Ga naar inhoud

Windows 7 werkt heel traag (met veel foutmeldingen)


ezra

Aanbevolen berichten

Beste

De laatste tijd werkt onze vaste computer (Windows 7) erg traag; lijkt op een computer van 8 jaar oud nu, terwijl het nog niet zou oud is..

We krijgen ook continu foutmeldingen als de pc opgestart is, en we op het bureaublad zitten..

Ik denk dat er een hoop virussen en vanalles op zit :/ We hebben een anti-virusprogramma McAfee Total Protection..

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Hieronder het logje.. Sinds paar dagen krijg ik ook zo'n blauwe scherm, dat er een fout is gebeurd en de pc sluit dan van zichzelf af..

Logfile of random's system information tool 1.09 (written by random/random)

Run by Harun Diren at 2013-11-07 20:41:09

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 850 GB (91%) free of 939 GB

Total RAM: 5047 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:41:15, on 7/11/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\Citrix\Receiver\Receiver.exe

C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Harun Diren.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = V9

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Bcool - {BAA14B77-F934-B451-C873-B8F82CB4CD9E} - C:\ProgramData\Bcool\50e6052d6af02.dll (file missing)

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Orbitum] C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe

O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [iLivid] "C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe

O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 19963 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

taskeng.exe {627077D1-D795-4975-BB33-16E2DF7BF776}

"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service

"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe"

"C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe"

"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"

C:\Windows\SysWOW64\ezSharedSvcHost.exe

"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 460

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc

"C:\Program Files\McAfee\MSC\McAPExe.exe"

"C:\Windows\system32\mfevtps.exe"

"taskhost.exe"

taskeng.exe {6CB703FC-8CE3-451D-9D48-887B74DE69A5}

"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe"

"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait

"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait

"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

C:\Windows\system32\EscSvc64.exe

"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"

WLIDSvcM.exe 2156

"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"

"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3028

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e7d0e25-30bc-4c83-a973-c1a68a0fa3db -SystemEventPortName:HostProcess-18ca476d-506a-4575-9896-787664f75c6f -IoCancelEventPortName:HostProcess-c8c3a792-40fd-42c9-924c-34191a7e4a14 -NonStateChangingEventPortName:HostProcess-2caebdfb-0acf-421c-8226-abe706be5a3c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b23a6ea7-50d3-4788-af16-54f8808c55b5 -DeviceGroupId:WpdFsGroup

C:\Windows\System32\WerFault.exe -k -q

"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"

"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background

"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

"C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" -autorun

"C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe" -det

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"

"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"

"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"

"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Citrix\Receiver\Receiver.exe" -autoupdate -startplugins

"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1151305535-1815003741-2611877586-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1151305535-1815003741-2611877586-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding

"C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2924.1.1311674664\1716709060" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2924.2.714098708\1267578351" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\McChPlg.dll" --lang=nl --channel="2924.4.869956972\855965925" /prefetch:-390060480

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

C:\Windows\system32\sppsvc.exe

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\McAfee\MAT\McPvTray.exe"

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group1 pct:25 stable:r1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --channel="2924.6.617387932\232480602" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2924.7.2249051\97193291" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

"C:\Users\Harun Diren\Downloads\RSITx64 (1).exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

wmiadap.exe /F /T /R

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA.job

C:\Windows\tasks\HPCeeScheduleForHarun Diren.job

C:\Windows\tasks\HPCeeScheduleForHARUNDIREN-HP$.job

C:\Windows\tasks\SpeedUpMyPC.job

C:\Windows\tasks\spmonitor.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1073&v=r9854-144&t=4"

prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1073&systemid=406&v=r9854-144&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8290173442644181&o=APN10645&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican]

"Description"=Citrix ICA Client Plugin

"Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]

"Description"=McAfee Total Protection MIME Plugin

"Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin]

"Description"=

"Path"=C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]

"Description"=McAfee Total Protection MIME Plugin

"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

Ask.xml

avg-secure-search.xml

Search_Results.xml

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\

50e6052d6ad6f@50e6052d6ada8.com

battlefieldplay4free@ea.com

ffxtlbra@softonic.com

{3d86a75b-cb6b-4764-885d-ca6336f04ba2}

{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

{FF07E6D9-20FD-E899-07B5-8F5F433C1398}

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\

Ask.xml

askcom.xml

bingp.xml

ividi.xml

search-here.xml

Search_Results.xml

softonic.xml

sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]

Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-10-02 299336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-10-31 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]

ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]

DealPly - C:\Program Files (x86)\DealPly\DealPlyIE.dll [2013-01-15 100048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E}]

Bcool - C:\ProgramData\Bcool\50e6052d6af02.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-10-24 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2013-10-02 299336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-01-18 568888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1712184]

"Google Update"=C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-07 116648]

"Orbitum"=C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe []

"Smart Driver Updater"=C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe []

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20472992]

"iLivid"=C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe [2013-09-08 6827008]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-14 563736]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]

"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]

"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-04-25 61112]

"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]

"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]

"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 537512]

"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 537512]

"CitrixReceiver"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk []

"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2012-07-27 380088]

"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Snapfish PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-09-27 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"EnableShellExecuteHooks"=1

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=lvcod64.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"aux2"=wdmaud.drv

"aux3"=wdmaud.drv

"vidc.mjpg"=bdmjpeg64.dll

"vidc.mpeg"=bdmpegv64.dll

"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-07 20:33:55 ----D---- C:\rsit

2013-11-07 20:33:55 ----D---- C:\Program Files\trend micro

2013-10-27 17:08:17 ----D---- C:\ProgramData\Freemake

2013-10-27 17:07:55 ----D---- C:\Program Files (x86)\Freemake

2013-10-27 15:29:59 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-27 15:29:58 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-27 15:29:57 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-10-26 18:48:31 ----D---- C:\ProgramData\Trymedia

