Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Hallo,
Hierbij het logje.
Er staat negens bij apparaat beheer gele uitroeptekens!
Zoek.exe v5.0.0.0 Updated 02-Januari-2014
Tool run by Verkleij on vr 03-01-2014 at 14:55:21,15.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Verkleij\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-12-31-183452.log 46809 bytes
C:\zoek-results2014-01-01-085623.log 1492 bytes
C:\zoek-results2014-01-01-183359.log 623 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Windows\system32\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll
==== Empty Folders Check ======================
C:\ProgramData\Oracle deleted successfully
C:\Users\Verkleij\AppData\Local\cache deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\conime.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.exe
C:\Program Files\Jump Flip\updateJumpFlip.exe
C:\Program Files\Registry Helper\RegistryHelperService.exe
C:\Program Files\Registry Helper\RegistryHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Verkleij\Desktop\zoek.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Registry Helper Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Registry Helper Service deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\640riom4.default-1387229407798
—- Lines mysearchdial removed from prefs.js —-
user_pref(“browser.startup.homepage”, "http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBt
user_pref(“browser.search.selectedEngine”, “Mysearchdial”);
user_pref(“browser.search.defaultenginename”, “Mysearchdial”);
—- Lines mysearchdial removed from user.js —-
user_pref(“extensions.mysearchdial.hmpg”, true);
user_pref(“extensions.mysearchdial.hmpgUrl”, “http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”);
user_pref(“extensions.mysearchdial.dfltSrch”, true);
user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”);
user_pref(“extensions.mysearchdial.dnsErr”, true);
user_pref(“extensions.mysearchdial_i.newTab”, false);
user_pref(“extensions.mysearchdial.newTabUrl”, “http://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”);
user_pref(“extensions.mysearchdial.tlbrSrchUrl”, “http://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=&q=”);
user_pref(“extensions.mysearchdial.id”, “00235A1E568B4567”);
user_pref(“extensions.mysearchdial.instlDay”, “16072”);
user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”);
user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”);
user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.022:52:55”);
user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”);
user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”);
user_pref(“extensions.mysearchdial.aflt”, “irmsd0101”);
user_pref(“extensions.mysearchdial_i.smplGrp”, “none”);
user_pref(“extensions.mysearchdial.tlbrId”, “base”);
user_pref(“extensions.mysearchdial.instlRef”, “”);
user_pref(“extensions.mysearchdial.dfltLng”, “”);
user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”);
user_pref(“extensions.mysearchdial.excTlbr”, false);
user_pref(“extensions.mysearchdial_i.hmpg”, true);
user_pref(“extensions.mysearchdial.cr”, “534909745”);
user_pref(“extensions.mysearchdial.cd”, “2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R”);
—- FireFox user.js and prefs.js backups —-
user_03-01-2014_1507_.backup
prefs_03-01-2014_1507_.backup
ProfilePath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76(167).default-1384266771836
—- Lines mysearchdial removed from prefs.js —-
user_pref(“browser.startup.homepage”, "http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBt
user_pref(“browser.search.selectedEngine”, “Mysearchdial”);
user_pref(“browser.search.defaultenginename”, “Mysearchdial”);
—- Lines mysearchdial removed from user.js —-
user_pref(“extensions.mysearchdial.hmpg”, true);
user_pref(“extensions.mysearchdial.hmpgUrl”, “http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”);
user_pref(“extensions.mysearchdial.dfltSrch”, true);
user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”);
user_pref(“extensions.mysearchdial.dnsErr”, true);
user_pref(“extensions.mysearchdial_i.newTab”, false);
user_pref(“extensions.mysearchdial.newTabUrl”, “http://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”);
user_pref(“extensions.mysearchdial.tlbrSrchUrl”, “http://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=&q=”);
user_pref(“extensions.mysearchdial.id”, “00235A1E568B4567”);
user_pref(“extensions.mysearchdial.instlDay”, “16072”);
user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”);
user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”);
user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.022:52:55”);
user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”);
user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”);
user_pref(“extensions.mysearchdial.aflt”, “irmsd0101”);
user_pref(“extensions.mysearchdial_i.smplGrp”, “none”);
user_pref(“extensions.mysearchdial.tlbrId”, “base”);
user_pref(“extensions.mysearchdial.instlRef”, “”);
user_pref(“extensions.mysearchdial.dfltLng”, “”);
