pc virus vrij maken

[xAmberCeline]

mijn pc is zeer traag en er staat een hoop rotzooi op. Heb ook last van vele pop-ups. Hoe kan ik alle virussen eraf krijgen?

[xAmberCeline]

Hier is mijn logje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:19:30, on 18-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\Thomson\TG122n\WlanCU.exe

C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\dcmsvc\dcmsvc.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\AirPort\APAgent.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Samsung\FrameManager\FrameManager.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [FrameManager] C:\Program Files (x86)\Samsung\FrameManager\FrameManager.exe

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotify] "C:\Users\Amber\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Warner Bros.lnk = C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Amber\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Amber\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Amber\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.126.247.201/activex/AMC.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll

O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FrameManager Service - Samsung India Software Center - C:\Program Files (x86)\Samsung\FrameManager\sam_service.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Kinoni Service (KinoniSvc) - Unknown owner - C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Senstic Pocket Service (SensticPocketService) - Senstic - C:\Program Files (x86)\Senstic\PocketControl\\SensticPocketServiceWin.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\Thomson\TG122n\WlanWpsSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 21872 bytes

[kape]

Uit je logje blijkt dat je momenteel 3 antivirusprogramma's (AVG, Avast, McAfee) op deze PC hebt. Dat is van het goede teveel ... en die kunnen elkaar behoorlijk tegenwerken en de werking van de PC fel vertragen. Welke scanner is voor jou de "actieve" scanner ? Dan kunnen we best de twee anderen (of de resten ervan alvast) verwijderen.

Ga naar Start - Alle programma's - Bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.

Tik in: sc stop "Application Updater" en druk op Enter.

Tik in: sc delete "Application Updater" en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\7.4\pdfforgeToolbarIE.dll

O4 - HKLM\..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Amber\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter. Htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Amber\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.h tm

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

• Malwarebytes' Anti-Malware Chameleon
  
• Problemen bij het installeren van Malwarebytes' Anti-Malware
  
• Problemen bij het updaten van Malwarebytes' Anti-Malware
  
• Problemen bij het starten van Malwarebytes' Anti-Malware
  

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht, samen met een nieuw logje van HijackThis.
  

[xAmberCeline]

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.08.20.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

Amber :: AMBER-PC [administrator]

20-8-2013 18:23:29

mbam-log-2013-08-20 (18-23-29).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 228049

Verstreken tijd: 8 minuut/minuten, 8 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{08794A94-730A-E9C4-6664-23C32C364749} (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2

C:\ProgramData\InstallMate\{2BF505A0-BF95-406A-A281-F7B7F0162756}\Setup.exe (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\ProgramData\InstallMate\{2BF505A0-BF95-406A-A281-F7B7F0162756}\TsuDll.dll (PUP.Optional.Tarma.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

en

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:42:36, on 20-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Amber\AppData\Roaming\Spotify\spotify.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files\Thomson\TG122n\WlanCU.exe

C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\AirPort\APAgent.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Samsung\FrameManager\FrameManager.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [FrameManager] C:\Program Files (x86)\Samsung\FrameManager\FrameManager.exe

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotify] "C:\Users\Amber\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Warner Bros.lnk = C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.126.247.201/activex/AMC.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FrameManager Service - Samsung India Software Center - C:\Program Files (x86)\Samsung\FrameManager\sam_service.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\Thomson\TG122n\WlanWpsSvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 17575 bytes

[kape]

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
startupall; 
filesrcm; 

Vink nu de onderstaande opties aan.

• Installed Programs
  
• Firefox Look
  
• Chrome Look
  
• Firefox Defaults
  
• Reset Chrome
  
• Shortcut Fix
  
• IE Defaults
  
• Auto Clean
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[xAmberCeline]

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Amber on wo 21-08-2013 at 0:31:41,39.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Amber\Desktop\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

21-8-2013 0:33:00 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3743767131-4259627012-2328854852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3743767131-4259627012-2328854852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-3743767131-4259627012-2328854852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{51F284B9-F243-43E2-9F2E-1A9595CB08C2} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

