Ga naar inhoud

Langzame pc - spyware


ULT

Aanbevolen berichten

Nadat mijn laptop door jullie nagekeken is, en inmiddels weer uitstekend functioneert - hartelijk dank hiervoor - is het tijd voor mijn pc.

Klachten:

- pc is al tijden verschrikkelijk langzaam, is al een behoorlijke tijd niet veel aan gedaan.

- sinds enkele dagen last van spyware - adds by bettermarket - zie ook: Screenshot by Lightshot

Alvast heel erg bedankt voor het nakijken!

Groet, ULT

Rsit log:

Logfile of random's system information tool 1.10 (written by random/random)

Run by Lammert at 2014-09-27 12:30:09

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 45 GB (19%) free of 238 GB

Total RAM: 2014 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:35:31, on 27-9-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17280)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe

C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\5.1.4.9\Lightshot.exe

C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Lammert\Downloads\RSIT.exe

C:\Program Files\trend micro\Lammert.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = istartsurf

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = istartsurf

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe

O4 - HKCU\..\Run: [WinDefender] "C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe"

O4 - HKCU\..\Run: [LightShot] C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe

O4 - HKLM\..\Policies\Explorer\Run: [Windows Services for Processes] C:\Users\Lammert\AppData\Roaming\svchost.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-2583579890-3109938321-3288942902-1005\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2583579890-3109938321-3288942902-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: Dropbox.lnk = Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: TestPokerStars.com - {809132AF-89D2-4d52-AA03-AB4E35BBDC5B} - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Lammert\Desktop\PartyPoker.lnk (HKCU)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Lammert\Desktop\PartyPoker.lnk (HKCU)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: Torntv Downloader (trntv) - Unknown owner - C:\Users\Lammert\AppData\Roaming\TornTV.com\TornTVSvc.exe

--

End of file - 13482 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\BetterMarkIt Update.job - C:\Program Files\ver3BetterMarkIt\o3BetterMarkIte87.exe /update

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core.job - C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA.job - C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate

C:\Windows\tasks\update-sys.job - C:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default

prefs.js - "browser.startup.homepage" - "http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\

"faststartff@gmail.com"=C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 10

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]

"Description"=

"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]

"Description"=GamersFirst LIVE! Web Launcher

"Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]

"Description"=McAfee Mss Plugin

"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]

"Description"=Nexon Game Controller

"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\

faststartff@gmail.com

staged

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\

conduit-search.xml

MyStart Search.xml

MyStart.xml

Sweetpacks Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-09-26 515464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-30 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-30 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2012-08-01 2345592]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

""= []

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

"AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-12-09 74752]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

"Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-08-05 7703072]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 136176]

"Windows Services for Processes"=C:\Users\Lammert\AppData\Roaming\svchost.exe [2010-11-04 1169224]

"WinDefender"=C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe [2012-08-26 4533760]

"LightShot"=C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe [2014-06-18 226560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]

C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe [2012-09-13 2835096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lammert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-09-13 36414624]

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Users\Lammert\AppData\Roaming\svchost.exe"="C:\Users\Lammert\AppData\Roaming\svchost.exe:*:Enabled:Windows Messanger"

"C:\Windows\Temp\svhost.exe"="C:\Windows\Temp\svhost.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.l3fhg"=mp3fhg.acm

"VIDC.XVID"=xvidvfw.dll

"VIDC.YV12"=yv12vfw.dll

"msacm.ac3acm"=ac3acm.acm

"VIDC.FFDS"=ff_vfw.dll

"VIDC.XFR1"=xfcodec.dll

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"

======List of files/folders created in the last 3 months======

2014-09-27 12:30:10 ----D---- C:\Program Files\trend micro

2014-09-27 12:30:09 ----D---- C:\rsit

2014-09-26 00:08:45 ----D---- C:\Users\Lammert\AppData\Roaming\BandExtend

2014-09-26 00:08:31 ----D---- C:\ProgramData\IePluginServices

2014-09-26 00:08:25 ----D---- C:\ProgramData\WindowsMangerProtect

2014-09-26 00:08:23 ----D---- C:\Program Files\SupTab

2014-09-26 00:06:47 ----A---- C:\Windows\system32\drivers\webinstr.sys

2014-09-26 00:06:41 ----D---- C:\Program Files\ver3BetterMarkIt

2014-09-26 00:05:58 ----D---- C:\Users\Lammert\AppData\Roaming\TornTV.com

2014-09-24 12:44:31 ----A---- C:\Windows\system32\tzres.dll

2014-09-12 03:25:11 ----A---- C:\Windows\system32\iesetup.dll

2014-09-12 03:25:10 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-09-12 03:25:10 ----A---- C:\Windows\system32\ieui.dll

2014-09-12 03:25:09 ----A---- C:\Windows\system32\jscript9diag.dll

2014-09-12 03:25:08 ----A---- C:\Windows\system32\msrating.dll

2014-09-12 03:25:08 ----A---- C:\Windows\system32\mshtmled.dll

2014-09-12 03:25:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-09-12 03:25:07 ----A---- C:\Windows\system32\jsproxy.dll

