awesome hp probleem

Daniel

25-02-2014 18:29

hallo
ik heb last van startpagina awesome en krijg m niet weg
iemand die mijn logjes wilt uitlezen ?
log
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2014.02.25.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Daniel :: DELL-PC
25-2-2014 18:18:26
mbam-log-2014-02-25 (18-18-26).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 214847
Verstreken tijd: 4 minuut/minuten, 29 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (PUP.Optional.ShopperPro.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Daniel at 2014-02-25 18:25:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 166 GB (54%) free of 304 GB
Total RAM: 3969 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:21, on 25-2-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13-comm.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13-comm.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
O4 - HKLM\..\Run: “C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe” /mode2
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User ‘Default user’)
O4 - Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NTRU TSS v1.2.1.37 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
–
End of file - 11750 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
“C:\Program Files\Fingerprint Sensor\ATService.exe”
C:\Windows\system32\svchost.exe -k RPCSS
“c:\Program Files\Microsoft Security Client\MsMpEng.exe”
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
“C:\Program Files\IDT\WDM\STacSV64.exe”
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 29688464
\??\C:\Windows\system32\conhost.exe "1056840216-13099738054762888381133759251-18106833084702326885428848327302502
C:\Windows\System32\spoolsv.exe
“C:\Program Files\Common Files\SPBA\upeksvr.exe”
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe”
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe”
“C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe”
“C:\Program Files\Intel\WiFi\bin\EvtEng.exe”
“C:\Program Files\Intel\iCLS Client\HeciServer.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”
C:\Windows\system32\o2flash.exe
“C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe”
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
WLIDSvcM.exe 2512
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe” servicemode
“C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe”
“C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe”
“c:\Program Files\Microsoft Security Client\NisSrv.exe”
“C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fa3883a7-653f-488d-a605-05775cf08bb0 -SystemEventPortName:HostProcess-546146da-52cc-4870-b780-8fbe97e32c76 -IoCancelEventPortName:HostProcess-40408ebe-b0dd-4798-9ee7-6f792eb39827 -NonStateChangingEventPortName:HostProcess-90c5a30d-b576-4aae-a1c9-ec3ba09af243 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:12e8b1ea-7e79-4c87-b830-b04005de0450 -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
“taskhost.exe”
“C:\Windows\system32\Dwm.exe”
taskeng.exe {7092C0A1-06A1-4798-9A9D-50179F11F64F}
C:\Windows\Explorer.EXE
“C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe”
“C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe”
“C:\Program Files\DellTPad\Apoint.exe”
“C:\Program Files\DellTPad\ApMsgFwd.exe” -s{05FA8492-C047-4207-BE65-780D8591C113}
“Apntex.exe”
“C:\Program Files\DellTPad\HidFind.exe”
“C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe”
“C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe”
\??\C:\Windows\system32\conhost.exe "-1482404086200610718100173599-151661036419317792611180085208954359800-1132575559
“C:\Program Files\IDT\WDM\sttray64.exe”
“C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe” /tf Intel PROSet/Wireless
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Windows\System32\igfxpers.exe”
“C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
“C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
“C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe”
“C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe”
“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe”
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe” /mode2