user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”);
user_pref(“extensions.mysearchdial.excTlbr”, false);
user_pref(“extensions.mysearchdial_i.hmpg”, true);
user_pref(“extensions.mysearchdial.cr”, “534909745”);
user_pref(“extensions.mysearchdial.cd”, “2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R”);
—- FireFox user.js and prefs.js backups —-
user_03-01-2014_1507_.backup
prefs_03-01-2014_1507_.backup
ProfilePath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836
—- Lines mysearchdial removed from prefs.js —-
user_pref(“browser.search.defaultenginename”, “Mysearchdial”);
user_pref(“browser.search.selectedEngine”, “Mysearchdial”);
user_pref(“browser.startup.homepage”, "http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBt
user_pref(“extensions.mysearchdial.aflt”, “irmsd0101”);
user_pref(“extensions.mysearchdial.appId”, “{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}”);
user_pref(“extensions.mysearchdial.cd”, "2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1
user_pref(“extensions.mysearchdial.cr”, “534909745”);
user_pref(“extensions.mysearchdial.dfltLng”, “”);
user_pref(“extensions.mysearchdial.dfltSrch”, true);
user_pref(“extensions.mysearchdial.dnsErr”, true);
user_pref(“extensions.mysearchdial.excTlbr”, false);
user_pref(“extensions.mysearchdial.hmpg”, true);
user_pref(“extensions.mysearchdial.hmpgUrl”, "http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0T
user_pref(“extensions.mysearchdial.id”, “00235A1E568B4567”);
user_pref(“extensions.mysearchdial.instlDay”, “16072”);
user_pref(“extensions.mysearchdial.instlRef”, “”);
user_pref(“extensions.mysearchdial.newTabUrl”, "http://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D
user_pref(“extensions.mysearchdial.prdct”, “mysearchdial”);
user_pref(“extensions.mysearchdial.prtnrId”, “mysearchdial”);
user_pref(“extensions.mysearchdial.srchPrvdr”, “Mysearchdial”);
user_pref(“extensions.mysearchdial.tlbrId”, “base”);
user_pref(“extensions.mysearchdial.tlbrSrchUrl”, "http://start.mysearchdial.com/?f=3&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN
user_pref(“extensions.mysearchdial.vrsn”, “1.8.21.0”);
user_pref(“extensions.mysearchdial.vrsni”, “1.8.21.0”);
user_pref(“extensions.mysearchdial_i.hmpg”, true);
user_pref(“extensions.mysearchdial_i.newTab”, false);
user_pref(“extensions.mysearchdial_i.smplGrp”, “none”);
user_pref(“extensions.mysearchdial_i.vrsnTs”, “1.8.21.022:52:55”);
—- Lines mysearchdial modified from prefs.js —-
user_pref(“extensions.installCache”, ".exe
2014-01-03 10:32:44 B65C8C0D898D6D45915CA8F4FA1342B1 6951712 —-a-w- C:\Users\Verkleij\AppData\Local\Temp\is349140818\6158475_stp.EXE
2014-01-03 10:31:29 714C96364BF4A736B231B36C52BE9B95 668624 —-a-w- C:\Users\Verkleij\Desktop\WECPSetup.exe
2014-01-01 18:48:19 9223A2810B73069F4A03A636052EF14A 264616 —-a-w- C:\Windows\System32\javaws.exe
2014-01-01 18:47:56 DC1342498BEE7EF1646E9D63138B69CC 175016 —-a-w- C:\Windows\System32\javaw.exe
2014-01-01 18:47:56 658633D255FEF154EA1CB8705B4468C5 174504 —-a-w- C:\Windows\System32\java.exe
2014-01-01 18:47:36 CC27986F45EF9FD700BC347355B002B3 15784 —-a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2014-01-01 18:47:36 738AF811C60870FB218D47C628D350AA 15784 —-a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2014-01-01 18:47:36 707BFE32E04720B9D50562669A30F86C 49064 —-a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2014-01-01 18:47:36 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 —-a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2014-01-01 18:47:36 555651269833A415E1F9E594E8DD829F 146344 —-a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2014-01-01 18:47:36 54A30377949D4984EE72C5510C58B83D 16296 —-a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2014-01-01 18:47:36 464358DE0429ABB319DFE3F5E5C85F77 15784 —-a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2014-01-01 18:47:36 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 —-a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2014-01-01 18:47:36 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 —-a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2014-01-01 18:47:34 CE10E75E10EB6952A7D813FA587EC632 15784 —-a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2014-01-01 18:47:34 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 —-a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2014-01-01 18:47:34 80A79264302910C7C24BA7E44267EFEF 182696 —-a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2014-01-01 18:47:34 7F55715977ECF32633857F16980F008E 52648 —-a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2014-01-01 18:47:34 7814B0A3E6FE8FFF31B7108D16FC4591 15784 —-a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2014-01-01 18:47:34 5721DA732075E01569A287767CBCFA5A 15784 —-a-w- C:\Program Files\Java\jre7\bin\klist.exe