Acer Arcade Deluxe

Acer Backup Manager

Acer eRecovery Management

Acer GameZone Console

Acer Registration

Acer ScreenSaver

Acer Updater

Acrobat.com

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Community Help

Adobe Default Language CS3

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Linguistics CS3

Adobe Media Player

Adobe PDF Library Files

Adobe Photoshop

Adobe Photoshop CS3

Adobe Reader 9.5.5 MUI

Adobe Setup

Adobe Shockwave Player 11.6

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS3

Advertising Center

AirPort

Albelli Fotoboeken

Alice Greenfingers

Amazonia

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Ares 2.1.6

ArtRage 2

ASIO4ALL

AVG 2013

AVG Security Toolbar

AviSynth 2.5

AXIS Media Control Embedded

Babylon toolbar on IE

BabylonObjectInstaller

Backup Manager Advance

BitTorrent

Bonjour-afdrukservices

Bonjour

BrowseToSave 1.74

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MG5200 series MP Drivers

Canon MP Navigator EX 4.0

Canon My Printer

Canon Solution Menu EX

CD-LabelPrint

Chicken Invaders 2

Compatibiliteitspakket voor het 2007 Microsoft Office system

Corel PaintShop Pro X4

D3DX10

DAEMON Tools Lite

Dairy Dash

dcmsvc 1.0

Dream Day First Home

DreamBoxEdit -- The one and only settings editor for your Dreambox

eSobi v2

Farm Frenzy 2

First Class Flurry

FrameManager

Gebruikersregistratie voor Canon MG5200 series

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Granny In Paradise

Heroes of Hellas

HiJackThis

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Hotkey Utility

ICA

iCloud

Identity Card

ImagXpress

inSSIDer

Intel® Management Engine Components

Intel© Matrix Storage Manager

IPM_PSP_COM

iTunes

Jasc Paint Shop Pro 8

Java 7 Update 17

Java Auto Updater

Java 6 Update 32

Junk Mail filter update

K-Lite Codec Pack 6.3.0 (Full)

Malwarebytes Anti-Malware versie 1.75.0.1300

Merriam Websters Spell Jam

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Language Pack 2007 - Dutch/Nederlands

Microsoft Office O MUI (Dutch) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (Dutch) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (Dutch) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office X MUI (Dutch) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft WSE 3.0 Runtime

Microsoft XML Parser

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Mozilla Firefox 19.0.2 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSVCRT Redists

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

MyWinLocker

Nero 9 Essentials

Nero ControlCenter

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart Help

Nero StartSmart OEM

NeroExpress

neroxml

NewBlue Art Effects for Windows

NewBlue Film Effects for Windows

NewBlue Motion Blends for Windows

NewBlue Stabilizer for Windows

Norton Online Backup

NVIDIA Display Control Panel

NVIDIA Drivers

NVIDIA HD Audio-stuurprogramma 1.3.18.0

NVIDIA Install Application

NVIDIA PhysX

Origin

PC Connectivity Solution

PDF Settings

pdfforge Toolbar v7.4

Pen Tablet

PG Music DirectX Plugins 1.3.3.1

PhotoFiltre Studio X

PowerISO

PSPPContent

PSPPHelp

PSPPro64

PVSonyDll

QuickTime

Realtek High Definition Audio Driver

Safari

Samsung Kies

Samsung Mobile phone USB driver Drive Software

Samsung New PC Studio

Samsung Story Album Viewer

SAMSUNG USB Driver for Mobile Phones

SamsungConnectivityCableDriver

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

SkypeT 6.6

SpiceMASTER 2.5 PRO for Vegas

Spotify

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Teach2000 versie 8.52

TeamViewer 8

Text-To-Speech-Runtime

Thomson TG122n USB Wireless Adapter

TweetDeck

Ubisoft Game Launcher

Uninstall 1.0.0.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Vegas Pro 9.0 (64-bit)

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

Warner Bros. Digital Copy Manager

Welcome Center

Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0)

Windows Driver Package - Realtek Semiconductor Corp. (RTL8192su) Net (08/15/2009 1085.7.0815.2009)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Yontoo 1.10.02

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=WDCXWD10EADS-22M2B0_WD-WCAV5687592875928&ts=1376156700");

user_pref("browser.newtab.url", "http://search.babylon.com/?affID=109217&tt=010712_7&babsrc=NT_ss&mntrId=20af69720000000000000018e7878c4f");

user_pref("browser.search.defaultenginename", "qvo6");

user_pref("browser.search.selectedEngine", "qvo6");

user_pref("browser.search.order.1", "qvo6");

user_pref("keyword.URL", "http://isearch.avg.com/search?cid={F6DC172C-096A-4147-BE47-8AE67068C378}&mid=7d154baed47147d6833741b2e0ad3bf7-46af060cd51e1cb236098abaf4c65c539dfc0321〈=nl&ds=AVG&pr=fr&d=2012-10-03 19:50:24&pid=avg&sg=0&v=15.2.0.5&sap=ku&q=");

user_pref("browser.search.suggest.enabled", false);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default

---- Lines epnxasadclvt@am-mdsd.net removed from prefs.js ----

---- Lines epnxasadclvt@am-mdsd.net modified from prefs.js ----

---- Lines epnxasadclvt@am-mdsd.net removed from user.js ----

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217&tt=010712_7");

user_pref("extensions.BabylonToolbar_i.hardId", "20af69720000000000000018e7878c4f");

user_pref("extensions.BabylonToolbar_i.id", "20af69720000000000000018e7878c4f");

user_pref("extensions.BabylonToolbar_i.instlDay", "15524");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=109217&tt=010712_7&babsrc=NT_ss&mntrId=20af69720000000000000018e7878c4f");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:20:28");