2013-10-23 21:28:03 ----D---- C:\ProgramData\BrowserProtect

2013-10-23 21:28:02 ----D---- C:\ProgramData\Browser Manager

2013-10-23 21:28:02 ----D---- C:\ProgramData\BitGuard

2013-10-23 20:46:20 ----D---- C:\ProgramData\TorchCrashHandler

2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\VB6STKIT.DLL

2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\VB6FR.DLL

2013-10-23 20:45:55 ----A---- C:\Windows\SYSWOW64\MSCMCFR.DLL

2013-10-23 20:45:54 ----D---- C:\Users\Harun Diren\AppData\Roaming\TFP

2013-10-23 20:45:54 ----A---- C:\Windows\SYSWOW64\CMDLGFR.DLL

2013-10-23 20:42:09 ----D---- C:\ProgramData\Wincert

2013-10-23 20:41:28 ----D---- C:\Program Files (x86)\Movies Toolbar

2013-10-23 20:41:23 ----D---- C:\ProgramData\Datamngr

2013-10-23 20:17:09 ----D---- C:\Program Files (x86)\Unitech LLC

2013-10-23 20:16:42 ----D---- C:\Users\Harun Diren\AppData\Roaming\Unitech LLC

2013-10-19 15:34:40 ----D---- C:\Users\Harun Diren\AppData\Roaming\BANDISOFT

2013-10-19 15:34:07 ----D---- C:\Program Files (x86)\Bandicam

2013-10-19 15:34:05 ----D---- C:\Program Files (x86)\BandiMPEG1

2013-10-19 14:13:16 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-10-18 19:42:55 ----A---- C:\Windows\system32\drivers\HipShieldK.sys

2013-10-12 02:13:17 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-12 02:13:16 ----A---- C:\Windows\system32\ieui.dll

2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-12 02:13:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-10-12 02:13:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-12 02:13:15 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-12 02:13:15 ----A---- C:\Windows\system32\iesetup.dll

2013-10-12 02:13:15 ----A---- C:\Windows\system32\iernonce.dll

2013-10-12 02:13:15 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-12 02:13:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-12 02:13:14 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-12 02:13:14 ----A---- C:\Windows\system32\iertutil.dll

2013-10-12 02:13:13 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-12 02:13:13 ----A---- C:\Windows\system32\jscript9.dll

2013-10-12 02:13:13 ----A---- C:\Windows\system32\jscript.dll

2013-10-12 02:13:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-12 02:13:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-12 02:13:12 ----A---- C:\Windows\system32\urlmon.dll

2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-12 02:13:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-12 02:13:10 ----A---- C:\Windows\system32\wininet.dll

2013-10-12 02:13:10 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-12 02:13:08 ----A---- C:\Windows\system32\ieframe.dll

2013-10-12 02:13:07 ----A---- C:\Windows\system32\mshtml.dll

2013-10-12 02:13:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-11 11:52:49 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-11 11:52:49 ----A---- C:\Windows\system32\comctl32.dll

2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-11 11:52:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-11 11:52:46 ----A---- C:\Windows\system32\lpk.dll

2013-10-11 11:52:46 ----A---- C:\Windows\system32\fontsub.dll

2013-10-11 11:52:46 ----A---- C:\Windows\system32\dciman32.dll

2013-10-11 11:52:46 ----A---- C:\Windows\system32\atmfd.dll

2013-10-11 11:52:45 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-11 11:52:45 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-11 11:52:45 ----A---- C:\Windows\system32\atmlib.dll

2013-10-11 11:52:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-11 11:52:43 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-11 11:52:43 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys

2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-11 11:52:42 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-11 11:52:40 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-11 11:52:40 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-11 11:52:40 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-11 11:52:40 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-11 11:52:40 ----A---- C:\Windows\system32\davclnt.dll

2013-10-11 11:52:38 ----A---- C:\Windows\system32\mswsock.dll

2013-10-11 11:52:38 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-11 11:52:38 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-11 11:52:37 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-11 11:52:36 ----A---- C:\Windows\system32\win32k.sys

2013-10-11 11:52:31 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-11 11:52:30 ----A---- C:\Windows\system32\advapi32.dll

2013-10-11 11:52:29 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-11 11:52:29 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-11 11:52:29 ----A---- C:\Windows\system32\tdh.dll

2013-10-11 11:52:28 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-11 11:52:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-11 11:52:28 ----A---- C:\Windows\system32\ntdll.dll

2013-10-11 11:52:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-11 11:52:26 ----A---- C:\Windows\system32\wow64.dll

2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-11 11:52:22 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-11 11:52:11 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 11:52:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 11:52:03 ----A---- C:\Windows\system32\scavengeui.dll

2013-10-11 11:51:58 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

======List of files/folders modified in the last 1 month======

2013-11-07 20:41:09 ----D---- C:\Windows\Temp

2013-11-07 20:37:09 ----A---- C:\Windows\SYSWOW64\log.txt

2013-11-07 20:37:01 ----D---- C:\Windows\Minidump

2013-11-07 20:33:55 ----RD---- C:\Program Files

2013-11-07 20:33:03 ----D---- C:\Windows\System32

2013-11-07 20:33:03 ----D---- C:\Windows\inf

2013-11-07 20:33:03 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-07 18:03:32 ----D---- C:\Users\Harun Diren\AppData\Roaming\Skype

2013-11-07 17:51:10 ----D---- C:\Windows\system32\config

2013-11-07 17:26:33 ----D---- C:\Program Files (x86)\DealPly

2013-11-07 17:22:29 ----D---- C:\Program Files (x86)\eFusion

2013-11-07 16:48:29 ----D---- C:\Windows\Prefetch

2013-11-07 16:45:24 ----A---- C:\DUMP2dd3.tmp

2013-11-07 16:03:20 ----D---- C:\Windows\system32\FxsTmp

2013-11-06 22:45:41 ----D---- C:\Windows\system32\catroot2

2013-11-06 22:05:29 ----RD---- C:\Program Files (x86)

2013-11-06 22:02:44 ----D---- C:\Windows\system32\NDF

2013-11-06 16:00:43 ----D---- C:\Program Files (x86)\McAfee

2013-11-04 22:07:20 ----D---- C:\Windows\Tasks

2013-11-04 22:07:20 ----D---- C:\Windows\system32\Tasks

2013-11-04 22:06:46 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-11-04 22:06:11 ----D---- C:\Users\Harun Diren\AppData\Roaming\HpUpdate