2014-09-12 03:25:07 ----A---- C:\Windows\system32\ieUnatt.exe

2014-09-12 03:25:07 ----A---- C:\Windows\system32\ieapfltr.dll

2014-09-12 03:25:07 ----A---- C:\Windows\system32\dxtmsft.dll

2014-09-12 03:25:06 ----A---- C:\Windows\system32\vbscript.dll

2014-09-12 03:25:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-12 03:25:06 ----A---- C:\Windows\system32\iernonce.dll

2014-09-12 03:25:06 ----A---- C:\Windows\system32\dxtrans.dll

2014-09-12 03:25:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-12 03:25:05 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-09-12 03:25:05 ----A---- C:\Windows\system32\msfeeds.dll

2014-09-12 03:25:05 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-09-12 03:25:05 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-09-12 03:25:04 ----A---- C:\Windows\system32\iedkcs32.dll

2014-09-12 03:25:04 ----A---- C:\Windows\system32\ie4uinit.exe

2014-09-12 03:25:01 ----A---- C:\Windows\system32\wininet.dll

2014-09-12 03:25:01 ----A---- C:\Windows\system32\iertutil.dll

2014-09-12 03:25:00 ----A---- C:\Windows\system32\urlmon.dll

2014-09-12 03:25:00 ----A---- C:\Windows\system32\jscript9.dll

2014-09-12 03:24:59 ----A---- C:\Windows\system32\mshtml.dll

2014-09-12 03:24:58 ----A---- C:\Windows\system32\ieframe.dll

2014-09-12 03:24:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2014-09-11 20:28:05 ----A---- C:\Windows\system32\kerberos.dll

2014-09-11 20:28:04 ----A---- C:\Windows\system32\lsasrv.dll

2014-09-11 20:27:01 ----A---- C:\Windows\system32\d3d10warp.dll

2014-09-11 20:26:59 ----A---- C:\Windows\system32\TSWorkspace.dll

2014-08-28 06:05:53 ----A---- C:\Windows\system32\win32k.sys

2014-08-28 06:05:52 ----A---- C:\Windows\system32\gdi32.dll

2014-08-21 08:27:37 ----A---- C:\Windows\system32\wups2.dll

2014-08-21 08:27:37 ----A---- C:\Windows\system32\wuauclt.exe

2014-08-21 08:27:36 ----A---- C:\Windows\system32\wucltux.dll

2014-08-21 08:27:36 ----A---- C:\Windows\system32\wuaueng.dll

2014-08-21 08:27:19 ----A---- C:\Windows\system32\wups.dll

2014-08-21 08:27:19 ----A---- C:\Windows\system32\wudriver.dll

2014-08-21 08:27:19 ----A---- C:\Windows\system32\wuapi.dll

2014-08-21 08:26:38 ----A---- C:\Windows\system32\wuwebv.dll

2014-08-21 08:26:38 ----A---- C:\Windows\system32\wuapp.exe

2014-08-14 03:06:27 ----A---- C:\Windows\system32\infocardapi.dll

2014-08-14 03:06:26 ----A---- C:\Windows\system32\icardres.dll

2014-08-14 03:06:24 ----A---- C:\Windows\system32\icardagt.exe

2014-08-14 03:06:22 ----A---- C:\Windows\system32\TsWpfWrp.exe

2014-08-14 02:14:15 ----A---- C:\Windows\system32\rpcrt4.dll

2014-08-14 02:14:14 ----A---- C:\Windows\system32\drivers\dxgmms1.sys

2014-08-14 02:14:14 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-08-14 02:14:14 ----A---- C:\Windows\system32\cdd.dll

2014-08-14 02:13:19 ----A---- C:\Windows\system32\msi.dll

2014-08-14 02:13:18 ----A---- C:\Windows\system32\msihnd.dll

2014-08-14 02:13:18 ----A---- C:\Windows\system32\consent.exe

2014-08-14 02:13:18 ----A---- C:\Windows\system32\authui.dll

2014-08-14 02:13:14 ----A---- C:\Windows\system32\shell32.dll

2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDYAK.DLL

2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDTAT.DLL

2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDRU1.DLL

2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDRU.DLL

2014-08-14 02:13:08 ----A---- C:\Windows\system32\KBDBASH.DLL

2014-07-25 02:35:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll

2014-07-22 22:44:57 ----D---- C:\Users\Lammert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-07-18 17:51:33 ----D---- C:\USB-Gerard