---- Lines BabylonToolbar modified from prefs.js ----

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217&tt=010712_7");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.id", "20af69720000000000000018e7878c4f");

user_pref("extensions.BabylonToolbar_i.hardId", "20af69720000000000000018e7878c4f");

user_pref("extensions.BabylonToolbar_i.instlDay", "15524");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:20:28");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

---- Lines qvo6 removed from prefs.js ----

---- Lines qvo6 modified from prefs.js ----

---- Lines qvo6 removed from user.js ----

---- Lines qvo6.com removed from prefs.js ----

---- Lines qvo6.com modified from prefs.js ----

---- Lines qvo6.com removed from user.js ----

---- Lines ClickPotato removed from prefs.js ----

---- Lines ClickPotato modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"ClickPotatoLite@ClickPotatoLite.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\ClickPotatoLite\\\\bin\\\\10.0.622.0\\\\firefox\\\\extensions\",\"mtime\":1290454410008},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361208551797}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362772196703}}},{\"name\":\"app-profile\",\"addons\":{\"50464da83d617@50464da83d650.info\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\50464da83d617@50464da83d650.info.xpi\",\"mtime\":1346784736345},\"5113cf2259ed0@5113cf2259f0b.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\5113cf2259ed0@5113cf2259f0b.com.xpi\",\"mtime\":1360251140322},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1346784179980},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com.xpi\",\"mtime\":1359805593840},\"pdfforge@mybrowserbar.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\pdfforge Toolbar\\\\FF\",\"mtime\":1362672074692},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1361568082646},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355261771320}}}]");

---- Lines ClickPotato removed from user.js ----

---- Lines y2layers removed from prefs.js ----

user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube");

user_pref("extentions.y2layers.installId", "c6ad2d1a-6da2-459c-af66-a46aece82f40");

---- Lines y2layers modified from prefs.js ----

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "c6ad2d1a-6da2-459c-af66-a46aece82f40");

user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube");

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9,plugin%40yontoo.com:1.20.02,pdfforge%40mybrowserbar.com:7.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2");

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabledLite@disabledLite.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\disabledLite\\\\bin\\\\10.0.622.0\\\\firefox\\\\extensions\",\"mtime\":1290454410008},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361208551797}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362772196703}}},{\"name\":\"app-profile\",\"addons\":{\"50464da83d617@50464da83d650.info\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\50464da83d617@50464da83d650.info.xpi\",\"mtime\":1346784736345},\"5113cf2259ed0@5113cf2259f0b.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\5113cf2259ed0@5113cf2259f0b.com.xpi\",\"mtime\":1360251140322},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1346784179980},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com.xpi\",\"mtime\":1359805593840},\"pdfforge@mybrowserbar.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\pdfforge Toolbar\\\\FF\",\"mtime\":1362672074692},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\plugin@yontoo.com.xpi\",\"mtime\":1361568082646},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355261771320}}}]");

---- Lines yontoo removed from user.js ----

---- Lines F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB removed from prefs.js ----

---- Lines F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB modified from prefs.js ----

---- Lines F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB removed from user.js ----

---- Lines Downloader.com removed from prefs.js ----

---- Lines Downloader.com modified from prefs.js ----

---- Lines Downloader.com removed from user.js ----

---- Lines ilivid removed from prefs.js ----

---- Lines ilivid modified from prefs.js ----

---- Lines ilivid removed from user.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9,plugin%40disabled.com:1.20.02,pdfforge%40mybrowserbar.com:7.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2");

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabledLite@disabledLite.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\disabledLite\\\\bin\\\\10.0.622.0\\\\firefox\\\\extensions\",\"mtime\":1290454410008},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361208551797}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362772196703}}},{\"name\":\"app-profile\",\"addons\":{\"50464da83d617@50464da83d650.info\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\50464da83d617@50464da83d650.info.xpi\",\"mtime\":1346784736345},\"5113cf2259ed0@5113cf2259f0b.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\5113cf2259ed0@5113cf2259f0b.com.xpi\",\"mtime\":1360251140322},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1346784179980},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com.xpi\",\"mtime\":1359805593840},\"pdfforge@mybrowserbar.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\pdfforge Toolbar\\\\FF\",\"mtime\":1362672074692},\"plugin@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\plugin@disabled.com.xpi\",\"mtime\":1361568082646},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355261771320}}}]");