2013-11-04 22:06:11 ----D---- C:\Users\Harun Diren\AppData\Roaming\HP Support Assistant

2013-11-03 21:17:29 ----D---- C:\Windows\LiveKernelReports

2013-11-03 19:41:08 ----SHD---- C:\System Volume Information

2013-11-02 00:17:46 ----D---- C:\ProgramData\PDFC

2013-10-28 03:21:44 ----D---- C:\Windows\winsxs

2013-10-28 03:16:26 ----D---- C:\Windows\system32\DriverStore

2013-10-28 03:16:26 ----D---- C:\Windows\system32\drivers

2013-10-27 17:08:17 ----HD---- C:\ProgramData

2013-10-27 15:29:22 ----D---- C:\Windows\system32\catroot

2013-10-26 19:21:02 ----D---- C:\ProgramData\Bcool

2013-10-25 16:08:39 ----SHD---- C:\Windows\Installer

2013-10-25 16:08:39 ----D---- C:\Users\Harun Diren\AppData\Roaming\Mozilla

2013-10-23 20:45:55 ----AD---- C:\Windows\SysWOW64

2013-10-19 16:31:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-10-18 19:37:24 ----D---- C:\Program Files\Common Files\McAfee

2013-10-17 15:48:56 ----SD---- C:\Users\Harun Diren\AppData\Roaming\Microsoft

2013-10-16 07:20:03 ----D---- C:\ProgramData\NCH Software

2013-10-16 07:20:03 ----D---- C:\Program Files (x86)\NCH Software

2013-10-13 11:52:03 ----D---- C:\ProgramData\Skype

2013-10-13 11:52:02 ----RD---- C:\Program Files (x86)\Skype

2013-10-12 02:58:57 ----D---- C:\Windows\rescache

2013-10-12 02:43:41 ----D---- C:\Windows\Microsoft.NET

2013-10-12 02:43:14 ----RSD---- C:\Windows\assembly

2013-10-12 02:32:46 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-12 02:32:45 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-12 02:31:06 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-12 02:30:59 ----D---- C:\Program Files\Internet Explorer

2013-10-12 02:30:54 ----D---- C:\Windows\AppPatch

2013-10-12 02:14:52 ----D---- C:\ProgramData\Microsoft Help

2013-10-12 02:10:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-10-12 02:01:36 ----D---- C:\Windows\system32\nl-NL

2013-10-09 13:16:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]

R0 McPvDrv;McPvDrv Driver; C:\Windows\system32\drivers\McPvDrv.sys [2013-09-09 74560]

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-09-24 781312]

R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-09-24 343568]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 ctxusbm;Citrix USB Monitor Driver; C:\Windows\system32\DRIVERS\ctxusbm.sys [2012-04-25 93272]

R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-09-24 70112]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-08 2394216]

R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-09-24 179664]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-09-24 310224]

R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-09-24 519192]

R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2013-09-20 390552]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]

S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]

S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech Webcam C210(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2013-09-20 95984]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-10-23 3424768]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Harun Diren\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-10-29 107520]

R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]

R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-11 135824]

R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]

R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2013-09-24 178048]

R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-09-20 1017016]

R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-09-24 219272]

R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-09-24 182752]

R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-05-22 159336]

R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]

R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Harun Diren\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-10-07 1213280]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-10-08 2365792]

R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-04-04 246520]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 116648]

S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]

S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]

S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 602944]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-19 118680]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-09-26 4521720]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-01 1255736]

S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
{7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Harun Diren\AppData\Roaming\DefaultTab;fs
 {8B8B2E80-1444-451D-AC8E-EB9A847F3887};c
 C:\Program Files (x86)\Unitech LLC;fs
 {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448};c
 C:\Program Files (x86)\DealPly;fs
 {BAA14B77-F934-B451-C873-B8F82CB4CD9E};c
 C:\ProgramData\Bcool;fs
 {FD72061E-9FDE-484D-A58A-0BAB4151CAD8};c
 C:\Program Files (x86)\Yontoo;fs
 {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064};c
 SweetIM;s
 C:\Program Files (x86)\SweetIM;fs
 Sweetpacks Communicator;s
 iLivid;s
 C:\Users\Harun Diren\AppData\Local\iLivid;fs
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ffxtlbra@softonic.com;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Ask.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\askcom.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ividi.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\search-here.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Search_Results.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\softonic.xml;f
 C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ sweetim.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "iLivid"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "SweetIM"=-;r64
 "Sweetpacks Communicator"=-;r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
 C:\ProgramData\BrowserProtect;fs
 C:\ProgramData\Browser Manager;fs
 C:\ProgramData\BitGuard;fs
 C:\ProgramData\Wincert;fs
 C:\Program Files (x86)\Movies Toolbar;fs
 C:\ProgramData\Datamngr;fs
 C:\Program Files (x86)\DealPly;fs
 DatamngrCoordinator;s
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by Harun Diren on za 09/11/2013 at 13:43:21,05.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Harun Diren\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

9/11/2013 13:45:29 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\eFusion deleted successfully

C:\PROGRA~2\Freemake deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\Pando Networks deleted successfully

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Browser Manager deleted successfully

C:\ProgramData\BrowserProtect deleted successfully

C:\ProgramData\Freemake deleted successfully

C:\ProgramData\Origin deleted successfully

C:\Users\Harun Diren\AppData\Roaming\Bandoo deleted successfully

C:\Users\Harun Diren\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Harun Diren\AppData\Local\CUSTPDF Writer deleted successfully

