trage pc, babylon,delta seach troep, vista pc

[olifant73]

niet veel verstand van pc,maar weet wel dat sinds vandaag eigenlijk niks meer lekker loopt, in mijn internet browser zit volgens mijn zus babylon en delta search, zij had ook dit probleem en via jullie hulp is zij er van af, hoop via jullie hulp ook weer gewoon gebruik te kunnen maken van de pc

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[olifant73]

Logfile of random's system information tool 1.09 (written by random/random)

Run by melle at 2013-10-18 21:10:09

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 331 GB (71%) free of 464 GB

Total RAM: 3060 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:10:51, on 18-10-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\hp\support\hpsysdrv.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\melle\AppData\Roaming\BrowserCompanion\tcbhn.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\ehome\ehmsas.exe

C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\hp\kbd\kbd.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\melle\Desktop\RSIT.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\trend micro\melle.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1376340672&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fshowunauth%3D1&lc=1043&id=64855&mkt=nl-NL&cbcxt=mai&snsc=1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Downloads - Programmadownloads zijn gecheckt tegen virus en spyware

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: tcbhn.lnk = C:\Users\melle\AppData\Roaming\BrowserCompanion\tcbhn.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 9323 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HPCeeScheduleFormelle.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0974BA1E-64EC-11DE-B2A5-E43756D89593}

{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-04-01 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-04-01 166424]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-04-01 133656]

"DVDAgent"=c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-09-09 1148200]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 81920]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2013-06-22 438272]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19876968]

"Facebook Update"=C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-23 138096]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\melle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

tcbhn.lnk - C:\Users\melle\AppData\Roaming\BrowserCompanion\tcbhn.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-03-25 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2011-11-28 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoLogoff"=0

"NoClose"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-18 21:10:10 ----D---- C:\Program Files\trend micro

2013-10-18 21:10:09 ----D---- C:\rsit

2013-10-18 10:24:37 ----D---- C:\Program Files\MyPC Backup

2013-10-18 10:18:49 ----D---- C:\Program Files\glindorus

2013-10-12 06:03:05 ----A---- C:\Windows\system32\vbscript.dll

2013-10-12 06:03:05 ----A---- C:\Windows\system32\mshtmled.dll

2013-10-12 06:03:04 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-12 06:03:04 ----A---- C:\Windows\system32\ieUnatt.exe

2013-10-12 06:03:04 ----A---- C:\Windows\system32\ieui.dll

2013-10-12 06:03:03 ----A---- C:\Windows\system32\wininet.dll

2013-10-12 06:03:03 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-12 06:03:03 ----A---- C:\Windows\system32\jscript9.dll

2013-10-12 06:03:03 ----A---- C:\Windows\system32\jscript.dll

2013-10-12 06:03:02 ----A---- C:\Windows\system32\url.dll

2013-10-12 06:03:02 ----A---- C:\Windows\system32\iertutil.dll

2013-10-12 06:03:01 ----A---- C:\Windows\system32\urlmon.dll

2013-10-12 06:03:00 ----A---- C:\Windows\system32\mshtml.dll

2013-10-12 06:02:59 ----A---- C:\Windows\system32\ieframe.dll

2013-10-11 07:48:06 ----A---- C:\Windows\system32\FntCache.dll

2013-10-11 07:48:06 ----A---- C:\Windows\system32\DWrite.dll

2013-10-11 07:48:06 ----A---- C:\Windows\system32\d3d10level9.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d3d10warp.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d3d10core.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d3d10_1.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d3d10.dll

2013-10-11 07:48:05 ----A---- C:\Windows\system32\d2d1.dll

2013-10-11 07:48:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-11 07:48:03 ----A---- C:\Windows\system32\cdd.dll

2013-10-11 07:48:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 07:48:01 ----A---- C:\Windows\system32\win32k.sys

2013-10-11 07:47:55 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-11 07:47:52 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-11 07:47:51 ----A---- C:\Windows\system32\atmlib.dll

2013-10-11 07:47:51 ----A---- C:\Windows\system32\atmfd.dll

2013-10-11 07:47:50 ----A---- C:\Windows\system32\comctl32.dll

2013-10-11 07:47:48 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-11 07:47:48 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-01 19:59:11 ----D---- C:\Users\melle\AppData\Roaming\.mono

2013-09-30 10:55:59 ----D---- C:\Users\melle\AppData\Roaming\Windows Live Writer

2013-09-27 19:04:37 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2013-09-27 18:34:04 ----D---- C:\Users\melle\AppData\Roaming\AVG2014