---- Lines mybrowserbar removed from user.js ----

---- Lines OneClickDownload removed from prefs.js ----

user_pref("extensions.bootstrappedAddons", "{\"OneClickDownload@OneClickDownload.com\":{\"version\":\"1.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com.xpi\"},\"5113cf2259ed0@5113cf2259f0b.com\":{\"version\":\"3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\5113cf2259ed0@5113cf2259f0b.com.xpi\"}}");

user_pref("extensions.OneClickDownload.filter", "1,2");

user_pref("extensions.OneClickDownload.lastUpdate", "{\"hours\":18,\"min\":7}");

---- Lines OneClickDownload modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabledLite@disabledLite.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\disabledLite\\\\bin\\\\10.0.622.0\\\\firefox\\\\extensions\",\"mtime\":1290454410008},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\14.2.0.1\",\"mtime\":1361208551797}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1362772196703}}},{\"name\":\"app-profile\",\"addons\":{\"50464da83d617@50464da83d650.info\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\50464da83d617@50464da83d650.info.xpi\",\"mtime\":1346784736345},\"5113cf2259ed0@5113cf2259f0b.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\5113cf2259ed0@5113cf2259f0b.com.xpi\",\"mtime\":1360251140322},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1346784179980},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com.xpi\",\"mtime\":1359805593840},\"pdfforge@disabled.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\pdfforge Toolbar\\\\FF\",\"mtime\":1362672074692},\"plugin@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\plugin@disabled.com.xpi\",\"mtime\":1361568082646},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Amber\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gr5y5lwn.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355261771320}}}]");

---- Lines OneClickDownload removed from user.js ----

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----

---- Lines browser.startup.page removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_21-08-2013_0037_.backup

prefs_21-08-2013_0037_.backup

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\plugin@yontoo.com.xpi" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\pdfforge@mybrowserbar.com" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\OneClickDownload@OneClickDownload.com.xpi" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

"C:\Users\Public\dcmsvcsetup.exe" deleted

"C:\Users\Public\invokesi.exe" deleted

"C:\Windows\WININIT.INI" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\user.js" deleted

"C:\Windows\Syswow64\SETBEBE.tmp" deleted

"C:\Windows\Syswow64\SETE928.tmp" deleted

"C:\Windows\Syswow64\SETED7B.tmp" deleted

"C:\Windows\Syswow64\_r_a_p_.tmp" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\plugin@yontoo.com.xpi" deleted

"C:\ProgramData\Borowwsae2save" deleted

"C:\Program Files (x86)\Application Updater" deleted

"C:\Program Files (x86)\pdfforge Toolbar" deleted

"C:\Program Files (x86)\BrowseToSave" deleted

"C:\Program Files (x86)\BabylonToolbar" deleted

"C:\Program Files (x86)\Common Files\337" deleted

"C:\Program Files (x86)\1ClickDownload" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\Hotspot Shield" deleted

"C:\Program Files (x86)\Common Files\Spigot" deleted

"C:\Users\Amber\AppData\Roaming\eIntaller" deleted

"C:\Users\Amber\AppData\Roaming\BabylonToolbar" deleted

"C:\Users\Amber\AppData\Roaming\NCdownloader" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\Partner" deleted

"C:\ProgramData\SoftSafe" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borowwsae2save" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted

"C:\Users\Amber\AppData\Local\Wajam" deleted

"C:\Users\Amber\AppData\Local\PackageAware" deleted

"C:\Users\Amber\AppData\LocalLow\Borowwsae2save" deleted

"C:\Users\Amber\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\Amber\AppData\LocalLow\Search Settings" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\jetpack" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\staged" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}" deleted

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\OneClickDownload@OneClickDownload.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Amber\AppData\Local\Temp ====

2013-08-18 21:57:41 1D7454E6375441BBE3B1F97A8FC76737 6874752 ----a-w- C:\Users\Amber\AppData\Local\Temp\97B4499A-32BB-4821-BFD0-32BFE848368B.exe

2013-08-18 18:41:08 1F953D02B760DF4746C569B12E753DE8 73728 ----a-w- C:\Users\Amber\AppData\Local\Temp\The Sims 2_uninst.exe

2013-08-18 18:34:09 EF70BDCC7EC2262BECF0C834C9B9030B 879688 ----a-w- C:\Users\Amber\AppData\Local\Temp\EAInstall.dll

2013-08-18 18:34:09 0B57F8A086DCA012AA18BB94E75ADBC9 109640 ----a-w- C:\Users\Amber\AppData\Local\Temp\GameuxInstallHelper.dll

2013-08-18 17:58:21 2398BDE16036065100331B0761AAFBAB 352256 ----a-w- C:\Users\Amber\AppData\Local\Temp\eauninstall.exe

2013-08-15 19:48:17 A465ED11EF35D7CFF178CE0B97A889B4 9216 ----a-w- C:\Users\Amber\AppData\Local\Temp\12fxq42g.dll