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Windows\SysWOW64\RunDll32.exe” “C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll”,SetAndWaitBtMmHook
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe” -startup
C:\Windows\system32\msiexec.exe /V
“c:\Program Files\Microsoft Security Client\MpCmdRun.exe” SpyNetService -RestrictPrivileges -AccessKey FFB44D26-446C-27B1-8B42-BEE44424F756 -Reinvoke
“C:\Windows\notepad.exe” “C:\Users\Daniel\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-02-25 (18-18-26).txt”
“C:\Program Files\Internet Explorer\iexplore.exe” http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:6056 CREDAT:275457 /prefetch:2
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:6056 CREDAT:668699 /prefetch:2
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2917839972-3848154303-1242016582-10033_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2917839972-3848154303-1242016582-10033 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”
“C:\Windows\system32\SearchFilterHost.exe” 0 516 520 528 65536 524
“C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:6056 CREDAT:1586202 /prefetch:2
“C:\Users\Daniel\Downloads\RSITx64.exe”
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default
prefs.js - “browser.search.useDBForOrder” - true
prefs.js - “browser.startup.homepage” - “chrome://fvd.speeddial/content/fvd_about_blank.html”
“Description”=Adobe® Flash® Player 12.0.0.70 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
“Description”=Adobe Shockwave Player
“Path”=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
“Description”=
“Path”=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Intel IPT WebApi plugin
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
“Description”=This plugin updates Intel WebAPI component
“Path”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Windows\SysWOW64\npDeployJava1.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 12.0.0.70 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\extensions\
e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com
pavel.sherbakov@gmail.com
superstart@enjoyfreeware.org
{8b337819-d1e8-48d3-8178-168ae8c99c36}
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\searchplugins\
conduit-search.xml
======Registry dump======
Torntv V6.0 - C:\Program Files (x86)\Torntv V6.0\Torntv V6.0-bho64.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
“Apoint”=C:\Program Files\DellTPad\Apoint.exe
“TdmNotify”=C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
“DFEPApplication”=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
“SysTrayApp”=C:\Program Files\IDT\WDM\sttray64.exe
“IntelPROSet”=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“MSC”=c:\Program Files\Microsoft Security Client\msseces.exe
“Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
C:\Users\dell\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Users\dell\DOCUME~1\WINDOW~1.EXE
“IMSS”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
“USB3MON”=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
“IAStorIcon”=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
“Dell Webcam Central”=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“mobilegeni daemon”=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Smart Settings.lnk - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
C:\Windows\SYSTEM32\igfxdev.dll
C:\Program Files\Common Files\SPBA\homefus2.dll
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“authentication packages”=msv1_0
wvauth
“notification packages”=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=0
“ConsentPromptBehaviorUser”=3
“EnableLUA”=0
“EnableUIADesktopToggle”=0
“PromptOnSecureDesktop”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“DisableCAD”=1
“NoDriveTypeAutoRun”=145
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave3”=wdmaud.drv
“midi3”=wdmaud.drv
“mixer3”=wdmaud.drv
“wave4”=wdmaud.drv
“midi4”=wdmaud.drv
“mixer4”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“VIDC.CFHD”=CFHD.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-02-25 18:25:17 —-D—- C:\rsit
2014-02-25 18:25:17 —-D—- C:\Program Files\trend micro
2014-02-24 03:01:54 —-SHD—- C:\Config.Msi