2013-09-27 18:28:38 ----D---- C:\ProgramData\AVG2014

2013-09-25 20:57:14 ----A---- C:\Windows\system32\drivers\avgdiskx.sys

2013-09-25 16:52:43 ----D---- C:\CFLog

2013-09-25 15:55:37 ----D---- C:\SG Interactive

2013-09-25 14:56:27 ----D---- C:\Program Files\Pando Networks

======List of files/folders modified in the last 1 month======

2013-10-18 21:10:50 ----D---- C:\Windows\Prefetch

2013-10-18 21:10:17 ----D---- C:\Windows\Temp

2013-10-18 21:10:10 ----D---- C:\Program Files

2013-10-18 20:24:48 ----SHD---- C:\System Volume Information

2013-10-18 20:23:25 ----D---- C:\ProgramData\MFAData

2013-10-18 18:07:19 ----D---- C:\Users\melle\AppData\Roaming\BrowserCompanion

2013-10-18 17:56:03 ----D---- C:\Windows

2013-10-18 10:32:35 ----HD---- C:\ProgramData

2013-10-18 10:32:35 ----D---- C:\Windows\System32

2013-10-18 10:32:34 ----D---- C:\Users\melle\AppData\Roaming\Systweak

2013-10-18 10:31:07 ----D---- C:\Windows\Tasks

2013-10-18 10:30:14 ----D---- C:\Windows\system32\Tasks

2013-10-15 08:21:07 ----SHD---- C:\Windows\Installer

2013-10-12 19:55:07 ----D---- C:\Windows\inf

2013-10-12 19:55:07 ----D---- C:\Windows\Debug

2013-10-12 08:46:32 ----RSD---- C:\Windows\assembly

2013-10-12 08:46:32 ----D---- C:\Windows\Microsoft.NET

2013-10-12 08:44:04 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-12 08:36:43 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-12 06:26:30 ----D---- C:\Windows\system32\migration

2013-10-12 06:26:30 ----D---- C:\Windows\system32\drivers

2013-10-12 06:26:29 ----D---- C:\Program Files\Internet Explorer

2013-10-12 06:25:07 ----D---- C:\Windows\winsxs

2013-10-12 06:24:44 ----D---- C:\ProgramData\Microsoft Help

2013-10-12 06:17:35 ----D---- C:\Windows\system32\MRT

2013-10-12 06:15:28 ----A---- C:\Windows\system32\mrt.exe

2013-10-12 06:03:51 ----D---- C:\Windows\system32\catroot

2013-10-12 06:03:50 ----D---- C:\Windows\system32\catroot2

2013-10-10 18:30:33 ----D---- C:\Users\melle\AppData\Roaming\Skype

2013-10-10 12:24:21 ----HD---- C:\$AVG

2013-10-10 08:28:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-09-29 17:47:33 ----D---- C:\Program Files\Gamers Unite! Snag Bar

2013-09-29 17:44:10 ----D---- C:\Program Files\AVG

2013-09-27 19:28:06 ----SHD---- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

2013-09-27 19:28:06 ----D---- C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}

2013-09-27 19:23:44 ----D---- C:\ProgramData\AVG

2013-09-27 19:09:02 ----D---- C:\Users\melle\AppData\Roaming\AVG

2013-09-27 18:32:37 ----D---- C:\ProgramData\AVG2013

2013-09-25 15:34:14 ----D---- C:\Download

2013-09-25 11:20:59 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]

R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2013-09-26 47928]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-25 2307072]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]

R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 XDva405;XDva405; \??\C:\Windows\system32\XDva405.sys []

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2014\avgfws.exe [2013-09-25 1358944]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MySql;MySql; C:\mysql\bin\mysqld-nt.exe [2002-08-14 1130496]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-23 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-23 116648]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 {30F9B915-B755-4826-820B-08FBA6BD249D};c
 C:\Program Files\ConduitEngine;fs
 {0974BA1E-64EC-11DE-B2A5-E43756D89593};c
 {ae07101b-46d4-4a98-af68-0333ea26e113};c
 C:\Users\melle\AppData\Roaming\BrowserCompanion;fs
 {F274614C-63F8-47D5-A4D1-FBDDE494F8D1};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}];r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\MyPC Backup;fs
 C:\Program Files\glindorus;fs
 C:\Program Files\Gamers Unite! Snag Bar;fs
 startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[olifant73]

Zoek.exe Version 4.0.0.5 Updated 17-October-2013

Tool run by melle on vr 18-10-2013 at 21:46:00,44.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\melle\Desktop\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