2013-08-10 16:40:12 8897DA73D4C9038CD2AE37B86959CEE8 31945832 ----a-w- C:\Users\Amber\AppData\Local\Temp\SkypeSetup.exe

====== C:\Windows\SysWOW64 =====

2013-08-18 18:06:35 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\config.nt

2013-08-15 20:26:17 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-08-15 20:26:16 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-08-15 20:26:15 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-08-15 20:26:15 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 20:26:15 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-08-15 20:26:15 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-08-15 20:26:15 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-08-15 20:26:14 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-08-15 20:26:13 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-08-15 20:26:13 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-08-15 20:26:12 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-08-15 20:26:11 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-08-15 20:26:11 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-08-15 20:26:10 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-08-15 20:26:06 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-08-15 20:01:46 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

2013-08-15 20:01:44 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-08-15 20:01:44 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll

2013-08-15 20:01:43 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

2013-08-15 20:01:43 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll

2013-08-15 20:01:36 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2013-08-15 20:01:20 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-18 18:06:34 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\Sysnative\aswBoot.exe

2013-08-15 20:26:17 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-08-15 20:26:16 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-08-15 20:26:15 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-08-15 20:26:15 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-08-15 20:26:15 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-08-15 20:26:15 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-08-15 20:26:15 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-08-15 20:26:14 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-08-15 20:26:14 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-08-15 20:26:13 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-08-15 20:26:13 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-08-15 20:26:12 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-08-15 20:26:11 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-08-15 20:26:10 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-08-15 20:26:09 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-08-15 20:26:08 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-08-15 20:01:46 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2013-08-15 20:01:45 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-08-15 20:01:44 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll

2013-08-15 20:01:43 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-08-15 20:01:43 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-08-15 20:01:36 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2013-08-15 20:01:20 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL

====== C:\Windows\Sysnative\drivers =====

2013-08-20 16:22:18 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-08-18 18:06:52 E86C64478D9A90D62255FE9EB0150C6E 175 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum

2013-08-18 18:06:52 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum

2013-08-18 18:06:52 2E83D2621E87C493AB45DC6655BA77D4 175 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum

2013-08-15 20:01:20 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-08-15 20:01:13 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-08-15 19:55:19 EA8F41484CCC5BA6A1455C2AD3D1BE3C 203672 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys

2013-08-15 19:55:19 0B3F6C8F93C5C25977EA5A8B2E656357 103448 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-18 20:20:13 -------- d-----w- C:\Program Files\iPod

2013-08-18 20:20:12 -------- d-----w- C:\Program Files\iTunes

======= C:\Program Files (x86) =====

2013-08-18 20:20:12 -------- d-----w- C:\Program Files (x86)\iTunes

2013-08-18 18:17:03 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-15 19:57:23 -------- d-----w- C:\Program Files (x86)\MyFree Codec

======= C: =====

====== C:\Users\Amber\AppData\Roaming ======

====== C:\Users\Amber ======

2013-08-20 16:21:48 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Amber\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-18 20:21:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-08-18 20:20:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-18 18:00:40 C748C104BA13A9456496D264C4161E7C 4429440 ----a-w- C:\Users\Amber\Downloads\ccsetup404.exe

2013-08-18 17:59:54 0EA95F1E762494B5D928ED4D5B5DA29B 117478104 ----a-w- C:\Users\Amber\Downloads\avast_free_antivirus_setup.exe

2013-08-15 19:57:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec

2013-08-10 17:17:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==

2013-08-20 16:21:48 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Amber\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-18 21:57:41 1D7454E6375441BBE3B1F97A8FC76737 6874752 ----a-w- C:\Users\Amber\AppData\Local\Temp\97B4499A-32BB-4821-BFD0-32BFE848368B.exe

2013-08-18 20:16:58 277DF1C06782563C95661C30AA02CD49 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.0.5.5\SetupAdmin.exe

2013-08-18 20:16:57 277DF1C06782563C95661C30AA02CD49 77136 ----a-w- C:\Users\Amber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KT0UHQIZ\SetupAdmin[1].exe

2013-08-18 18:52:45 17EFB4C5F996F783E90BE1EB0077BA40 477560 ----a-w- C:\Users\Amber\AppData\Local\Temp\MSS\3.0.318.3\McUICnt.exe

2013-08-18 18:41:08 1F953D02B760DF4746C569B12E753DE8 73728 ----a-w- C:\Users\Amber\AppData\Local\Temp\The Sims 2_uninst.exe

2013-08-18 18:06:34 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\System32\aswBoot.exe

2013-08-18 18:00:40 C748C104BA13A9456496D264C4161E7C 4429440 ----a-w- C:\Users\Amber\Downloads\ccsetup404.exe

2013-08-18 17:59:54 0EA95F1E762494B5D928ED4D5B5DA29B 117478104 ----a-w- C:\Users\Amber\Downloads\avast_free_antivirus_setup.exe