2014-01-01 18:47:30 DC1342498BEE7EF1646E9D63138B69CC 175016 —-a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2014-01-01 18:47:30 A9743D2D69B80800FEA5F24E7C4B02B3 48040 —-a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2014-01-01 18:47:30 9223A2810B73069F4A03A636052EF14A 264616 —-a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2014-01-01 18:47:30 83D790AA563347A026771D50E3D07A9B 66984 —-a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2014-01-01 18:47:30 658633D255FEF154EA1CB8705B4468C5 174504 —-a-w- C:\Program Files\Java\jre7\bin\java.exe
2014-01-01 18:47:30 2F7EBCD8FB6557997F0583508FFFE6B1 15784 —-a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
2014-01-01 18:45:48 40644BE06A1E87CF268EE8C33E921702 915368 —-a-w- C:\Users\Verkleij\Downloads\jxpiinstall.exe
2013-12-31 14:24:07 611A21E60A973A95CCA7F0B2E7AEDCFC 1064333 —-a-w- C:\Users\Verkleij\Desktop\FRST.exe
2013-12-31 11:22:45 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-12-31 11:22:45 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-12-31 11:22:45 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-12-31 11:22:45 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-12-31 11:22:45 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
2013-12-30 19:22:43 99F20CB58E61DAAD19935122AEE8B376 106212 —-a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe
2013-12-30 19:22:42 3B9398E0146855B1DC0E3D9769C80F01 119408 —-a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
2013-12-30 18:17:03 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Verkleij.exe
2013-12-30 18:16:36 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Verkleij\Desktop\RSIT.exe
2013-12-30 18:14:13 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Verkleij\Downloads\RSITx64.exe
2013-12-30 13:49:42 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-12-30 13:49:42 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-12-30 13:49:42 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-12-30 13:49:42 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-12-30 13:49:42 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-12-30 13:23:34 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Desktop\adwcleaner.exe
2013-12-30 13:18:16 AF5C84446657B48C9B9B870C46438261 1233962 —-a-w- C:\Users\Verkleij\Downloads\adwcleaner.exe
2013-12-28 23:11:24 869EB4AF9C510FEB3445BCAB3D578E08 404768 —-a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{63086E66-FEAB-4705-8977-7BFD975F2003}\setup.exe
2013-12-28 23:03:28 3348D1B1D702E333CE99F7E0FD313460 468480 —-a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-28 23:03:27 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-12-28 23:03:25 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 —-a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-28 17:52:53 1D0A82B11235D68CF55A54B2ADECB9F1 155648 —-a-w- C:\Windows\System32\wscript.exe
2013-12-28 17:52:52 B44B59C85DC2C2D39542F97BF545A308 135168 —-a-w- C:\Windows\System32\cscript.exe
2013-12-27 21:31:24 929E4C1D9C741F9D123A2723A7AF29C4 65312 —-a-w- C:\Program Files\Jump Flip\updateJumpFlip.exe
=== C: other files ==
2014-01-01 19:09:28 80C4C1659E95296066CD0902007B6272 34532 —-a-w- C:\Users\Verkleij\AppData\LocalLow\Adobe\Acrobat\10.0\rdrmessage.zip
2014-01-01 18:47:38 0A35B7026416325DE4A3EEC131F6EE2C 18636 —-a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
2013-12-31 13:11:02 EB7310B5CFDD5656C192C7096BD586C7 4101441 —-a-w- C:\Users\Verkleij\Downloads\tdsskiller.zip
2013-12-30 13:32:37 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-28 17:53:39 A6E18756EA7B6E971184B57B86251FC5 2050560 —-a-w- C:\Windows\System32\win32k.sys
2013-12-28 17:53:37 6DBA75306DD9B242B6F1C343179AD201 167936 —-a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys
2013-12-28 17:53:37 6DBA75306DD9B242B6F1C343179AD201 167936 —-a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-28 17:53:37 2A63675F6FA8EF0FF9F5C72695584CAA 130048 —-a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys
2013-12-28 17:53:37 2A63675F6FA8EF0FF9F5C72695584CAA 130048 —-a-w- C:\Windows\System32\drivers\drmk.sys
==== Startup Registry Enabled ======================
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden”
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“NextLive”=“C:\Windows\system32\rundll32.exe C:\Users\Verkleij\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l”
“NvCplDaemon”=“RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup”
“HP Health Check Scheduler”=“c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe”
“Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“APSDaemon”=“C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe -atboottime”
“iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe”
“SunJavaUpdateSched”=“C:\Program Files\Common Files\Java\Java Update\jusched.exe”
“Adobe Acrobat Speed Launcher”=“C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe”
“Registry Helper”=“C:\Program Files\Registry Helper\RegistryHelper.Exe /boot”
“mobilegeni daemon”=“C:\Program Files\Mobogenie\DaemonProcess.exe”
“SynTPEnh”=“%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ”
“SmartMenu”=“%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe”
“SysTrayApp”=“C:\Program Files\IDT\WDM\sttray.exe”
zie volgend bericht voor vervolg.