18-10-2013 21:48:22 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{29C763A7-37E7-46F5-B303-C04AAF83C59E} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2459} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\melle\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js:

Added to C:\Users\melle\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files\ConduitEngine deleted

C:\Program Files\MyPC Backup deleted

C:\Program Files\glindorus deleted

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted

C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC} deleted

C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted

C:\Program Files\TornTV.com deleted

C:\Users\melle\AppData\Roaming\ZalmanInstaller_otshot deleted

C:\Users\melle\AppData\Roaming\Babylon deleted

C:\Users\melle\AppData\Roaming\DSite deleted

C:\Users\melle\AppData\Roaming\Systweak deleted

C:\Users\melle\Qtrax deleted

C:\Users\melle\Music\Qtrax Media Library deleted

C:\ProgramData\Browser Manager deleted

C:\ProgramData\Babylon deleted

C:\ProgramData\Trymedia deleted

C:\Users\melle\AppData\Local\Bundled software uninstaller deleted

C:\Users\melle\AppData\Local\PackageAware deleted

C:\Users\melle\AppData\Local\Smartbar deleted

C:\Users\melle\AppData\Local\Conduit deleted

C:\Users\melle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk deleted

C:\Windows\System32\Tasks\DealPly deleted

C:\Windows\System32\Tasks\DSite deleted

C:\Users\melle\Downloads\SoftonicDownloader_for_digital-paintball-3 (1).exe deleted

C:\Users\melle\Downloads\SoftonicDownloader_for_digital-paintball-3 (2).exe deleted

C:\Users\melle\Downloads\SoftonicDownloader_for_digital-paintball-3 (3).exe deleted

C:\Users\melle\Downloads\SoftonicDownloader_for_digital-paintball-3.exe deleted

C:\Users\melle\Downloads\SoftonicDownloader_for_winrar.exe deleted

C:\Users\melle\Downloads\SoftonicDownloader_voor_minecraft.exe deleted

C:\Users\melle\AppData\LocalLow\BabylonToolbar deleted

C:\Users\melle\AppData\LocalLow\Softonic deleted

C:\Users\melle\AppData\LocalLow\DataMngr deleted

C:\Users\melle\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted

C:\Users\melle\AppData\LocalLow\PriceGong deleted

C:\Users\melle\AppData\LocalLow\Conduit deleted

C:\Users\melle\AppData\LocalLow\ConduitEngine deleted

C:\Windows\system32\tasks\QtraxPlayer deleted

C:\user.js deleted

C:\Windows\system32\roboot.exe deleted

C:\Windows\System32\SETD7CE.tmp deleted

C:\Windows\System32\SETD8BB.tmp deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

"C:\user.js" not found

"C:\Users\melle\AppData\Roaming\BrowserCompanion\tcbhn.exe" deleted

"C:\Users\melle\AppData\Roaming\BrowserCompanion\tcbhn.exe" deleted

"C:\Users\melle\AppData\Roaming\BrowserCompanion" deleted

"C:\Users\melle\AppData\Roaming\BrowserCompanion" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\melle\AppData\Local\Temp ====

2013-10-18 08:23:58 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\melle\AppData\Local\Temp\BackupSetup.exe

2013-10-18 08:19:10 D898C9ABB15F71990A597AD4CEEFE55F 5690463 ----a-w- C:\Users\melle\AppData\Local\Temp\ins5232\LyricsSay_1060-8002_v122.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2013-10-12 04:03:05 D9F8C3F763EF4CCEA8A6DD2540760817 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-10-12 04:03:05 4F97C454AF1718AE51696D9AD6A2F9AB 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-10-12 04:03:05 327FE5AB6905642AB9FC34F912B6C264 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-10-12 04:03:04 FF3E0BA38DB8561CB97B0FBF6C3B3F9E 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-10-12 04:03:04 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-10-12 04:03:04 3B0B665ECDC46A32395FF2F430B8680E 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-10-12 04:03:03 DE4C23B8F2F277ECF9692428DC9B5A22 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-10-12 04:03:03 D71C425BBC059CBFEE99328AF6D4D340 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-10-12 04:03:03 C8ADAA6948993D839D14524847EA5B75 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-10-12 04:03:03 9CE9B5DDE7017DF600DC29EFC3E832A7 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-10-12 04:03:02 D2A365FCB3492C01F7A6273F747BDD0A 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-10-12 04:03:02 AF0FEB5AEFE8440F78DDCFDAA742EE63 231936 ----a-w- C:\Windows\System32\url.dll

