49C8-B57D-5C5F093738E1}]

Java 7 Update 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF}]

Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

KeePass Password Safe 1.25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KeePass Password Safe_is1]

Livedrive [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4975D666-729A-46A5-8C80-1F022AD43543}]

MagniPic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E711FC96-C539-4F89-AD62-8D1B3CF2DE60}]

Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]

Microsoft .NET Framework 4.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9F612429-4A00-3D44-88CF-146DA2EE1F92}]

Microsoft .NET Framework 4.5 NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{679E0B0A-BB5B-33DD-A697-59EEBF7D01DD}]

Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUS]

Microsoft Office Professional Plus 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office15.PROPLUSR]

Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0FE0292-D3BE-3447-80F2-72E032A54875}]

Microsoft Visual Studio 2010 Tools for Office Runtime (x86) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)]

Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8CA0ED6-DE91-3F49-B66E-E44306B8E453}]

Mobile Mouse Server [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{895FE43E-71C2-4FEA-94EF-B88D111495FC}]

Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D7C68BA-90B9-46E6-851F-EA9149FEB744}]

Plugin 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F16247B8-CD07-40C4-8C96-FC2568G29E8F}}_is1]

QuickTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}]

Safari [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C779648B-410E-4BBA-B75B-5815BCEFE71D}]

Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]

Spotydl 0.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotydl_is1]

System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}]

Taalpakket voor Microsoft .NET Framework 4.5 - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043]

Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD]

Teach2000 versie 8.53 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Teach2000.7 XP - The Troolean Edition_is1]

toolbar on IE and Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize]

==== Empty IE Cache ======================

C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Bart\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Bart\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found

"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found

"C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\ProgramData\BrowserProtect" not found

[Mako]

Hoi,

Moet ik het gedownloade programma, waarna de problemen ontstonden, al verwijderen of is dat (nog) niet nodig?

Neen hoor, dat mag je nog even laten staan. Als je iets moet verwijderen dan hoor je het wel ;-).

1. Ga naar Start - Configuratiescherm - Programma's
   Deïnstalleer volgende programma's (indien aanwezig):
   
   • BrowserProtect
     
   • Delta (Chrome) Toolbar
     
   • Privitize (toolbar)

[*]

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

 
C:\ProgramData\BrowserProtect;fs
C:\ProgramData\BrowserProtect\2.6.1125.80;fs
C:\Users\Bart\11782303.cvr;f
C:\Users\Bart\Downloads\Ti_60_PR_SIA_EWEB.exe;f
[HKEY_USERS\S-1-5-21-3091460872-3751063814-4196830348-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"=-;r
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"B89371320B2EE11FC054C53F0A75C821DF3B361D._service_run"=-;r
{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8};c
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9};c
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}];r
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar];r
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta];r
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\privitize];r
chromelook;
resethosts;

• 
  
• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
  • 
    
  • System Restore Point
    

  [*] Klik daarna op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Voeg het resultaat toe als bijlage aan je volgende bericht. Zo gaat de forumsoftware niet met de resultaten knoeien.

18 april 2013 aangepast door Mako

[bart0]

Hallo Mako,

In de bijlage vindt je het logbestand. Ik moet wel even zeggen dat ik de code per ongeluk eerst in had gevuld zonder dat ik restore point aangevinkt had, ik hoop dat dit niet erg is.

Verder kreeg ik bij het verwijderen van de opgegeven programma's de melding:

Er is een foutopgetreden tijdens het verwijderen van BrowserProtect. Het is mogelijk aleerder verwijderd.

Wilt uBrowserProtect uit de lijst met Programma's en onderdelen verwijderen?

Nogmaals alvast heel erg bedankt voor je hulp!

Groetjes,

Bart

19-4-2013-bestand-pc-helpforum.be.txt

[Mako]

Hoi,

Dat is niet erg hoor, dan kijken we nu gewoon even als het allemaal goed is gegaan ;-).

Verder kreeg ik bij het verwijderen van de opgegeven programma's de melding:

Er is een foutopgetreden tijdens het verwijderen van BrowserProtect. Het is mogelijk aleerder verwijderd.

Wilt uBrowserProtect uit de lijst met Programma's en onderdelen verwijderen?

Je mag BrowserProtect dan inderdaad uit de lijst met Programma's en onderdelen verwijderen.

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code uit bijgevoegd bestand in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

[ATTACH]25364[/ATTACH]

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
  • System Restore Point
    

  [*] Klik daarna op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Voeg het resultaat toe als bijlage aan je volgende bericht. Zo gaat de forumsoftware niet met de resultaten knoeien.

Met plezier hoor, is voor mij ook een hobby .

Groet,

Mako

zoek.docx

21 april 2013 aangepast door kape

[bart0]

Hallo Mako,

Je schreef 'Kopieer nu onderstaande code uit bijgevoegd bestand in het grote invulvenster:', maar welke code bedoel je precies? Want er zit geen bijlage bij (of ik heb verkeerd gekeken) of bedoel je de code uit jouw bericht van 18 april?

Groetjes,

Bart

[Mako]

Hallo Bart,

Ik zie dat Kape mijn bericht vandaag enkele malen bewerkt heeft. Mogelijk was de bijlage toen even verdwenen. Mijn excuses hiervoor. Normaal zou je deze moeten kunnen downloaden wanneer je op volgende link klikt:

[ATTACH]25364[/ATTACH]

Groet,

Mako