Het vervolg.
“LightScribe Control Panel”=“C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden”
“Skype”=“C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“NextLive”=“C:\Windows\system32\rundll32.exe C:\Users\Verkleij\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l”
“AppInit_DLLs”=“C:\\Windows\\System32\\acaptuser32.dll”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Acrobat Assistant 8.0”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrotray.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe Acrobat Speed Launcher”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CanonMyPrinter”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CanonSolutionMenu”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Canon\\SolutionMenu\\CNSLMAIN.exe /logon”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CLMLServer for HP TouchSmart”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\TouchSmart\\Media\\Kernel\\CLML\\CLMLSvc.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DVDAgent”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\Media\\DVD\\DVDAgent.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“ehTray.exe”
“hkey”=“HKCU”
“command”=“C:\\Windows\\ehome\\ehTray.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“HP Health Check Scheduler”
“hkey”=“HKLM”
“command”=“c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“HP Software Update”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“hpWirelessAssistant”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“LightScribe Control Panel”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“NvCplDaemon”
“hkey”=“HKLM”
“command”=“RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“QlbCtrl.exe”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SmartMenu”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SunJavaUpdateSched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SynTPEnh”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SysTrayApp”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\IDT\\WDM\\sttray.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“TSMAgent”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Hewlett-Packard\\TouchSmart\\Media\\TSMAgent.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Windows Defender”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“WMPNSCFG”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe”
“path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk”
“backup”=“C:\\Windows\\pss\\BTTray.lnk.CommonStartup”
“backupExtension”=“.CommonStartup”
“command”=“C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe ”
“item”=“BTTray”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForcinor 8 oud.job –a—— C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
==== Other Scheduled Tasks ======================
“C:\Windows\system32\tasks\Adobe Flash Player Updater”
“C:\Windows\system32\tasks\CCleanerSkipUAC”
“C:\Windows\system32\tasks\CreateChoiceProcessTask”
“C:\Windows\system32\tasks\HP Health Check”
“C:\Windows\system32\tasks\HPCeeScheduleForcinor 8 oud”
“C:\Windows\system32\tasks\User_Feed_Synchronization-{0A25AB60-DFE4-40EB-B916-7B9F537630C1}”
“C:\Windows\system32\tasks\Windows Codec Update Service”
“C:\Windows\system32\tasks\{46F75399-43A3-453C-BFE5-9AE55DE9AC97}”
“C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate”
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-12-28 15:43:23 ——– d—–w- C:\ProgramData\LightScribe
2013-12-30 13:32:41 ——– d—–w- C:\ProgramData\Malwarebytes
==== Firefox Extensions Registry ======================
“{20a82645-c095-46ed-80e3-08825760534b}”=“c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension”
==== Firefox Extensions ======================
ProfilePath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836
- MySearchDial NewTab - %ProfilePath%\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\640riom4.default-1387229407798
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
198BED114015C2671C88FDC32CDCB21D - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
198BED114015C2671C88FDC32CDCB21D - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
E7838D22B19B9C121AAF93E282256586 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
0843C70733E8CA876475123A6601630D - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility
E2318E8514ABF50E3ECEDAB9465A90A1 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
Profilepath: C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
6BF74B455691665771F87E39027D3E0E - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll - WildTangent Games App V2 Presence Detector
9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
198BED114015C2671C88FDC32CDCB21D - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
198BED114015C2671C88FDC32CDCB21D - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
4393DCB856A2A109E266E6F59E2EF31A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
E7838D22B19B9C121AAF93E282256586 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)