2013-10-12 04:03:01 EB311F8C0DBE714A4A6E63AD22245A28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-10-12 04:03:01 8CDB5EC48867F571455B1C6875E033D3 1104896 ----a-w- C:\Windows\System32\urlmon.dll

2013-10-12 04:03:00 F46A58EC9183CB2B24326A41CDDE1FAE 12336128 ----a-w- C:\Windows\System32\mshtml.dll

2013-10-12 04:02:59 9C5CC7677B63F939D980D16953438B45 9739264 ----a-w- C:\Windows\System32\ieframe.dll

2013-10-11 05:48:06 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll

2013-10-11 05:48:06 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll

2013-10-11 05:48:06 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll

2013-10-11 05:48:05 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll

2013-10-11 05:48:05 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll

2013-10-11 05:48:05 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-10-11 05:48:05 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll

2013-10-11 05:48:05 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll

2013-10-11 05:48:05 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll

2013-10-11 05:48:03 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll

2013-10-11 05:48:02 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 05:48:01 69A702C66FA35445DCF7DBF9EF32812C 2050048 ----a-w- C:\Windows\System32\win32k.sys

2013-10-11 05:47:51 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll

2013-10-11 05:47:51 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll

2013-10-11 05:47:50 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll

====== C:\Windows\system32\drivers =====

2013-10-11 05:48:03 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-10-11 05:47:55 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-10-11 05:47:52 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-11 05:47:52 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-11 05:47:52 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-11 05:47:52 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-10-11 05:47:52 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-11 05:47:52 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-11 05:47:48 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2013-10-11 05:47:48 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys

2013-09-25 18:57:14 8A7DC10E81E73994AF8D8FB4E921BA20 120632 ----a-w- C:\Windows\System32\drivers\avgdiskx.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-18 19:10:10 -------- d-----w- C:\Program Files\trend micro

2013-09-25 12:56:27 -------- d-----w- C:\Program Files\Pando Networks

======= C: =====

====== C:\Users\melle\AppData\Roaming ======

2013-10-01 17:59:11 -------- d-----w- C:\Users\melle\AppData\Roaming\.mono

2013-09-30 08:55:59 -------- d-----w- C:\Users\melle\AppData\Roaming\Windows Live Writer

2013-09-30 08:55:59 -------- d-----w- C:\Users\melle\AppData\Local\Windows Live Writer

2013-09-27 16:34:04 -------- d-----w- C:\Users\melle\AppData\Roaming\AVG2014

2013-09-27 16:32:33 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014

2013-09-27 16:28:09 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014

2013-09-27 16:24:04 -------- d-----w- C:\Users\melle\AppData\Local\Avg2014

====== C:\Users\melle ======

2013-10-18 19:08:19 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\melle\Desktop\RSIT.exe

2013-10-18 08:17:40 1DDF708EF5AD658154281A973DCAA91A 169272 ----a-w- C:\Users\melle\Downloads\VundoFix (1).exe

2013-10-10 10:25:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-09-27 16:28:38 -------- d-----w- C:\ProgramData\AVG2014

2013-09-25 14:01:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe

2013-09-25 12:55:51 -------- d-----w- C:\Users\melle\.swt

====== C: exe-files ==

2013-10-18 19:10:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\melle.exe

2013-10-18 19:08:19 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\melle\Desktop\RSIT.exe

2013-10-18 08:23:58 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\melle\AppData\Local\Temp\BackupSetup.exe

2013-10-18 08:19:10 D898C9ABB15F71990A597AD4CEEFE55F 5690463 ----a-w- C:\Users\melle\AppData\Local\Temp\ins5232\LyricsSay_1060-8002_v122.exe

2013-10-18 08:17:40 1DDF708EF5AD658154281A973DCAA91A 169272 ----a-w- C:\Users\melle\Downloads\VundoFix (1).exe

2013-10-15 19:21:40 8F101DD2F46E59469FE0F599DA0530F2 2066272 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_30.0.1599.69_chrome_updater.exe

2013-10-15 06:16:14 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe

2013-10-15 06:16:13 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe

2013-10-15 06:16:12 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe

2013-10-15 06:15:26 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe

2013-10-15 06:15:26 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

2013-10-15 06:15:25 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe

2013-10-15 06:15:23 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe

2013-10-12 04:03:04 3B2EFBBC78DA786391B5A49614DF56C0 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-10-12 04:03:02 45BDA923BE52906D1460BCB13AC2AB7A 757400 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

=== C: other files ==

2013-10-18 08:24:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\melle\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\PC Speed Up - Clean, optimize and get a faster PC now!