2014-02-22 19:06:22 —-A—- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-02-22 15:28:14 —-D—- C:\Windows\Migration
2014-02-22 15:14:24 —-D—- C:\Users\Daniel\AppData\Roaming\Malwarebytes
2014-02-22 15:13:42 —-D—- C:\ProgramData\Malwarebytes
2014-02-22 15:13:41 —-D—- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 15:13:41 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-02-22 14:55:06 —-D—- C:\Program Files (x86)\Microsoft Security Client
2014-02-22 14:55:02 —-D—- C:\Program Files\Microsoft Security Client
2014-02-22 14:50:35 —-SD—- C:\Windows\SYSWOW64\Microsoft
2014-02-18 18:59:24 —-A—- C:\AVScanner.ini
2014-02-15 01:15:58 —-D—- C:\Program Files (x86)\Mozilla Firefox
2014-02-13 03:01:01 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-02-13 03:01:01 —-A—- C:\Windows\system32\vbscript.dll
2014-02-13 03:00:27 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-02-13 03:00:27 —-A—- C:\Windows\system32\msrating.dll
2014-02-13 03:00:26 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-02-13 03:00:26 —-A—- C:\Windows\system32\ieui.dll
2014-02-13 03:00:25 —-A—- C:\Windows\system32\iernonce.dll
2014-02-13 03:00:25 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 03:00:25 —-A—- C:\Windows\system32\ie4uinit.exe
2014-02-13 03:00:24 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-13 03:00:24 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-13 03:00:24 —-A—- C:\Windows\system32\msfeeds.dll
2014-02-13 03:00:24 —-A—- C:\Windows\system32\jsproxy.dll
2014-02-13 03:00:23 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-13 03:00:23 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-02-13 03:00:23 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-02-13 03:00:23 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-13 03:00:23 —-A—- C:\Windows\system32\ieUnatt.exe
2014-02-13 03:00:23 —-A—- C:\Windows\system32\iesetup.dll
2014-02-13 03:00:22 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-02-13 03:00:22 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-02-13 03:00:21 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-13 03:00:21 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-13 03:00:21 —-A—- C:\Windows\system32\mshtml.dll
2014-02-13 03:00:21 —-A—- C:\Windows\system32\jscript9diag.dll
2014-02-13 03:00:20 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-02-13 03:00:20 —-A—- C:\Windows\system32\ieapfltr.dll
2014-02-13 03:00:19 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-02-13 03:00:19 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-02-13 03:00:19 —-A—- C:\Windows\system32\wininet.dll
2014-02-13 03:00:19 —-A—- C:\Windows\system32\iertutil.dll
2014-02-13 03:00:18 —-A—- C:\Windows\system32\urlmon.dll
2014-02-13 03:00:17 —-A—- C:\Windows\system32\ieframe.dll
2014-02-13 03:00:16 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-02-13 03:00:15 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-02-13 03:00:14 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-02-13 03:00:14 —-A—- C:\Windows\system32\jscript9.dll
2014-02-13 00:04:13 —-A—- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-13 00:04:13 —-A—- C:\Windows\SYSWOW64\msxml3.dll
2014-02-13 00:04:13 —-A—- C:\Windows\system32\msxml3r.dll
2014-02-13 00:04:13 —-A—- C:\Windows\system32\msxml3.dll
2014-02-13 00:04:06 —-A—- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-13 00:04:06 —-A—- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-13 00:04:06 —-A—- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-13 00:04:06 —-A—- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 00:04:06 —-A—- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 00:04:06 —-A—- C:\Windows\system32\RMActivate.exe
2014-02-13 00:04:05 —-A—- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-13 00:04:05 —-A—- C:\Windows\SYSWOW64\secproc.dll
2014-02-13 00:04:05 —-A—- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-13 00:04:05 —-A—- C:\Windows\system32\secproc_isv.dll
2014-02-13 00:04:05 —-A—- C:\Windows\system32\secproc.dll
2014-02-13 00:04:05 —-A—- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 00:04:05 —-A—- C:\Windows\system32\msdrm.dll