01F0264937036BD962563F1ADF35CE72 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
0843C70733E8CA876475123A6601630D - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility
E2318E8514ABF50E3ECEDAB9465A90A1 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
==== Deleted Firefox Extensions ======================
C:\Users\Verkleij\AppData\Roaming\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
pflphaooapbgpeakohlggbpidpppgdff - C:\Users\Verkleij\AppData\Local\mysearchdial-speeddial.crx
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx
pflphaooapbgpeakohlggbpidpppgdff - C:\Users\Verkleij\AppData\Local\mysearchdial-speeddial.crx
YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Verkleij\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage deleted successfully
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”
“Tabs”=“http://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtBtAyD0AtC0EyDyCzz0ByEyDyCyBtN0D0Tzu0SyBtAtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=534909745&ir=”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
not found
New Values:
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Tabs”=“res://ieframe.dll/tabswelcome.htm”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully
HKEY_USERS\S-1-5-21-3022698584-3638288616-1049742233-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Registry Helper deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully
==== HijackThis Entries ======================
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files\Jump Flip\JumpFlipbho.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM\..\Run: C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\Registry Helper\RegistryHelper.Exe” /boot
O4 - HKLM\..\Run: C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: “C:\Program Files\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: C:\Windows\system32\rundll32.exe “C:\Users\Verkleij\AppData\Roaming\newnext.me\nengine.dll”,EntryPoint -m l
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: Update Jump Flip - Jump Flip - C:\Program Files\Jump Flip\updateJumpFlip.exe
==== Empty IE Cache ======================
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Verkleij\AppData\Local\Mozilla\Firefox\Profiles\fpz3hy76.default-1384266771836\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3131 folders=348 332866923 bytes)
==== Empty Temp Folders ======================
C:\Users\cinor 8\AppData\Local\Temp emptied successfully
C:\Users\cinor 8 oud\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gast\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Verkleij\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Verkleij\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Verkleij\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
==== EOF on vr 03-01-2014 at 15:17:21,90 ======================
Hallo,
Voer zoek.exe nogmaals uit met deze code;
;r
“NextLive”=-;r
C:\Users\Verkleij\AppData\Roaming\newnext.me;fs
;r
“Registry Helper”=-;r
“mobilegeni daemon”=-;r
C:\Program Files\Mobogenie;fs
C:\Program Files\Registry Helper;fs
;r
“NextLive”=-;r
“AppInit_DLLs”=-;r
C:\Windows\System32\acaptuser32.dll;f
C:\Program Files\Jump Flip;fs
Kijk eens of er bij de fabrikant nieuwe drivers zijn voor je geluid/video.
Ik weet niet hoe belangrijk wmp is voor je Ton.
Probeer eens de gratis VLC player om te zien of de problemen in WMP of windows zitten.
Gratis open source mediaplayer en deze kan alle mediabestanden afspelen. http://www.videolan.org/
Lost dit de problemen met het geluid op dan zitten de problemen in WMP.
Bevalt hij niet dan deinstalleer hem.
Zelf gebruik ik hem al vele jaren tot tevredenheid.
Hallo,
Ik heb alle stuurprogramma gecheckt en deze zijn up to date.
Hierbij het logje:
Zoek.exe v5.0.0.0 Updated 02-Januari-2014
Tool run by Verkleij on vr 03-01-2014 at 16:17:10,87.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Verkleij\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-12-31-183452.log 46809 bytes
C:\zoek-results2014-01-01-085623.log 1492 bytes
C:\zoek-results2014-01-01-183359.log 623 bytes
C:\zoek-results2014-01-03-141721.log 65819 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
“NextLive”=-
“Registry Helper”=-
“mobilegeni daemon”=-
“NextLive”=-
“AppInit_DLLs”=-
==== Deleting Files \ Folders ======================
C:\Users\Verkleij\AppData\Roaming\newnext.me not found
C:\Program Files\Mobogenie not found
C:\Program Files\Registry Helper not found
“C:\Windows\System32\acaptuser32.dll” deleted
“C:\Program Files\Jump Flip\updateJumpFlip.exe” deleted
“C:\Program Files\Jump Flip” not deleted
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} deleted successfully
==== Deleting CLSID Registry Values ======================
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3137 folders=349 333540498 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
“C:\Program Files\Jump Flip” not found
==== EOF on vr 03-01-2014 at 16:20:45,62 ======================
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