2013-10-18 08:24:04 02EADE58BDEEA515E3A199CA74FAED77 57073 ----a-w- C:\Users\melle\AppData\Local\Temp\scoped_dir_4404_11402\wajam.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"KPeerNexonEU"="C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Facebook Update"="C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe"

"KBD"="C:\HP\KBD\KbdStub.EXE"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"DVDAgent"="c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"KPeerNexonEU"="C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Facebook Update"="C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"HP Health Check Scheduler"="c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe"

"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

"ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2011-01-19 10:37:58 1934 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000Core.job --a------ C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-07-2013 17:09]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000UA.job --a------ C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-07-2013 17:09]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23-01-2013 12:50]

C:\Windows\tasks\HPCeeScheduleFormelle.job --a------ C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [17-12-2007 21:03]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\ArcSoft Connect Daemon" [C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000Core" [C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1352367991-3149719820-3952848540-1000UA" [C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\Google Updater and Installer" [C:\Users\melle\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Hewlett-Packard-online actualiseringsprogramma" [c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe]

"C:\Windows\system32\tasks\HP Health Check" ["c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"]

"C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]

"C:\Windows\system32\tasks\HPCeeScheduleFormelle" [C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe]

"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{B26615AE-B0A3-4C7B-90F4-2ED6561006CB}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [08-09-2009 16:48]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}"="C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bodddioamolcibagionmmobehnbhiakf - C:\Program Files\BrowserCompanion\blabbers-ch.crx[]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[]

Chrome In-App Payments service - melle - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\melle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1376340672&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fshowunauth%3D1&lc=1043&id=64855&mkt=nl-NL&cbcxt=mai&snsc=1"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=84&bd=Pavilion&pf=cndt"

"Search Page"="http://www.bing.com/search?q={searchTerms}"

"Search Bar"="http://www.bing.com/search?q={searchTerms}"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.shareware-ne.com/nl/index.php?rvs=hompag"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=84&bd=Pavilion&pf=cndt"

"Search Page"="http://www.shareware-ne.com/nl/index.php?rvs=hompag"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://home.microsoft.com/access/autosearch.asp?p=%s"

"Default"="http://www.bing.com/search?q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.bing.com/search?q={searchTerms}"

"Default_Search_URL"="http://www.bing.com/search?q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2459}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2459}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1376340672&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fshowunauth%3D1&lc=1043&id=64855&mkt=nl-NL&cbcxt=mai&snsc=1"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"

{1131251A-C7B7-4958-BA6B-01C6F65F13D8} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcndtie7-nl-nl"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{635E0FDD-C4A6-4B40-A651-7817BB16423B} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} Winamp Search Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7"

==== Reset Google Chrome ======================

C:\Users\melle\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\melle\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1352367991-3149719820-3952848540-1000\Software\Mozilla\Firefox\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1376340672&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fshowunauth%3D1&lc=1043&id=64855&mkt=nl-NL&cbcxt=mai&snsc=1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\melle\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\melle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\melle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5975UA6 will be deleted at reboot

C:\Users\melle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\melle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\melle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\melle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\melle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5975UA6" not found

==== EOF on vr 18-10-2013 at 22:01:34,42 ======================

[kape]

En hoe is de toestand van de PC nu ? Want er is behoorlijk wat verwijderd ;-)

[olifant73]

Ja Super hij loopt weer een stuk sneller, thanks.

Denk dat het komt door de kids die dan spelletjes doen en dan van alles mee downloaden,de ene keer moeten ze iets aan vinken en de andere keer juist iets uit vinken.

Kan ik dit ook op de 1 of andere manier voorkomen/blokkeren of iets.

[kape]

Met AVG Antivirus & Firewall zit je - wat bescherming betreft - wel goed. Het klikken op ongewenste zaken (die je PC besmetten) is natuurlijk iets dat veroorzaakt wordt door de gebruiker(s) en niet kan vermeden worden. Een goed gesprek met de kids kan misschien helpen, maar een wondermiddel tegen dit (foute) klikgedrag is er niet

Om de gebruikte tools en overbodige restjes te verwijderen, mag je nog het volgende doen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

[olifant73]

oke thanks,

ga ik dat proberen,maar moet even wachten tot mijn zus tijd heeft,zelf niet veel verstand van hahaha.

cc cleaner staat er op en die gebruik ik geregeld.

[kape]

OK, dan wachten we tot de zus het boeltje heeft afgesloten. Succes ermee