2014-02-13 00:04:04 —-A—- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-13 00:04:04 —-A—- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-13 00:04:04 —-A—- C:\Windows\SYSWOW64\msdrm.dll
2014-02-13 00:04:04 —-A—- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 00:04:04 —-A—- C:\Windows\system32\secproc_ssp.dll
2014-02-13 00:04:02 —-A—- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-13 00:04:02 —-A—- C:\Windows\system32\d3d10warp.dll
2014-02-13 00:04:01 —-A—- C:\Windows\SYSWOW64\d2d1.dll
2014-02-13 00:04:01 —-A—- C:\Windows\system32\d2d1.dll
2014-01-30 00:28:55 —-D—- C:\Program Files (x86)\Dream Aquarium
2014-01-29 23:50:25 —-D—- C:\ProgramData\WPM
2014-01-29 23:49:50 —-D—- C:\Program Files (x86)\SecretSauce
======List of files/folders modified in the last 1 month======
2014-02-25 18:25:21 —-D—- C:\Windows\Prefetch
2014-02-25 18:25:17 —-RD—- C:\Program Files
2014-02-25 18:23:02 —-D—- C:\Windows\Temp
2014-02-25 18:20:09 —-SHD—- C:\Windows\Installer
2014-02-25 18:16:14 —-D—- C:\Users\Daniel\AppData\Roaming\Skype
2014-02-25 18:16:11 —-A—- C:\Windows\SYSWOW64\log.txt
2014-02-25 18:15:28 —-HD—- C:\Windows\system32\WLANProfiles
2014-02-25 18:13:11 —-D—- C:\Windows\system32\config
2014-02-25 18:13:02 —-D—- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-02-24 03:16:41 —-D—- C:\Windows\Microsoft.NET
2014-02-24 03:00:59 —-D—- C:\Windows\SysWOW64
2014-02-24 03:00:59 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-24 03:00:53 —-D—- C:\Windows\inf
2014-02-24 03:00:51 —-D—- C:\Windows\System32
2014-02-24 03:00:51 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-02-23 20:51:45 —-D—- C:\Windows\system32\catroot2
2014-02-22 19:06:38 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-22 15:28:26 —-D—- C:\Windows\SYSWOW64\en-US
2014-02-22 15:28:26 —-D—- C:\Windows\system32\en-US
2014-02-22 15:28:14 —-SD—- C:\ProgramData\Microsoft
2014-02-22 15:28:14 —-D—- C:\Windows
2014-02-22 15:20:41 —-RD—- C:\Program Files (x86)
2014-02-22 15:19:39 —-HD—- C:\ProgramData
2014-02-22 15:19:38 —-D—- C:\Windows\system32\Tasks
2014-02-22 15:19:37 —-D—- C:\Windows\Tasks
2014-02-22 15:13:41 —-D—- C:\Windows\system32\drivers
2014-02-22 14:55:06 —-D—- C:\Windows\system32\catroot
2014-02-22 14:52:35 —-D—- C:\ProgramData\AVAST Software
2014-02-22 14:48:18 —-D—- C:\Windows\SoftwareDistribution
2014-02-17 18:12:57 —-D—- C:\Windows\debug
2014-02-17 14:29:20 —-D—- C:\Windows\rescache
2014-02-17 03:01:53 —-D—- C:\Windows\system32\MRT
2014-02-17 03:00:15 —-A—- C:\Windows\system32\MRT.exe
2014-02-13 20:01:54 —-RSD—- C:\Windows\assembly
2014-02-13 03:27:52 —-D—- C:\Windows\winsxs
2014-02-13 03:26:20 —-D—- C:\Windows\SYSWOW64\nl-NL
2014-02-13 03:26:20 —-D—- C:\Windows\system32\nl-NL
2014-02-13 03:26:19 —-D—- C:\Program Files\Internet Explorer
2014-02-13 03:26:19 —-D—- C:\Program Files (x86)\Internet Explorer
2014-01-29 23:55:18 —-D—- C:\Program Files\DCE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys
R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port; C:\Windows\system32\DRIVERS\d554gps64.sys
R3 d554scard;Dell Wireless HSPA Mini-Card USIM Port; C:\Windows\system32\DRIVERS\d554scard.sys
R3 ecnssndis; Mobile Broadband Driver; C:\Windows\System32\Drivers\wwuss64.sys
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\Windows\System32\Drivers\wwussf64.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys
R3 Mbm3CBus;Dell Wireless 5560 HSPA+ Mini-Card Device (WDM); C:\Windows\system32\DRIVERS\Mbm3CBus.sys
R3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM); C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
R3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
R3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys
S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usb3Hub;USB-IF USB 3.0 Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S2 tcsd_win32.exe;NTRU TSS v1.2.1.37 TCS; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
—————–EOF—————–
Ben

25-02-2014 18:45

Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
emptyclsid;
torpigcheck;
emptyfolderscheck;delete
;r
C:\Program Files (x86)\Torntv V6.0;fs
;r64
“mobilegeni daemon”=-;r64
C:\Program Files (x86)\Mobogenie;fs
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
* Past het logje niet in één maal post het dan in delen.