2013-08-18 17:58:21 2398BDE16036065100331B0761AAFBAB 352256 ----a-w- C:\Users\Amber\AppData\Local\Temp\eauninstall.exe

2013-08-16 07:08:00 78486992AC657AE5065C4A2135838570 641352 ----a-w- C:\Program Files\iPod\bin\iPodService.exe

2013-08-16 07:07:58 CE42DFE915F78246364D464902E47360 152392 ----a-w- C:\Program Files (x86)\iTunes\iTunesHelper.exe

2013-08-16 07:07:58 5225CE3D627A300E40F5E008C4B3DA8D 9789256 ----a-w- C:\Program Files (x86)\iTunes\iTunes.exe

2013-08-15 20:26:15 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 20:26:15 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-08-15 20:26:15 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-08-15 20:26:14 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-08-15 20:26:14 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-08-15 20:08:51 46D84F14520E69C7F46EBE864B7AAFD8 623984 ----a-w- C:\Users\Amber\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

2013-08-15 20:08:51 46D84F14520E69C7F46EBE864B7AAFD8 623984 ----a-w- C:\Users\Amber\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe

2013-08-15 19:59:25 B7E1D601F87268A480F4F6F036688B99 987744 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{698BBAD8-B116-495D-B879-0F07A533E57F}\setup.exe

2013-08-15 19:57:25 951FD01F89EE6270089483A3DC02D97D 60494 ----a-w- C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe

2013-08-15 19:53:30 5D2844770B902B21A627E4E2A98A2843 61440 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\MaAgent.exe

2013-08-15 19:53:30 52B8B60BF634BF9E01E527856E8E371F 65536 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\MAWebControl.exe

2013-08-15 19:53:30 25E98D8886D5BB198302FC30D67DC61E 32768 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\MaCSMgr.exe

2013-08-15 19:53:29 97E9DC457B407CC3E9FB68FD0A17D295 401056 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\MPXBox.exe

2013-08-15 19:52:45 2E4E95C3242E3B328879F028EF8C24CC 25591752 ----a-w- C:\Program Files (x86)\Samsung\Kies\StoryAlbumViewer\StoryAlbumViewer_setup.exe

2013-08-15 19:52:05 EF64B1FFC855EFFF6E2473E622D5343B 20480 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\UpdateClient\MAUpdate.exe

2013-08-15 19:52:05 7B027B4CA7EB847EC3F6C745DC0A46DA 126976 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\UpdateClient\MaUpdateClient.exe

2013-08-15 19:52:05 5BBB89A68FEBBCD4AC8C4730FD7EF765 57344 ----a-w- C:\Program Files (x86)\MarkAny\ContentSAFER\UpdateClient\MAUpdateBoot.exe

2013-08-15 19:49:27 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.5.0\DriverInstaller.exe

2013-08-15 19:49:19 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.5.0\ScriptHelper.exe

2013-08-15 19:48:53 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

2013-08-15 19:48:09 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\ToolbarUpdater.exe

2013-08-15 19:48:09 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\ScriptHelper.exe

2013-08-15 19:48:09 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\DriverInstaller_64.exe

2013-08-15 19:48:09 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Windows\Temp\avg_a07320\ProgFiles\AVG Secure Search\lip.exe

2013-08-15 19:48:09 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Windows\Temp\avg_a07320\ProgFiles\AVG Secure Search\Uninstall.exe

2013-08-15 19:48:09 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Windows\Temp\avg_a07320\ProgFiles\AVG Secure Search\vprot.exe

2013-08-15 19:48:09 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\DriverInstaller.exe

2013-08-15 19:48:09 2C1B0965CB65797001053D8956F9CD54 2226864 ----a-w- C:\Windows\Temp\avg_a07320\avg-secure-search-installer.exe

2013-08-15 19:48:09 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Windows\Temp\avg_a07320\ProgFiles\AVG Secure Search\PostInstall.exe

2013-08-15 19:48:09 01A17E294876ECB573AD32530961F29B 573616 ----a-w- C:\Windows\Temp\avg_a07320\ConfigFiles\MachineIdCreator.exe

2013-08-15 19:46:37 A8893D3F119C8143B2FC53F5CF21EE01 4547608 ----a-w- C:\Windows\Temp\{B6DD270D-406F-4639-8225-AFECA58AAE0B}.exe

=== C: other files ==

2013-08-20 16:22:18 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-08-15 20:01:20 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-08-15 20:01:13 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-08-15 19:55:19 EA8F41484CCC5BA6A1455C2AD3D1BE3C 203672 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys

2013-08-15 19:55:19 EA8F41484CCC5BA6A1455C2AD3D1BE3C 203672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys

2013-08-15 19:55:19 E97F09A7EC9C45B7060FE45BC620766C 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudserd.sys