C:\Users\Harun Diren\AppData\Local\PDFC deleted successfully

C:\Users\Harun Diren\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{484193FE-4D43-44F2-B6FE-82A2D0DEADA1} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8C77D487-00AE-4EF4-A2C2-95AFB126FFEE} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C7818C38-A48C-402A-9800-E31A3CED1766} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FE7653D4-176D-4856-B40A-8465D1008D6A} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabupdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\defaulttabupdate deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1073&v=r9854-144&t=4");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("browser.search.defaulturl", "");

user_pref("browser.newtab.url", "about:blank");

user_pref("browser.search.defaultengine", "Ask.com");

user_pref("browser.search.defaultenginename", "Ask.com");

user_pref("browser.search.defaultenginename,S", "");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("browser.search.selectedEngine", "Ask.com");

user_pref("browser.search.selectedEngine,S", "");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("browser.search.order.1", "Ask.com");

user_pref("browser.search.order.1,S", "");

user_pref("keyword.URL", "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=1073&systemid=406&v=r9854-144&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8290173442644181&o=APN10645&q=");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default

---- Lines Softonic removed from prefs.js ----

user_pref("extensions.Softonic.admin", false);

user_pref("extensions.Softonic.aflt", "SD");

user_pref("extensions.Softonic.autoRvrt", "false");

user_pref("extensions.Softonic.cntry", "BE");

user_pref("extensions.Softonic.cv", "cv5");

user_pref("extensions.Softonic.dfltlng", "nl");

user_pref("extensions.Softonic.dfltLng", "nl");

user_pref("extensions.Softonic.dfltSrch", true);

user_pref("extensions.Softonic.dfltsrch", true);

user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

user_pref("extensions.Softonic.dspOld", "SweetIM Search");

user_pref("extensions.Softonic.envrmnt", "production");

user_pref("extensions.Softonic.excTlbr", false);

user_pref("extensions.Softonic.hdrMd5", "1F76DB111F1E62460EE0562306E09905");

user_pref("extensions.Softonic.hmpg", true);

user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc=");

user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc=");

user_pref("extensions.Softonic.hpOld", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}");

user_pref("extensions.Softonic.hrdid", "e0ef131f0000000000006c626d0981fa");

user_pref("extensions.Softonic.id", "e0ef131f0000000000006c626d0981fa");

user_pref("extensions.Softonic.instlDay", "15642");

user_pref("extensions.Softonic.instlday", "15642");

user_pref("extensions.Softonic.instlRef", "INF00008");

user_pref("extensions.Softonic.instlref", "INF00008");

user_pref("extensions.Softonic.isdcmntcmplt", "false");

user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q=");

user_pref("extensions.Softonic.keywordurl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q=");

user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.419:28:04");

user_pref("extensions.Softonic.mntrvrsn", "1.3.0");

user_pref("extensions.Softonic.monitorreport", true);

user_pref("extensions.Softonic.newtab", true);

user_pref("extensions.Softonic.newTab", true);

user_pref("extensions.Softonic.newtaburl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc=");

user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc=");

user_pref("extensions.Softonic.prdct", "Softonic");

user_pref("extensions.Softonic.propectorlck", 93782473);

user_pref("extensions.Softonic.prtnrid", "softonic");

user_pref("extensions.Softonic.prtnrId", "softonic");

user_pref("extensions.Softonic.radiomystations", "[{\"id\":\"101\",\"name\":\"Radio Mambo 106 FM\",\"url\":\"http://www.mambo.it/player/mambo.asx\",\"

user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");

user_pref("extensions.Softonic.savedVrsnTs", "1");

user_pref("extensions.Softonic.sg", "az");

user_pref("extensions.Softonic.smplGrp", "none");

user_pref("extensions.Softonic.smplgrp", "none");

user_pref("extensions.Softonic.srch", "");

user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");

user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

user_pref("extensions.Softonic.tlbrid", "base");

user_pref("extensions.Softonic.tlbrId", "base");

user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q=");

user_pref("extensions.Softonic.tlbrsrchurl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q=");

user_pref("extensions.Softonic.vrsn", "1.6.7.4");

user_pref("extensions.Softonic.vrsni", "1.6.7.4");

user_pref("extensions.Softonic.vrsnts", "1.6.7.419:28:04");

user_pref("extensions.Softonic.vrsnTs", "1.6.7.419:28:04");

user_pref("extensions.Softonic_i.dnsErr", true);

user_pref("extensions.Softonic_i.hmpg", true);

user_pref("extensions.Softonic_i.newTab", true);

user_pref("extensions.Softonic_i.smplGrp", "none");

user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.419:28:04");

---- Lines Softonic modified from prefs.js ----

user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40softonic.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\

---- Lines Softonic removed from user.js ----

user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");

user_pref("extensions.Softonic.autoRvrt", "false");

user_pref("extensions.Softonic_i.hmpg", true);

user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc=");

user_pref("extensions.Softonic.hpOld", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}");

user_pref("extensions.Softonic.hpNew", "http://search.softonic.com/INF00008/tb_v1?SearchSource=13&cc=");

user_pref("extensions.Softonic.dfltSrch", true);

user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

user_pref("extensions.Softonic.keyWordUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=2&cc=&q=");

user_pref("extensions.Softonic.dspOld", "SweetIM Search");

user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

user_pref("extensions.Softonic_i.dnsErr", true);

user_pref("extensions.Softonic_i.newTab", true);

user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=15&cc=");

user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/INF00008/tb_v1?SearchSource=1&cc=&q=");

user_pref("extensions.Softonic.id", "e0ef131f0000000000006c626d0981fa");

user_pref("extensions.Softonic.instlDay", "15642");

user_pref("extensions.Softonic.vrsn", "1.6.7.4");

user_pref("extensions.Softonic.vrsni", "1.6.7.4");

user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.419:28:04");

user_pref("extensions.Softonic.prtnrId", "softonic");

user_pref("extensions.Softonic.prdct", "Softonic");

user_pref("extensions.Softonic.aflt", "SD");

user_pref("extensions.Softonic_i.smplGrp", "none");

user_pref("extensions.Softonic.tlbrId", "base");

user_pref("extensions.Softonic.instlRef", "INF00008");

user_pref("extensions.Softonic.dfltLng", "nl");

user_pref("extensions.Softonic.excTlbr", false);

user_pref("extensions.Softonic.admin", false);