2014-07-09 05:41:07 ----A---- C:\Windows\system32\osk.exe

2014-07-09 05:41:00 ----A---- C:\Windows\system32\qedit.dll

2014-07-09 05:40:59 ----A---- C:\Windows\system32\drivers\afd.sys

2014-07-09 05:40:55 ----A---- C:\Windows\system32\schannel.dll

2014-07-09 05:40:55 ----A---- C:\Windows\system32\ncrypt.dll

2014-07-09 05:40:55 ----A---- C:\Windows\system32\msv1_0.dll

2014-07-09 05:40:54 ----A---- C:\Windows\system32\wdigest.dll

2014-07-09 05:40:54 ----A---- C:\Windows\system32\TSpkg.dll

2014-07-09 05:40:54 ----A---- C:\Windows\system32\credssp.dll

======List of files/folders modified in the last 3 months======

2014-09-27 12:30:21 ----D---- C:\Windows\Prefetch

2014-09-27 12:30:10 ----RD---- C:\Program Files

2014-09-27 09:06:42 ----D---- C:\Windows\Temp

2014-09-27 09:06:37 ----D---- C:\Windows\system32\drivers\AVG

2014-09-27 08:07:08 ----D---- C:\Windows\system32\config

2014-09-26 09:39:13 ----D---- C:\Windows\pss

2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\TeamViewer

2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\FileZilla

2014-09-26 09:35:37 ----D---- C:\Users\Lammert\AppData\Roaming\BitTorrent

2014-09-26 09:34:44 ----D---- C:\Windows\inf

2014-09-26 09:34:43 ----D---- C:\Windows\debug

2014-09-26 09:34:43 ----D---- C:\Windows

2014-09-26 09:31:50 ----D---- C:\Program Files\CCleaner

2014-09-26 09:30:56 ----D---- C:\Windows\System32

2014-09-26 09:29:58 ----D---- C:\Users\Lammert\AppData\Roaming\Skype

2014-09-26 09:29:44 ----D---- C:\Users\Lammert\AppData\Roaming\Dropbox

2014-09-26 09:26:32 ----D---- C:\ProgramData\AVG10

2014-09-26 09:19:04 ----D---- C:\Program Files\Citrix

2014-09-26 09:18:55 ----D---- C:\Windows\Tasks

2014-09-26 09:14:37 ----SHD---- C:\Windows\Installer

2014-09-26 09:14:12 ----SHD---- C:\Config.Msi

2014-09-26 00:13:09 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-09-26 00:08:31 ----HD---- C:\ProgramData

2014-09-26 00:07:01 ----D---- C:\Windows\system32\Tasks

2014-09-26 00:07:01 ----D---- C:\Windows\system32\drivers

2014-09-25 23:58:55 ----D---- C:\Program Files\Full Tilt Poker.Eu

2014-09-25 13:38:39 ----SHD---- C:\System Volume Information

2014-09-25 03:02:15 ----D---- C:\Windows\winsxs

2014-09-25 03:01:58 ----D---- C:\Windows\system32\nl-NL

2014-09-24 12:43:01 ----D---- C:\Windows\system32\catroot

2014-09-20 20:00:52 ----D---- C:\Program Files\Mozilla Maintenance Service

2014-09-20 20:00:52 ----D---- C:\Program Files\Mozilla Firefox

2014-09-16 19:50:51 ----D---- C:\Program Files\Full Tilt Poker

2014-09-15 11:07:28 ----D---- C:\Program Files\PokerStars

2014-09-12 20:42:09 ----D---- C:\Users\Lammert\AppData\Roaming\TraScript

2014-09-12 20:01:30 ----D---- C:\Program Files\TraScript

2014-09-12 04:24:30 ----D---- C:\Windows\rescache

2014-09-12 03:44:32 ----D---- C:\Windows\system32\en-US

2014-09-12 03:44:32 ----D---- C:\Program Files\Internet Explorer

2014-09-12 03:35:04 ----D---- C:\Windows\Microsoft.NET

2014-09-12 03:34:10 ----RSD---- C:\Windows\assembly

2014-09-12 03:27:39 ----D---- C:\ProgramData\Microsoft Help

2014-09-12 03:25:39 ----D---- C:\Windows\system32\catroot2

2014-09-12 03:24:12 ----D---- C:\Windows\system32\MRT

2014-09-12 03:06:34 ----A---- C:\Windows\system32\MRT.exe

2014-08-14 03:33:23 ----D---- C:\Windows\PolicyDefinitions

2014-08-14 03:33:23 ----D---- C:\Windows\ehome

2014-08-14 03:33:17 ----RSD---- C:\Windows\Fonts

2014-08-05 14:21:31 ----D---- C:\Windows\system32\WNLT

2014-08-05 14:19:59 ----D---- C:\Program Files\Microsoft Silverlight

2014-07-23 17:54:32 ----D---- C:\Program Files\Google

2014-07-22 21:48:42 ----D---- C:\Users\Lammert\AppData\Roaming\Adobe

2014-07-18 21:21:40 ----D---- C:\Users\Lammert\AppData\Roaming\Winamp

2014-07-18 20:35:01 ----D---- C:\Windows\system32\mjcm

2014-07-18 20:34:41 ----D---- C:\Windows\system32\ARFC

2014-07-18 15:38:24 ----HD---- C:\Windows\system32\GroupPolicy

2014-07-17 13:43:26 ----A---- C:\Windows\system32\dmwu.exe

2014-07-17 13:38:28 ----A---- C:\Windows\system32\ImHttpComm.dll

2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcr80.dll

2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcp80.dll

2014-07-16 12:10:56 ----A---- C:\Windows\system32\msvcm80.dll

2014-07-10 03:22:51 ----D---- C:\Program Files\Windows Journal

2014-07-10 03:22:47 ----D---- C:\Windows\system32\Dism

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-12 255968]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