2013-08-15 19:55:19 E7D97748FCB3DE0AAA6432B0E640F233 59160 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys

2013-08-15 19:55:19 E2BF259A2CAB1A4AE505CECD7DF43931 33176 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys

2013-08-15 19:55:19 D2C02234E3E87EA5FE420F045068099B 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys

2013-08-15 19:55:19 BA34258161A59730C51C78133DC4723A 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys

2013-08-15 19:55:19 B480910A2BD79DFE4E6D0DC4243015F5 67864 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys

2013-08-15 19:55:19 A58068234916A4655457CA7DFA9B59CA 181912 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudobex.sys

2013-08-15 19:55:19 985E3CC3ADD82FF5CB994665153A8B7A 80664 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys

2013-08-15 19:55:19 9296989D7F443E3BCB6E41726FA9F698 39192 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys

2013-08-15 19:55:19 8214016F9241C220477916D21E63F7D0 50968 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys

2013-08-15 19:55:19 6EBBF6CED7BB9B8973C5FDE44EA32F35 92952 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys

2013-08-15 19:55:19 6E869465A4ECC7AE8DADC9807E0379CC 203672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys

2013-08-15 19:55:19 54D0B8343CE8C22412A5F29D32EFD211 84248 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudbus.sys

2013-08-15 19:55:19 4DBACA699D51CA4F1FB4125569247E6F 45336 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys

2013-08-15 19:55:19 1B961A927BB155AC8A9AC7709BA77D72 203672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys

2013-08-15 19:55:19 10CED2FC8A65AE507E1973F52CA4143C 203672 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys

2013-08-15 19:55:19 0B3F6C8F93C5C25977EA5A8B2E656357 103448 ----a-w- C:\Windows\System32\drivers\ssudbus.sys

2013-08-15 19:55:19 0B3F6C8F93C5C25977EA5A8B2E656357 103448 ----a-w- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys

2013-08-15 19:50:04 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx

2013-08-15 19:48:09 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\avgtpx64.sys

2013-08-15 19:48:09 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\Windows\Temp\avg_a07320\CommonFiles\AVG Secure Search\avgtpx86.sys

2013-08-15 19:48:08 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\Windows\Temp\avg_a07320\ProgData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx

2013-08-15 19:48:08 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Windows\Temp\avg_a07320\ProgFiles\AVG Secure Search\data.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3743767131-4259627012-2328854852-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"

"AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe"

"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Spotify Web Helper"="C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Amber\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"

"Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"

"EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"

"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

"PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"AirPort Base Station Agent"="C:\Program Files (x86)\AirPort\APAgent.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"FrameManager"="C:\Program Files (x86)\Samsung\FrameManager\FrameManager.exe"

"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"

"AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe"

"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Spotify Web Helper"="C:\Users\Amber\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Amber\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"

==== Startup Folders ======================

2011-12-29 12:09:12 1241 ----a-w- C:\users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk

2011-03-26 11:15:38 1786 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-06-2013 21:23]

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job --a------ C:\Windows\TEMP\C62EDBC2-9BCA-471D-A73A-ED166975D2F8.exe []

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\466726AD-A14B-4BF8-94AE-783D47F2FB82.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2010 20:59]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2010 20:59]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default

- Undetermined - C:\Program Files (x86)\pdfforge Toolbar\FF

- Undetermined - %ProfilePath%\extensions\50464da83d617@50464da83d650.info.xpi

- SaveSale - %ProfilePath%\extensions\5113cf2259ed0@5113cf2259f0b.com.xpi

- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi

- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default

D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

B6A800D881A0176C544988870861E798 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

7A75CCAA7E3CE0B14F7428F1731CF4C9 - C:\Windows\SysWOW64\Npindeo.dll - Intel Indeo® video 5.1 PD Plug-In

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\Amber\AppData\Roaming\Mozilla\Firefox\Profiles\gr5y5lwn.default\extensions\5113cf2259ed0@5113cf2259f0b.com.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\Amber\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[]

jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\Amber\AppData\Local\Wajam\Chrome\wajam.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[15-08-2013 21:48]

niapdbllcanepiiimjjndipklodoedlc - C:\Users\Amber\AppData\Local\Temp\YontooLayers.crx[]

pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[]

Google Docs - Amber - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Amber - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Amber - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Amber - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

DolceGabbana - Amber - Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih

AVG Secure Search - Amber - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Gmail - Amber - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtual-villagers-3.nl.softonic.com_0.localstorage deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtual-villagers-3.nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sb.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sb.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully

C:\Users\Amber\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL393NL393"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={F6DC172C-096A-4147-BE47-8AE67068C378}&mid=7d154baed47147d6833741b2e0ad3bf7-46af060cd51e1cb236098abaf4c65c539dfc0321〈=nl&ds=AVG&pr=fr&d=2012-10-03"