Daniel

25-02-2014 19:37

nieuw logje
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Daniel on di 25-02-2014 at 19:19:56,42.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Daniel\Desktop\zoek.exe
==== System Restore Info ======================
25-2-2014 19:21:51 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\GoPro deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\SecretSauce deleted successfully
C:\Program Files\DCE deleted successfully
C:\PROGRA~3\AVAST Software deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Daniel\AppData\Roaming\ExpressFiles deleted successfully
C:\Users\Daniel\AppData\Roaming\Systweak deleted successfully
C:\Users\Daniel\AppData\Local\genienext deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\o2flash.exe
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Daniel\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default
user.js not found
—- Lines Torntv removed from prefs.js —-
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.value”, "%22http%3A//extclickm
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.name”, “Torntv V6.0”);
—- Lines crossrider removed from prefs.js —-
user_pref(“extensions.crossrider.bic”, “1434fbc9f33d037947b6a22d84953c9e”);
—- Lines awesomehp removed from prefs.js —-
user_pref(“browser.search.defaultenginename”, “awesomehp”);
user_pref(“browser.search.selectedEngine”, “awesomehp”);
—- Lines ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960 removed from prefs.js —-
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.active”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbar”, “NA”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.addressbarenhanced”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb.was_copied”, “true”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncdb_dbWasSet_FF25_FIX”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb.was_copied”, “true”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.asyncinternaldb_dbWasSet_FF25_FIX”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.backgroundver”, 8);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.certdomaininstaller”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.changeprevious”, false);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_aoi.expiration”, "Fri Feb 01 2030 00
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_aoi.value”, “%221392940399%22”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_parent_zoneid.expiration”, "Fri Feb
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie._GPL_parent_zoneid.value”, “%22476142%22”
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.expiration”, "Fri Feb 01 2030 00:00:00
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.au.value”, “%222014-2-20%22”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.expiration”, "Wed Feb 26 20
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cm_page_views.value”, “3”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.expiration”, "Fri Feb 01 2030 00:00:0
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.cnt.value”, “%22NL%22”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.expiration”, "Fri Feb 01 2030 0
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.first_run.value”, “%221%22”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.expiration”, "Fri Feb 01 2030 00:
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.install.value”, “%222014-1-30%22”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.expiration”, "Fri Feb 01
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallationTime.value”, "%221391035755%2
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.expiration”, "Fri Feb 01
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.InstallerParams.value”, "%7B%22source_id%
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.jw_token.expiration”, "Fri Feb 01 2030 00
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.jw_token.value”, "%223e647930-9656-a01b-d
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_is_not_installed.expiration”, "Fr
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_is_not_installed.value”, “true”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.expiration”, "Fri Feb 0
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.partner_last_seen.value”, “1392852582131”
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.cookie.testingGaq.expiration”, "Fri Feb 01 2030
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.description”, "The must-have App extensions for
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.domain”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.enablesearch”, false);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.homepage”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.iframe”, false);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationThankYouPage”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.InstallationTime”, 1391035755);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.expiration”, "Fri
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.__defualt_browser__.value”, "%22ff%22
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.expiration”, "Fri Feb 01 20
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.installer.value”, "%7B%22InstallerIde
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.expiration”, "Fr
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerIdentifiers.value”, "%7B%22i
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.expiration”, "Fri Feb
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParams.value”, "%7B%22source
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.expiration”, "Fr
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerParamsCache.value”, "%7B%22s
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.expirat
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.InstallerUserIdentifiersCache.value”,
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.monetization_plugin_last_executable_r
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.expiration”, "Fri Fe
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_appVer.value”, “85”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.expiration”, "F
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_lastVersion.value”, “4”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.expiration”, "Fri Feb