R2 webinstr;webinstr; \??\C:\Windows\system32\Drivers\webinstr.sys [2014-09-26 52360]

R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]

R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]

R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 21968]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2012-03-07 231640]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-05 2745760]

R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]

R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2011-09-10 18432]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 112968]

R2 mysql;mysql; c:\xampp\mysql\bin\mysqld.exe [2011-09-09 8158720]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]

R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]

R2 trntv;Torntv Downloader; C:\Users\Lammert\AppData\Roaming\TornTV.com\TornTVSvc.exe [2014-08-19 10240]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-26 250568]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-08 655624]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]

S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]

S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]

S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]

S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11 1343400]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {87775fdb-6972-41f9-ae51-8326e38cb206};c
 {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c
 C:\Program Files\SupTab;fs
 {5C255C8A-E604-49b4-9D64-90988571CECB};c
 {EEE6C35C-6118-11DC-9C72-001320C79847};c
 C:\Program Files\SweetIM;fs
 Trntv;s
 C:\Users\Lammert\AppData\Roaming\TornTV.com;fs
 C:\Windows\tasks\BetterMarkIt Update.job;f
 C:\Program Files\ver3BetterMarkIt;fs
 C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\[email="faststartff@gmail.com"]faststartff@gmail.com[/email];fs
C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\staged;fs
 C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\conduit-search.xml;f
 C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart Search.xml;f
 C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart.xml;f
 C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\Sweetpacks Search.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 C:\Users\Lammert\AppData\Roaming\BandExtend;fs
C:\ProgramData\IePluginServices;fs
C:\ProgramData\WindowsMangerProtect;fs
C:\Users\Lammert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Wat je ZEKER moet doen is je antivirusprogramma upgraden. Je werkt nog steeds met AVG10 en we zitten inmiddels al aan AVG14 ... dat wordt hoog tijd dat je daar even mee gaat bezighouden. De recente gratis-versie is al voldoende voor een betere bescherming dan je nu hebt.

aangepast door kape
Link naar reactie
Delen op andere sites

Bedankt!

Antivirus:

Zal deze direct updaten.

Log:Zoek.exe v5.0.0.0 Updated 27-09-2014

Tool run by Lammert on za 27-09-2014 at 17:58:23,53.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Lammert\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

27-9-2014 18:05:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Citrix deleted successfully

C:\Program Files\PSQLINSTALL deleted successfully

C:\PROGRA~2\ALM deleted successfully

C:\PROGRA~2\Babylon deleted successfully

C:\PROGRA~2\IePluginServices deleted successfully

C:\PROGRA~2\ZoomBrowser deleted successfully

C:\Users\Lammert\AppData\Roaming\BandExtend deleted successfully

C:\Users\Lammert\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\Lammert\AppData\Roaming\Vesus deleted successfully

C:\Users\Lammert\AppData\Local\Conduit deleted successfully

C:\Users\Lammert\AppData\Local\CutePDF Writer deleted successfully

C:\Users\Lammert\AppData\Local\DirectDownloader deleted successfully

C:\Users\Lammert\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Trntv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Trntv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webinstr deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\webinstr deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default

user.js not found

---- Lines istart removed from prefs.js ----

user_pref("browser.newtab.url", "http://www.istartsurf.com/newtab/?type=nt&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X");

user_pref("browser.search.defaultenginename", "istartsurf");

user_pref("browser.search.selectedEngine", "istartsurf");

user_pref("browser.startup.homepage", "http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 1);

---- FireFox user.js and prefs.js backups ----

prefs_27-09-2014_1820_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]

@="C:\\Program Files\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Users\Lammert\AppData\Roaming\BandExtend not found

C:\ProgramData\IePluginServices not found

C:\Program Files\SupTab deleted

C:\Program Files\ver3BetterMarkIt deleted

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com deleted

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\staged deleted

C:\ProgramData\WindowsMangerProtect deleted

C:\Users\Lammert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 deleted

C:\Program Files\Mozilla Firefox\defaults\preferences\autoconfig.js deleted

C:\Program Files\Conduit deleted

C:\found.000 deleted

C:\Users\Lammert\AppData\Roaming\ZoomBrowser EX deleted

C:\Users\Lammert\AppData\Roaming\per.bat deleted

C:\Users\Lammert\AppData\Roaming\Babylon deleted

C:\PROGRA~2\SweetIM deleted

C:\Users\Lammert\AppData\Local\cache deleted

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx deleted

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted

C:\Windows\System32\dmwu.exe deleted

C:\Users\Lammert\Downloads\SoftonicDownloader_voor_anti-update-patch-voor-windows-live-messenger-8-5.exe deleted

C:\Users\Lammert\Downloads\SoftonicDownloader_voor_messenger-reviver.exe deleted

C:\Users\Lammert\Downloads\SoftonicDownloader_voor_msn-messenger-8-5.exe deleted

C:\Users\Lammert\Downloads\SoftonicDownloader_voor_windows-live-messenger-2009.exe deleted