{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} Private Search Url="http://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}"

==== Reset Google Chrome ======================

C:\users\Amber\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Amber\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3743767131-4259627012-2328854852-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Amber\Desktop\HiJackThis.lnk - C:\Users\Amber\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Corel PaintShop Pro X4.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Safari.lnk - C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli Fotoboeken\Albelli Fotoboeken.lnk - C:\Users\Amber\AppData\Local\Albelli Fotoboeken\apc.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamBoxEdit\DreamBoxEdit.lnk - C:\Program Files (x86)\DreamBoxEdit\dreamboxedit.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamBoxEdit\Install Language.lnk - C:\Program Files (x86)\DreamBoxEdit\Install Language.txt

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamBoxEdit\Uninstall.lnk - C:\Program Files (x86)\DreamBoxEdit\Uninstall.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamBoxEdit\Version notes.lnk - C:\Program Files (x86)\DreamBoxEdit\Version notes.txt

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Amber\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk - C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Samsung Story Album Viewer.lnk - C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Uninstall Samsung Story Album Viewer.lnk - C:\Program Files (x86)\InstallShield Installation Information\{698BBAD8-B116-495D-B879-0F07A533E57F}\setup.exe /removeonly

==== shortcuts in Quick Launch ======================

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Program Files (x86)\BitTorrent\BitTorrent.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk - C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Albelli.lnk - C:\Users\Amber\AppData\Local\Albelli Fotoboeken\apc.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Jasc Paint Shop Pro 8.lnk - C:\Windows\Installer\{81A34902-9D0B-4920-A25C-4CDC5D14B328}\PaintShopPro8_Premium.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Warner Bros. Digital Copy Manager.lnk - C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ArtRage.lnk - C:\Program Files (x86)\Ambient Design\ArtRage 2\ArtRage.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vegas Pro 9.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 9.0\vegas90.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger (2).lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Amber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Amber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Amber\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Amber\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Amber\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Amber\AppData\Local\Mozilla\Firefox\Profiles\gr5y5lwn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Amber\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Amber\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 21-08-2013 at 0:47:07,32 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
 C:\Users\Amber\AppData\Local\Temp\97B4499A-32BB-4821-BFD0-32BFE848368B.exe:f
 Java 7 Update 17;u
 Java(TM) 6 Update 32;u
 C:\Users\Amber\Downloads\mbam-setup-1.75.0.1300.exe;f
 C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69;fs
 C:\Users\Amber\Downloads\ccsetup404.exe;f
 C:\Users\Amber\Downloads\avast_free_antivirus_setup.exe;f
 C:\Program Files (x86)\pdfforge Toolbar\FF;fs
 C:\Users\Amber\AppData\Roaming\BabylonToolbar;fs
 dhkplhfnhceodhffomolpfigojocbpcb;chr
 C:\Users\Amber\AppData\Local\Wajam;fs
 jpmbfleldcgkldadpdinhjjopdfpjfjp;chr
 C:\Users\Amber\AppData\Local\Temp\YontooLayers.crx;f
 niapdbllcanepiiimjjndipklodoedlc;chr
 C:\Program Files (x86)\1ClickDownload;fs
 pmlghpafmmnmmkjdhacccolfgnkiboco;chr
 C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk;f
 C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk;f
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk;f
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk;f
 C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk;f
 C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk;f
 C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk;f
 C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk;f

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[xAmberCeline]

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Amber on wo 21-08-2013 at 12:11:51,42.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Amber\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results21-08-2013-0047.log 79770 bytes

==== Deleting Files \ Folders ======================

"C:\Users\Amber\AppData\Local\Temp\YontooLayers.crx" not found

"C:\Program Files (x86)\pdfforge Toolbar\FF" not found

"C:\Users\Amber\AppData\Roaming\BabylonToolbar" not found

"C:\Users\Amber\AppData\Local\Wajam" not found

"C:\Program Files (x86)\1ClickDownload" not found

"C:\Users\Amber\Downloads\mbam-setup-1.75.0.1300.exe" deleted

"C:\Users\Amber\Downloads\ccsetup404.exe" deleted

"C:\Users\Amber\Downloads\avast_free_antivirus_setup.exe" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk" deleted

"C:\Users\Amber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk" deleted

"C:\Windows\Installer\60676.msi" deleted

"C:\Windows\Installer\71693.msi" deleted

"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[15-08-2013 21:48]

AVG Secure Search - Amber - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120771FF deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF238120623FF deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217017FF} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216032FF} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF238120771FF deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF238120623FF deleted successfully

==== EOF on wo 21-08-2013 at 12:19:35,64 ======================

[kape]

Hoe staat het nu met de popups en de snelheid ?