---- Lines ividi removed from prefs.js ----

user_pref("extensions.ividi.admin", false);

user_pref("extensions.ividi.aflt", "3");

user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");

user_pref("extensions.ividi.autoRvrt", "false");

user_pref("extensions.ividi.dfltLng", "");

user_pref("extensions.ividi.dfltSrch", true);

user_pref("extensions.ividi.dnsErr", true);

user_pref("extensions.ividi.excTlbr", true);

user_pref("extensions.ividi.ffxUnstlRst", false);

user_pref("extensions.ividi.hmpg", true);

user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=e0ef131f0000000000006c626d0981fa&affilt=3");

user_pref("extensions.ividi.hpOld0", "www.google.be");

user_pref("extensions.ividi.id", "e0ef131f0000000000006c626d0981fa");

user_pref("extensions.ividi.instlDay", "16001");

user_pref("extensions.ividi.instlRef", "");

user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q=");

user_pref("extensions.ividi.newTab", true);

user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3");

user_pref("extensions.ividi.prdct", "ividi");

user_pref("extensions.ividi.prtnrId", "ividi");

user_pref("extensions.ividi.rvrt", "false");

user_pref("extensions.ividi.smplGrp", "none");

user_pref("extensions.ividi.srchPrvdr", "Search ");

user_pref("extensions.ividi.tlbrId", "base");

user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q=");

user_pref("extensions.ividi.vrsn", "1.8.23.0");

user_pref("extensions.ividi.vrsni", "1.8.23.0");

user_pref("extensions.ividi.vrsnTs", "1.8.23.021:17:38");

---- Lines ividi removed from user.js ----

user_pref("extensions.ividi.hpOld0", "www.google.be");

user_pref("extensions.ividi.tlbrSrchUrl", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q=");

user_pref("extensions.ividi.id", "e0ef131f0000000000006c626d0981fa");

user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");

user_pref("extensions.ividi.instlDay", "16001");

user_pref("extensions.ividi.vrsn", "1.8.23.0");

user_pref("extensions.ividi.vrsni", "1.8.23.0");

user_pref("extensions.ividi.vrsnTs", "1.8.23.021:17:38");

user_pref("extensions.ividi.prtnrId", "ividi");

user_pref("extensions.ividi.prdct", "ividi");

user_pref("extensions.ividi.aflt", "3");

user_pref("extensions.ividi.smplGrp", "none");

user_pref("extensions.ividi.tlbrId", "base");

user_pref("extensions.ividi.instlRef", "");

user_pref("extensions.ividi.dfltLng", "");

user_pref("extensions.ividi.excTlbr", true);

user_pref("extensions.ividi.ffxUnstlRst", false);

user_pref("extensions.ividi.admin", false);

user_pref("extensions.ividi.autoRvrt", "false");

user_pref("extensions.ividi.rvrt", "false");

user_pref("extensions.ividi.hmpg", true);

user_pref("extensions.ividi.hmpgUrl", "http://search.ividi.org/?src=tbhp&id=e0ef131f0000000000006c626d0981fa&affilt=3");

user_pref("extensions.ividi.dfltSrch", true);

user_pref("extensions.ividi.srchPrvdr", "Search ");

user_pref("extensions.ividi.kw_url", "http://search.ividi.org/?src=tbsp&id=e0ef131f0000000000006c626d0981fa&affilt=3&q=");

user_pref("extensions.ividi.dnsErr", true);

user_pref("extensions.ividi.newTab", true);

user_pref("extensions.ividi.newTabUrl", "http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3");

---- Lines babylon removed from prefs.js ----

user_pref("extensions.BabylonToolbar.prtkDS", 0);

user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

---- Lines y2layers removed from prefs.js ----

user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

user_pref("extentions.y2layers.installId", "684e8685-774c-49ee-a970-a78648a19fdd");

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "684e8685-774c-49ee-a970-a78648a19fdd");

user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

---- Lines yontoo modified from prefs.js ----

user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\

---- Lines 14323AEE-F6B8-4DC8-BCE3-E62645830585 modified from prefs.js ----

user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7B14323AEE-F6B8-4DC8-BCE3-E62645830585%7D

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "141e6c24e53e6f1af6907212a5864929");

---- Lines Downloader.com removed from prefs.js ----

user_pref("extensions.bootstrappedAddons", "{\"50e6052d6ad6f@50e6052d6ada8.com\":{\"version\":\"7.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Us

---- Lines Downloader.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\

---- Lines defaulttab removed from prefs.js ----

user_pref("extensions.defaulttab.active.affiliate", 3509);

user_pref("extensions.defaulttab.browserID", "BA8FAAC25948670D2ABE810ADF45E85E");

user_pref("extensions.defaulttab.firstrun", false);

user_pref("extensions.defaulttab.installdate", 1345316258);

user_pref("extensions.defaulttab.installedVersion", "2.2.41");

user_pref("extensions.defaulttab.PIR7", 1383311144);

user_pref("extensions.defaulttab.sethomepage", false);

user_pref("extensions.defaulttab.useNewTabWhiteList", false);

---- Lines defaulttab modified from prefs.js ----

user_pref("extensions.enabledAddons", "battlefieldplay4free%40ea.com:1.0.80.2,ffxtlbra%40disabled.com:1.6.0,%7Bdisabled%7D:1.0.1,%7BEB9394A3-4AD6-4918

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\

---- Lines SweetIM removed from prefs.js ----

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.searchguard.enable", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?st=6&barid={B5B32A72-21E6-11E2-B691-6C626D0981FA}");

---- FireFox user.js and prefs.js backups ----

user_20130911_1352_.backup

prefs_20130911_1352_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAA14B77-F934-B451-C873-B8F82CB4CD9E}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"iLivid"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"=-

"Sweetpacks Communicator"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

==== Deleting Files \ Folders ======================

C:\ProgramData\BrowserProtect not found

C:\ProgramData\Browser Manager not found

C:\ProgramData\BitGuard not found

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ sweetim.xml" not found

C:\Users\Harun Diren\AppData\Roaming\DefaultTab deleted

C:\Program Files (x86)\Unitech LLC deleted

C:\Program Files (x86)\DealPly deleted

C:\ProgramData\Bcool deleted

C:\Program Files (x86)\Yontoo deleted

C:\ProgramData\Datamngr deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\avg-secure-search.xml deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted

C:\PROGRA~2\Uniblue\SpeedUpMyPC deleted

C:\PROGRA~2\BCool deleted

C:\PROGRA~2\Gophoto.it deleted

C:\PROGRA~2\AVG Secure Search deleted

C:\PROGRA~2\COMMON~1\AVG Secure Search deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iLivid.lnk deleted

C:\Users\Harun Diren\AppData\Roaming\Babylon deleted

C:\Users\Harun Diren\AppData\Roaming\DealPly deleted

C:\Users\Harun Diren\AppData\Roaming\OpenCandy deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted

C:\ProgramData\boost_interprocess deleted

C:\ProgramData\SweetIM deleted

C:\ProgramData\AVG Secure Search deleted

C:\ProgramData\WoW Worldwide Software LTD deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\Trymedia deleted

C:\Users\Harun Diren\AppData\Local\ilividmoviestoolbarha deleted

C:\Users\Harun Diren\AppData\Local\AVG Secure Search deleted

C:\Users\Harun Diren\AppData\Local\PutLockerDownloader deleted

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly deleted

C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com deleted

C:\Windows\Tasks\SpeedUpMyPC.job deleted

C:\windows\SysNative\Tasks\DealPly deleted

C:\windows\SysNative\Tasks\DealPlyUpdate deleted

C:\Users\Harun Diren\Downloads\iLividSetup-r1073-n-bc (1).exe deleted

C:\Users\Harun Diren\Downloads\iLividSetup-r1073-n-bc.exe deleted

C:\Users\Harun Diren\Downloads\iLividSetup.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine (1).exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine (2).exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_cheat-engine.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_euro-truck-simulator.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_freemake-video-converter.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_gta-san-andreas-pack-of-cars.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_minecraft.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_msn-messenger-8-5.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_scania-truck-driving-simulator.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_videopad-video-editor.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_windows-live-messenger-2011.exe deleted

C:\Users\Harun Diren\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe deleted

C:\Users\Harun Diren\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Harun Diren\AppData\LocalLow\searchquband deleted

C:\Users\Harun Diren\AppData\LocalLow\ilividmoviestoolbarha deleted

C:\Users\Harun Diren\AppData\LocalLow\Softonic deleted

C:\Users\Harun Diren\AppData\LocalLow\DataMngr deleted

C:\Windows\tasks\spmonitor.job deleted

C:\windows\SysNative\tasks\spmonitor deleted

C:\user.js deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Ask.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\askcom.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\bingp.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\ividi.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\search-here.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\Search_Results.xml deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ftdownloader3@ftdownloader.com.xpi deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\ilividmoviestoolbarha deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\jetpack deleted

C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\Ask.xml deleted

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\Ask.xml deleted

C:\Users\Harun Diren\Downloads\DownloadSetup.exe deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\ffxtlbra@softonic.com deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\plugin@yontoo.com.xpi deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpi deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\addon@defaulttab.com.xpi deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\softonic.xml" deleted

"C:\Windows\Installer\82ad2.msi" deleted

"C:\Windows\Installer\82ade.msi" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\softonic.xml" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\defaulttab.config" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\searchplugins\sweetim.xml" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\bootstrap.js" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\chrome.manifest" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\install.rdf" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content\bg.js" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content\zy.xul" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\libeay32.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\msvcp100.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\msvcr100.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtCore4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtGui4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtNetwork4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtWebKit4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtXml4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\ssleay32.dll" deleted

"C:\ProgramData\Wincert\win32cert.dll" deleted

"C:\ProgramData\Wincert\win32prop.dll" deleted

"C:\ProgramData\Wincert\win32cert.dll" deleted

"C:\ProgramData\Wincert\win32prop.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\iLivid.exe" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\libeay32.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\msvcp100.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\msvcr100.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtCore4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtGui4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtNetwork4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtWebKit4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\QtXml4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\ssleay32.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qgif4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qico4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll" deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll" deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr.dll" deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" deleted

"C:\PROGRA~2\SweetIM\Communicator\mgcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\PROGRA~2\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\PROGRA~2\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted

"C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qgif4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qico4.dll" deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com" deleted

"C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\50e6052d6ad6f@50e6052d6ada8.com\content" deleted

"C:\Program Files (x86)\SweetIM" not deleted

"C:\Users\Harun Diren\AppData\Local\iLivid" deleted

"C:\ProgramData\Wincert" not deleted

"C:\Program Files (x86)\Movies Toolbar" not deleted

"C:\PROGRA~2\Movies Toolbar" not deleted

"C:\PROGRA~2\SweetIM" not deleted

"C:\ProgramData\Wincert" not deleted

"C:\Users\Harun Diren\AppData\Local\iLivid" deleted

"C:\Program Files (x86)\SweetIM\Communicator" not deleted

"C:\Program Files (x86)\SweetIM\Messenger" not deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats" deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr" not deleted

"C:\Program Files (x86)\Movies Toolbar\Datamngr\x64" not deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr" not deleted

"C:\PROGRA~2\Movies Toolbar\Datamngr\x64" not deleted

"C:\PROGRA~2\SweetIM\Communicator" not deleted

"C:\PROGRA~2\SweetIM\Messenger" not deleted

"C:\Users\Harun Diren\AppData\Local\iLivid\imageformats" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\HARUND~1\AppData\Local\Temp ====

2013-11-01 23:30:14 8CE61EB00634D83839479E8964F90E98 8192 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\qi5zv13d.dll

2013-10-28 17:20:23 D44C68E8E4A61B3FA054E8097091FC37 36864 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\owhvrx2l.dll

2013-10-27 16:09:09 C44E49D4539EDACA99B480DC85391192 46592 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\scoped_dir_10364_24516\CRX_INSTALL\background\ChromeUtilPlugin.dll

2013-10-27 16:09:08 627D11DA34173B445C29508B00005A2A 170848 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\scoped_dir_10364_15451\CRX_INSTALL\plugin\TorchPlugin.dll