C:\Users\Lammert\AppData\LocalLow\PriceGong deleted

C:\Users\Lammert\AppData\LocalLow\Conduit deleted

C:\Windows\system32\drivers\webinstr.sys deleted

C:\Windows\system32\config\systemprofile\Searches deleted

C:\Windows\system32\ImHttpComm.dll deleted

C:\Windows\System32\jmdp deleted

C:\Windows\System32\ARFC deleted

C:\Windows\System32\WNLT deleted

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\conduit-search.xml deleted

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart Search.xml deleted

C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\Sweetpacks Search.xml deleted

C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted

C:\Users\Lammert\Desktop\Torntv Downloader.lnk deleted

C:\Users\Lammert\AppData\Roaming\svchost.exe deleted

C:\Users\Lammert\AppData\Local\TempFullTiltPokerEuSetup.exe deleted

"C:\Windows\tasks\BetterMarkIt Update.job" deleted

"C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\searchplugins\MyStart.xml" deleted

"C:\Windows\Installer\2db607d.msi" deleted

"C:\Windows\Installer\2db6090.msi" deleted

"C:\Program Files\Mozilla Firefox\browser\searchplugins\istartsurf.xml" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\CMUtils.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\Interop.IWshRuntimeLibrary.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.Dht.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\CMUtils.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\Interop.IWshRuntimeLibrary.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.Dht.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\MonoTorrent.dll" deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com\Torntv Downloader.exe" deleted

"C:\Program Files\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files\SweetIM" not deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com" not deleted

"C:\Program Files\SweetIM" not deleted

"C:\Users\Lammert\AppData\Roaming\TornTV.com" not deleted

"C:\Program Files\SweetIM\Communicator" not deleted

"C:\Program Files\SweetIM\Communicator" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Lammert\AppData\Local\Temp ====

2014-09-26 07:28:04 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Lammert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl7abpv.dll

2014-09-25 22:06:20 FB85BC0071CF2479F2BD76E1F395E420 98304 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.exe

2014-09-25 22:06:20 613064ACFBD1BB3C885FACB304795D83 406528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\TixR2.exe

2014-09-25 22:06:20 5C6A5FE8CED6619BC14BFC5DDE43EBC2 86528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.dll

2014-09-25 15:31:12 6945CB4718E4E83CD1EF673E8933887B 7170408 ----a-w- C:\Users\Lammert\AppData\Local\Temp\CitrixUpdates\GoToMeeting\1694\G2MCoreInstExtractor.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-09-24 10:44:31 C263F3E7E0523556964D661BC7CB9565 2048 ----a-w- C:\Windows\System32\tzres.dll

====== C:\Windows\system32\drivers =====

2014-09-25 22:07:01 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_webinstr_01009.Wdf

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-09-27 10:30:10 -------- d-----w- C:\Program Files\trend micro

======= C: =====

====== C:\Users\Lammert\AppData\Roaming ======

2014-09-26 07:32:21 -------- d-sh--w- C:\Users\Lammert\AppData\Locallow\EmieUserList

2014-09-26 07:32:21 -------- d-sh--w- C:\Users\Lammert\AppData\Locallow\EmieSiteList

2014-09-25 22:05:58 -------- d-----w- C:\Users\Lammert\AppData\Roaming\TornTV.com

====== C:\Users\Lammert ======

2014-09-27 10:29:12 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Lammert\Downloads\RSIT.exe

2014-09-18 19:15:53 33A5B53825E6DEF2073DF020E4266921 2003352 ----a-w- C:\Users\Lammert\Downloads\CuteWriter.exe

====== C: exe-files ==

2014-09-27 10:30:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Lammert.exe

2014-09-25 22:06:20 FB85BC0071CF2479F2BD76E1F395E420 98304 ----a-w- C:\Users\Lammert\AppData\Local\Temp\RbUu7.exe

2014-09-25 22:06:20 613064ACFBD1BB3C885FACB304795D83 406528 ----a-w- C:\Users\Lammert\AppData\Local\Temp\TixR2.exe

2014-09-25 15:31:12 6945CB4718E4E83CD1EF673E8933887B 7170408 ----a-w- C:\Users\Lammert\AppData\Local\Temp\CitrixUpdates\GoToMeeting\1694\G2MCoreInstExtractor.exe

2014-09-25 12:33:11 DF6D99835DF28BB67876F46B16632782 584000 ----a-w- C:\Program Files\PokerStars\backup\gameutil1.exe

2014-09-25 12:33:11 294D73284C4207E339C6AB6A6BF64EB4 489792 ----a-w- C:\Program Files\PokerStars\backup\gameutil2.exe

2014-09-24 16:19:17 DBCE9BC36F0148F6C3991134BB9A62EC 371848 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000063de\DRS update.13728286.exe

2014-09-22 17:11:28 69CE796E3BC4F05166792FB6A7A78490 5503536 ----a-w- C:\Program Files\AVG\AVG10\avgcremx.exe

=== C: other files ==

2014-09-25 22:08:54 B36EB1A19A37432B5475A7635D85FCBA 1051731 ----a-w- C:\ProgramData\AVG10\IDS\quarantine\731a115c-0000-1000-8000-000000000000.zip

2014-09-25 22:08:43 7F943DF98D328C5F888AAF2C49DE3B2F 323212 ----a-w- C:\ProgramData\AVG10\IDS\quarantine\218c1a42-0000-1000-8000-000000000000.zip

2014-09-25 22:07:59 1E36A920E3FCE279BD021B4C72F2C9C1 394185 ----a-w- C:\Users\Lammert\AppData\Local\Temp\scoped_dir_19092_22165\newtabv3.crx

2014-09-25 22:07:43 1E36A920E3FCE279BD021B4C72F2C9C1 394185 ----a-w- C:\Users\Lammert\AppData\Local\Temp\scoped_dir_22860_14608\newtabv3.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe"

"WinDefender"="C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe"

"LightShot"="C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe"

[HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"spchecker"="C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_TRAY"="C:\Program Files\AVG\AVG10\avgtray.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin"

"Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

"Adobe_ID0ENQBO"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"AdobeCS5.5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin"

"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

"WinampAgent"="C:\Program Files\Winamp\winampa.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe"

"WinDefender"="C:\Users\Lammert\AppData\Local\Temp\WinDefender.Exe"

"LightShot"="C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"Windows Services for Processes"="C:\Users\Lammert\AppData\Roaming\svchost.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GamersFirst LIVE!.lnk"

"backup"="C:\\Windows\\pss\\GamersFirst LIVE!.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\GAMERS~1\\LIVE!\\Live.exe /silent"

"item"="GamersFirst LIVE!"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Lammert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

"path"="C:\\Users\\Lammert\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"

"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\Users\\Lammert\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"

"item"="Dropbox"

==== Startup Folders ======================

2014-09-18 08:59:05 1053 ----a-w- C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [26-09-2013 09:39]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14-07-2013 22:18]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core.job --a------ C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [13-01-2012 14:13]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA.job --a------ C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe [13-01-2012 14:13]

C:\Windows\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [25-03-2014 18:44]

C:\Windows\tasks\update-sys.job --a------ C:\Program Files\Skillbrains\Updater\Updater.exe [25-03-2014 18:44]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001Core" [C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2583579890-3109938321-3288942902-1001UA" [C:\Users\Lammert\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\system32\tasks\update-S-1-5-21-2583579890-3109938321-3288942902-1001" [C:\Program Files\Skillbrains\Updater\Updater.exe]

"C:\Windows\system32\tasks\update-sys" [C:\Program Files\Skillbrains\Updater\Updater.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"faststartff@gmail.com"="C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\extensions\faststartff@gmail.com" []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{70D3BDD7-9591-5D4E-560C-2AF0C6DEBAED}"="C:\Program Files\ver3BetterMarkIt\178.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default

- Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default

FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update

893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In

E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Lammert\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104

CEBC703D0423C181A2BA4AEB06AA874A - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer

5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner +

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

3E0EB8CC0526CF152C80628A7EBAD7C3 - C:\Users\Lammert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

FFF2362F6B4A46D4BC1D147E79A7547B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller

4A9325C8C85F54CB32F8954542D6B85A - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin

6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B645B655759F574B2555276FA111D9 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash

8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Lammert\AppData\Local\Temp\crxE4D4.tmp[]

jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]

jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx[09-09-2011 04:11]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\mjcm\SweetNT.crx[24-06-2014 15:09]

pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx[]

Google Slides - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Bejeweled - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm

Google Docs - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Firebug Lite for Google Chromeâ„¢ - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench

Last updated at time on date - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Tampermonkey - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo

Google Finance - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp

Google Sheets - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Analytics Opt-out Add-on by Google - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh

AdBlock - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Yesware Email Tracking - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp

Hola Better Internet - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

DolceGabbana - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih

Free online speed typing tests find whats your WPM words per minute speed improve your typing skills and practice typing. - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm

AVG Safe Search - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Google Analytics Debugger - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna

PT - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke

StayFocusd - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji

Graph.tk - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk

Google Wallet - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Picky Wallpapers - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj

Gmail - Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"

"Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}"

"Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"

"Start Page"="http://www.istartsurf.com/?type=hp&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X"

"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2583579890-3109938321-3288942902-1001\Software\Mozilla\Firefox\Extensions\{70D3BDD7-9591-5D4E-560C-2AF0C6DEBAED} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Lammert\Desktop\Adobe Dreamweaver CS5.5.lnk - C:\Program Files\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe

C:\Users\Lammert\Desktop\Adobe Photoshop CS5.1.lnk - C:\Program Files\Adobe\Adobe Photoshop CS5.1\Photoshop.exe

C:\Users\Lammert\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe

C:\Users\Lammert\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf

C:\Users\Lammert\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Lammert\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Lammert\Desktop\Notepad.lnk - C:\Windows\system32\notepad.exe

C:\Users\Lammert\Desktop\PartyCasino.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyCasino

C:\Users\Lammert\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker

C:\Users\Lammert\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe

C:\Users\Lammert\Desktop\PokerStars.EU.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe

C:\Users\Lammert\Desktop\War Rock.lnk - C:\Program Files\GamersFirst\War Rock\WRLauncher.exe

C:\Users\Lammert\Desktop\XAMPP Control Panel.lnk - C:\xampp\xampp-control.exe

C:\Users\Lammert\Desktop\P\888poker.lnk - C:\Program Files\PacificPoker\bin\888poker.exe

C:\Users\Lammert\Desktop\P\Betfair.com Poker.lnk - C:\Poker\Betfair.com Poker\casino.exe

C:\Users\Lammert\Desktop\P\Black Chip Poker.lnk - C:\Program Files\BlackChipPoker\client.exe

C:\Users\Lammert\Desktop\P\BovadaPoker.lnk - C:\Bovada\BovadaPoker.exe

C:\Users\Lammert\Desktop\P\Everest Poker.lnk - C:\Program Files\Everest Poker\CStart.exe

C:\Users\Lammert\Desktop\P\Full Tilt Poker.lnk - C:\Program Files\Full Tilt Poker\FullTiltPoker.exe

C:\Users\Lammert\Desktop\P\Gala Casino Poker.lnk - C:\Poker\Gala Casino Poker\casino.exe

C:\Users\Lammert\Desktop\P\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker

C:\Users\Lammert\Desktop\P\Poker at bet365.lnk - C:\Poker\Poker at bet365\casino.exe

C:\Users\Lammert\Desktop\P\PokerStrategy.com Equilab.lnk - C:\Program Files\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe

C:\Users\Lammert\Desktop\P\William Hill Poker.lnk - C:\Poker\William Hill Poker\casino.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\Betraiser Poker.lnk - C:\Programs\Betraiser\Poker\betraiser.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\HoldemManager2.lnk - C:\Program Files\Holdem Manager 2\HoldemManager.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\PokerStove.lnk - C:\Program Files\PokerStove\PokerStove.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\Sure Bet Poker Com.lnk - C:\Users\Lammert\AppData\Local\Sure Bet Poker Com\Loader.exe

C:\Users\Lammert\Desktop\P\Nieuwe map\TestPokerStars.com.lnk - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Digital Photo Professional.lnk - C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Lammert\Desktop\PROGRAMMAS\EOS Utility.lnk - C:\Program Files\Canon\EOS Utility\EOS Utility.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\EVEREST Home Edition.lnk - C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\FileZilla Client.lnk - C:\Program Files\FileZilla FTP Client\filezilla.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\GamersFirst LIVE.lnk -

C:\Users\Lammert\Desktop\PROGRAMMAS\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\McUICnt.exe SecurityScanner.dll

C:\Users\Lammert\Desktop\PROGRAMMAS\Minesweeper.lnk -

C:\Users\Lammert\Desktop\PROGRAMMAS\PaxForex MT 4 Terminal.lnk - C:\Program Files\PaxForex MT 4 Terminal\terminal.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\SonicStage.lnk - C:\Program Files\Sony\SonicStage\Omgjbox.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\War Rock.lnk - C:\Program Files\GamersFirst\War Rock\WRLauncher.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

C:\Users\Lammert\Desktop\PROGRAMMAS\ZoomBrowser EX.lnk - C:\Program Files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe

C:\Users\postgres\Desktop\888poker.lnk - C:\Program Files\PacificPoker\bin\888poker.exe

C:\Users\postgres\Desktop\EVEREST Home Edition.lnk - C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe

C:\Users\postgres\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe

C:\Users\postgres\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe

C:\Users\UpdatusUser\Desktop\Hide IP Platinum.lnk - C:\Program Files\Hide IP Platinum\hideippla.exe

C:\Users\UpdatusUser\Desktop\Plus500.lnk - C:\Program Files\Plus500\Plus500.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\BitTorrent.lnk - C:\Program Files\BitTorrent\BitTorrent.exe

C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files\Webteh\BSPlayer\bsplayer.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Public\Desktop\Full Tilt Poker.Eu.lnk - C:\Program Files\Full Tilt Poker.Eu\FullTiltPokerEU.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe istartsurf

C:\Users\Public\Desktop\PDF-Viewer.lnk - C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe

C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\Users\Public\Desktop\TraScript.lnk - C:\Program Files\TraScript\mirc.exe -r"C:\Users\Lammert\AppData\Roaming\TraScript\"

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Learn More.lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\5.1.4.9\learnmore.url

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Lightshot .lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\Lightshot.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot\Uninstall LightShot.lnk - C:\Users\Lammert\AppData\Local\Skillbrains\lightshot\unins000.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Lammert\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe istartsurf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\Try Free CutePDF Editor.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF\PDF Writer\Readme.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files\Webteh\BSPlayer\bsplayer.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe istartsurf

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE /recycle

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyCasino.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyCasino

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStove.lnk - C:\Program Files\PokerStove\PokerStove.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TestPokerStars.com.lnk - C:\Program Files\PokerStars.TEST\PokerStarsUpdate.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk - C:\Program Files\WinMerge\WinMergeU.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5959ed024c366a0d\Forex trading application.lnk - C:\Program Files\Markets.com MarketTrader\fx_loader.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Full Tilt Poker.lnk - C:\Program Files\Full Tilt Poker\FullTiltPoker.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office PowerPoint 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Publisher 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PokerStars.EU.lnk - C:\Program Files\PokerStars\PokerStarsUpdate.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files\Google\Chrome\Application\chrome.exe istartsurf

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Lammert\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Lammert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully

==== Empty IE Cache ======================

C:\Users\Lammert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lammert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=704 folders=224 89954076 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Lammert\AppData\Local\Temp will be emptied at reboot

C:\Users\postgres\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Lammert\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\SweetIM" not found

"C:\Users\Lammert\AppData\Roaming\TornTV.com" not found

"C:\Program Files\SweetIM" not found

"C:\Users\Lammert\AppData\Roaming\TornTV.com" not found

==== EOF on za 27-09-2014 at 18:40:43,06 ======================

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Opnieuw bedankt.

Log:

# AdwCleaner v3.310 - Rapport aangemaakt 28/09/2014 op 23:40:47

# Laatste Update 12/09/2014 door Xplode

# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)

# Gebruikersnaam : Lammert - LAMMERT-PC

# Gestart vanuit : C:\Users\Lammert\Downloads\adwcleaner_3.310.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Program Files\Skillbrains

Map Verwijderd : C:\Users\Lammert\AppData\Local\Skillbrains

Map Verwijderd : C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

Bestand Verwijderd : C:\Users\Lammert\AppData\LocalLow\SkwConfig.bin

***** [ Taken ] *****

Taak Verwijderd : update-sys

Taak Verwijderd : update-S-1-5-21-2583579890-3109938321-3288942902-1001

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LightShot]

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasapi32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasmancs

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices

Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2865317

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_messenger-reviver_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_messenger-reviver_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2009_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2009_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Sleutel Verwijderd : HKCU\Software\1ClickDownload

Sleutel Verwijderd : HKCU\Software\APN PIP

Sleutel Verwijderd : HKCU\Software\BabylonToolbar

Sleutel Verwijderd : HKCU\Software\Conduit

Sleutel Verwijderd : HKCU\Software\Grand Virtual

Sleutel Verwijderd : HKCU\Software\IM

Sleutel Verwijderd : HKCU\Software\ImInstaller

Sleutel Verwijderd : HKCU\Software\InstallCore

Sleutel Verwijderd : HKCU\Software\SkillBrains

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKCU\Software\SupHpUISoft

Sleutel Verwijderd : HKCU\Software\SweetIM

Sleutel Verwijderd : HKCU\Software\WNLT

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijderd : HKLM\SOFTWARE\AVG Secure Search

Sleutel Verwijderd : HKLM\SOFTWARE\Babylon

Sleutel Verwijderd : HKLM\SOFTWARE\Conduit

Sleutel Verwijderd : HKLM\SOFTWARE\istartsurfSoftware

Sleutel Verwijderd : HKLM\SOFTWARE\PIP

Sleutel Verwijderd : HKLM\SOFTWARE\SkillBrains

Sleutel Verwijderd : HKLM\SOFTWARE\SupDp

Sleutel Verwijderd : HKLM\SOFTWARE\SupTab

Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsMangerProtect

Sleutel Verwijderd : HKLM\SOFTWARE\SweetIM

Sleutel Verwijderd : HKLM\SOFTWARE\WNLT

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Mozilla Firefox v30.0 (nl)

[ Bestand : C:\Users\Lammert\AppData\Roaming\Mozilla\Firefox\Profiles\0pk3j8v7.default\prefs.js ]

-\\ Google Chrome v38.0.2114.2

[ Bestand : C:\Users\Lammert\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Verwijderd [search Provider] : hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&

Verwijderd [search Provider] : hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&affID=18474&mntrId=20a2baee0000000000000011d8682b3a

Verwijderd [search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=102&systemid=406&q={searchTerms}

Verwijderd [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2304157

Verwijderd [search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1411682852&from=ild&uid=WDCXWD2500JD-75HBB0_WD-WCAL7355196851968X&q={searchTerms}

Verwijderd [search Provider] : hxxp://docs.opencart.com/dosearchsite.action?queryString={searchTerms}

Verwijderd [search Provider] : hxxp://css-tricks.com/search-results/?q={searchTerms}

Verwijderd [search Provider] : hxxp://nl.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [12209 octets] - [28/09/2014 23:38:11]

AdwCleaner[s0].txt - [12344 octets] - [28/09/2014 23:40:47]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12405 octets] ##########

Link naar reactie
Delen op andere sites

Moet eerlijk zijn dat het een behoorlijke tijd geleden is dat er echt iets aan gedaan is..
Dat was duidelijk merkbaar aan de besmettingen die aanwezig waren en nu verwijderd zijn. Misschien toch wel wat kritischer uitkijken bij het downloaden van programma's en tools.

Om de boel helemaal netjes te krijgen, mag je nu nog het volgende doen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”.

Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”.

Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.