2013-10-27 16:07:50 8DF8CE011FDA3A63122BE45952119034 29299168 ----a-w- C:\Users\Harun Diren\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.0.exe

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-10-27 14:29:59 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-10-27 14:29:58 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-10-27 14:29:58 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-10-27 14:29:58 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-10-27 14:29:58 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-10-27 14:29:58 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-10-27 14:29:57 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-10-18 18:42:55 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys

2013-10-11 10:52:44 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-11 10:52:43 B0435098C81D04CAFFF80DDB746CD3A2 109824 ----a-w- C:\Windows\Sysnative\drivers\USBAUDIO.sys

2013-10-11 10:52:43 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-11 10:52:42 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys

2013-10-11 10:52:42 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-11 10:52:42 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-11 10:52:40 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-11 10:52:38 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-11 10:52:38 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-11 10:51:58 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-07 19:33:55 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2013-10-23 19:41:28 -------- d-----w- C:\PROGRA~2\Movies Toolbar

2013-10-19 14:34:07 -------- d-----w- C:\PROGRA~2\Bandicam

2013-10-19 14:34:05 -------- d-----w- C:\PROGRA~2\BandiMPEG1

======= C: =====

====== C:\Users\Harun Diren\AppData\Roaming ======

2013-10-28 11:42:02 -------- d-----w- C:\Users\Harun Diren\AppData\Locallow\Unitech LLC

2013-10-27 16:09:03 -------- d-----w- C:\Users\Harun Diren\AppData\Local\FreemakeVideoConverter

2013-10-27 16:07:00 -------- d-----w- C:\Users\Harun Diren\AppData\Local\Programs

2013-10-23 19:45:54 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\TFP

2013-10-23 19:45:43 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch

2013-10-23 19:45:20 -------- d-----w- C:\Users\Harun Diren\AppData\Local\Torch

2013-10-23 19:16:42 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Unitech LLC

2013-10-19 14:34:40 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\BANDISOFT

2013-10-16 06:20:04 -------- d-----w- C:\Users\Harun Diren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utilities

====== C:\Users\Harun Diren ======

2013-11-08 21:18:24 F9C2DA158684D535F1DF36F776A6F394 474 ----a-w- C:\Users\Harun Diren\turk.htm

2013-11-08 20:47:51 3D97167F6BCE47CEEB15797F7E3DDEE0 465 ----a-w- C:\Users\Harun Diren\turk

2013-11-07 19:40:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64 (1).exe

2013-11-07 19:33:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64.exe

2013-11-03 15:30:34 882C7A6E2B9E7FF1BB1317C4E11C3C89 2812560 ----a-w- C:\Users\Harun Diren\Downloads\EmailNotifierSetup.exe

2013-10-27 16:05:42 11C3693D97FE89BD773E216C3DB36E7E 1271896 ----a-w- C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup (1).exe

2013-10-27 16:05:29 11C3693D97FE89BD773E216C3DB36E7E 1271896 ----a-w- C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup.exe

2013-10-26 17:46:25 3B770B147655176DC2F3292A9FCFED03 125105248 ----a-w- C:\Users\Harun Diren\Desktop\ets_1_3_setup.exe

2013-10-23 19:46:20 -------- d-----w- C:\ProgramData\TorchCrashHandler

2013-10-23 19:42:09 -------- d-----w- C:\ProgramData\Wincert

2013-10-23 19:20:35 7F9BE4D42FA10CE76EB76CB8B5937864 3774621 ----a-w- C:\Users\Harun Diren\Macklemore - Thrift Shop Ft. Wanz Lyrics On Screen.mp3

2013-10-19 14:34:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam

2013-10-14 16:06:35 9AA050C947284206DA44D921C129BB39 2043978 ----a-w- C:\Users\Harun Diren\Güne?i Beklerken - Jenerik Müzi?i.mp3

2013-10-10 15:48:21 128893831C6049D41450AF19D6F80A43 27648 --sha-w- C:\Users\Harun Diren\Thumbs.db

2013-10-10 15:47:16 59B9F58E6321C79587161A083260ECF6 172057 ----a-w- C:\Users\Harun Diren\gta_5_cover_art.jpg

====== C: exe-files ==

2013-11-07 19:40:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64 (1).exe

2013-11-07 19:33:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Harun Diren.exe

2013-11-07 19:33:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Harun Diren\Downloads\RSITx64.exe

2013-11-07 16:19:57 B8223EA49AA972168E6A27A35BEE57DF 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1151305535-1815003741-2611877586-1001\$IMOBWZ0.exe

2013-11-04 20:56:41 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe

2013-11-04 20:56:41 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe

2013-11-04 20:56:41 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe

2013-11-03 15:30:34 882C7A6E2B9E7FF1BB1317C4E11C3C89 2812560 ----a-w- C:\Users\Harun Diren\Downloads\EmailNotifierSetup.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Google Update"="C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Orbitum"="C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"

"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Google Update"="C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Orbitum"="C:\Users\Harun Diren\AppData\Local\Orbitum\Application\chrome.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN32C~1.DLL C:\\PROGRA~2\\MOVIES~1\\Datamngr\\mgrldr.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"

==== Startup Folders ======================

2010-09-27 16:49:03 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 13:16]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/07/2013 10:34]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/07/2013 10:34]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core.job --a------ C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [07/12/2012 12:50]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA.job --a------ C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe [07/12/2012 12:50]

C:\Windows\tasks\HPCeeScheduleForHarun Diren.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 11:53]

C:\Windows\tasks\HPCeeScheduleForHARUNDIREN-HP$.job --a------ C:\Program Files (x86)\Hewlett-PaC:kard\HP C:eement\HPC:EE.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001Core" [C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1151305535-1815003741-2611877586-1001UA" [C:\Users\Harun Diren\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForHarun Diren" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForHARUNDIREN-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe]

"C:\Windows\SysNative\tasks\{F5B302B3-E5AD-47CE-8047-0134FD90E847}" ["c:\users\harun diren\appdata\local\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\NCH Software\ExpressZipDowngrade" [C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [06/10/2013 14:41]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default

- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

- Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com

- Movies Toolbar Dist. by Bandoo Media Inc. - %ProfilePath%\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}

- DealPly - %ProfilePath%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

- New tab - %ProfilePath%\extensions\{FF07E6D9-20FD-E899-07B5-8F5F433C1398}

- GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default

884705AD43780C86782935D5B1F1E4DE - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

E85BC9AF3B4481B875F5A9BD73E8732F - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

683B6A2376FA62A797A9DC83807CACA8 - C:\Users\Harun Diren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Harun Diren\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

53F61B66DF9CD57458873E6872B0DC63 - C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater

09B4E13D25623D879D35286E2D29FF13 - C:\Users\Harun Diren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Deleted Firefox Extensions ======================

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\gophoto@gophoto.it.xpi deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{FF07E6D9-20FD-E899-07B5-8F5F433C1398} deleted

C:\Users\Harun Diren\AppData\Roaming\Mozilla\Firefox\Profiles\0q3da8ix.default\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Harun Diren\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[]

bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[02/10/2013 13:05]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

gjokjdicpfckeiihaniimbbmhadclefc - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx[]

ijblflkdjdopkpdgllkmlbgcffjbnfda - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]

jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]

kpdhgpkkloealnjnmepfhanpcleldbef - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividi.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx[]

pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

Movies Toolbar - Harun Diren - Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

Docs - Harun Diren - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Harun Diren - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Harun Diren - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Harun Diren - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Clash Of Clans - Harun Diren - Default\Extensions\ejdmfekjjhpicdciaponofjignbfmemp

SiteAdvisor - Harun Diren - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

DealPly - Harun Diren - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

iVIDI.org plugin - Harun Diren - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol

iVidi Chrome Toolbar - Harun Diren - Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef

Google Wallet - Harun Diren - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Battlefield Play4Free - Harun Diren - Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh

GoPhoto.it - Harun Diren - Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk

Gmail - Harun Diren - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

"Default_Page_URL"="http://www.v9.com/?utm_source=b&utm_medium=muh&from=muh&uid=HitachiXHDS721010CLA332_JP2940HD1DGLKC1DGLKCX&ts=1356716795"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://search.ividi.org/?q={searchTerms}&src=tbnt&id=e0ef131f0000000000006c626d0981fa&affilt=3"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{FE7653D4-176D-4856-B40A-8465D1008D6A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE7653D4-176D-4856-B40A-8465D1008D6A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{33455C9E-EBD7-4564-A38D-75C426404733} Bing Url="http://www.bing.com/search?q={searchTerms}&r="

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{EC31BC8A-BDEE-4A5A-8BC6-8774922B70EB} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{659F1693-AE20-4E73-AC98-E602BE7C3465} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F20E23E1-8C39-E899-89BE-84FF07C9DCAC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gjokjdicpfckeiihaniimbbmhadclefc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Harun Diren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Harun Diren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Harun Diren\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Harun Diren\AppData\Local\Mozilla\Firefox\Profiles\0q3da8ix.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Harun Diren\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\HARUND~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\SweetIM" not found

"C:\ProgramData\Wincert" not found

"C:\Program Files (x86)\Movies Toolbar" not found

"C:\PROGRA~2\Movies Toolbar" not found

"C:\PROGRA~2\SweetIM" not found

"C:\ProgramData\Wincert" not found

==== EOF on za 09/11/2013 at 14:01:12,71 ======================

Link naar reactie
Delen op andere sites

Hier is een massa rotzooi van de PC verwijderd. De volgende stap is deze:

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Users\Harun Diren\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.0.exe;f
 C:\Users\Harun Diren\Downloads\RSITx64 (1).exe;f
 C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup (1).exe;f
 C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup.exe;f
 C:\Users\Harun Diren\Desktop\ets_1_3_setup.exe;f
 C:\ProgramData\Wincert;fs
 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce];r64
 "SPReview"=-;r64
 [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce];r64
 "SPReview"=-;r64
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 Giacfgjdclhnmkacnfbaljbmpnelflol;chr
 C:\Program Files (x86)\DealPly\DealPly.crx;f
 autoclean;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Beste

Mijn broertje heeft blijkbaar F12 gedaan, maar de pc toont nog problemen. Het sluit zo van zichzelf af en start terug op.. Ik heb hieronder nog eens het logje via Zoek.exe:

Zoek.exe Version 4.0.0.5 Updated 14-November-2013

Tool run by Diren Harun on za 23/11/2013 at 18:32:19,74.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Diren Harun\AppData\Local\Temp\Temp1_zoek.zip\zoek.com [script inserted]

==== System Restore Info ======================

23/11/2013 18:33:32 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1151305535-1815003741-2611877586-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C7818C38-A48C-402A-9800-E31A3CED1766} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"=-

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Wincert not found

"C:\Users\Harun Diren\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.0.exe" not found

"C:\Users\Harun Diren\Downloads\RSITx64 (1).exe" not found

"C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup (1).exe" not found

"C:\Users\Harun Diren\Downloads\FreemakeVideoConverterSetup.exe" not found

"C:\Users\Harun Diren\Desktop\ets_1_3_setup.exe" not found

"C:\Program Files (x86)\DealPly\DealPly.crx" not found

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"msntoolbar@msn.com"="C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\Firefox" [13/11/2013 04:04]

==== Chrome Look ======================

Google Docs - Diren Harun - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Diren Harun - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Diren Harun - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Diren Harun - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Diren Harun - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Diren Harun - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_skype.nl.softonic.com_0.localstorage deleted successfully

C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_skype.nl.softonic.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/HPCON/2"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/HPCON/2"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{33455C9E-EBD7-4564-A38D-75C426404733}"

{33455C9E-EBD7-4564-A38D-75C426404733} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{EC31BC8A-BDEE-4A5A-8BC6-8774922B70EB} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Diren Harun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Diren Harun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Diren Harun\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\DIRENH~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 23/11/2013 at 18:42:01,69 ======================

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.