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_meta.value”, “%7B%7D”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.expiration”, "Wed
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_nextCheck.value”, “true”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.expiration”, "Fri Feb
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_queue.value”, “%7B%7D”);
user_pref("extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.expiration
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.internaldb.Resources_remote_resources.value”, "%
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastDailyReport”, “1393347741661”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.lastUpdate”, “1393347742727”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.manifesturl”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.newtab”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.opensearch”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsurl”, "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.pluginsversion”, 77);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.publisher”, “installdaddy”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.searchstatus”, 0);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.setnewtab”, false);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.thankyou”, “”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.updateinterval”, 360);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.45960.ver”, 85);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.apps”, “45960”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.bic”, “1434fbc9f33d037947b6a22d84953c9e”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.cid”, 45960);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.FilesValidatorDueTime”, “1393347798682”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.firstrun”, false);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.hadappinstalled”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.installationdate”, 1391038819);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.modetype”, “production”);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.reportInstall”, true);
user_pref(“extensions.ae2fd07a6e2824f2e896585565fcb6384b69158e63c3b476c9d98ae5838c5b707com45960.statsDailyCounter”, 67);
—- FireFox user.js and prefs.js backups —-
prefs_25-02-2014_1928_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
“mobilegeni daemon”=-
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Torntv V6.0 not found
C:\Program Files (x86)\Mobogenie deleted
C:\Users\Daniel\daemonprocess.txt deleted
C:\Users\Daniel\.android deleted
C:\PROGRA~2\ShopperPro deleted
C:\PROGRA~2\MyPC Backup deleted
C:\Users\Daniel\AppData\Roaming\UpdaterEX deleted
C:\Users\Daniel\AppData\Roaming\Babylon deleted
C:\PROGRA~3\WPM deleted
C:\Users\Daniel\AppData\Local\Mobogenie deleted
C:\Users\Daniel\AppData\Local\cache deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted
C:\windows\SysNative\Tasks\Express FilesUpdate deleted
C:\Users\Daniel\Documents\Mobogenie deleted
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\searchplugins\conduit-search.xml deleted
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\FVD Toolbar deleted
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\extensions\e2fd07a6-e282-4f2e-8965-85565fcb6384@b69158e6-3c3b-476c-9d98-ae5838c5b707.com deleted
==== System Specs ======================
Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3970 MB
CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
CPU Speed: 2487,7 MHz
Sound Card: Luidsprekers / Hoofdtelefoon (I |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Dell Wireless 5560 HSPA+ Mini-Card Network Adapter | Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Advanced-N 6205 | Broadcom NetXtreme 57xx Gigabit Controller
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GT80N
Ports: COM4 | COM3 | COM5 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 297,3GB
Hard Disks - Free: C: 161,5GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 02/06/13 | DELL - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: Dell Inc. 05GRXT
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Firefox 27.0.1
Internet Explorer Version: 11.0.9600.16518
Mozilla Firefox version: 27.0.1 (x86 nl)
Adobe Reader version: 11.0.06.70
Flash Player version: 12.0.0.70
Shockwave Player version: 12.0.4r144
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-02-22 13:57:52 E185BDA84E5F03F4E1D8DCA30E209277 1912 —-a-w- C:\Windows\epplauncher.mif
====== C:\Users\Daniel\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-02-22 18:06:22 5EB5B34C2538268B78DD5FD35E09CB00 17858952 —-a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-13 02:01:01 3D485254E43EF4E4F707346B5731EA9A 454656 —-a-w- C:\Windows\SysWOW64\vbscript.dll
2014-02-13 02:00:27 B8F28AAC003060E3B125D2447CFC19E2 164864 —-a-w- C:\Windows\SysWOW64\msrating.dll
2014-02-13 02:00:27 B5B3334F177CED627C2D7FE38235B6B1 2724864 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 02:00:26 85AC8EB265EDCAD86D651D45C5E3AB83 440832 —-a-w- C:\Windows\SysWOW64\ieui.dll
2014-02-13 02:00:24 C9D1131E2163CE932DF3EAAF0EEA3673 524288 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 02:00:24 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 02:00:23 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 02:00:23 408805B8083896DC95E6340F4016BEBD 61952 —-a-w- C:\Windows\SysWOW64\iesetup.dll
2014-02-13 02:00:23 260D6B421E5551E8BA75D16B5CA90D9A 51200 —-a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 02:00:23 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 —-a-w- C:\Windows\SysWOW64\iernonce.dll
2014-02-13 02:00:21 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 —-a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 02:00:21 0F739443669F3A48F1B2325995117BFE 553472 —-a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 02:00:20 34CBED7698D557DDB43F8732FBC2ACB9 2168320 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2014-02-13 02:00:19 9C89246184979A070B0C6CCF61C68136 1820160 —-a-w- C:\Windows\SysWOW64\wininet.dll
2014-02-13 02:00:19 5D9DC6332A4FC66388B09BBE7CF53750 1156096 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2014-02-13 02:00:18 40E68599FE3A10F816217D3789FCE74E 1964032 —-a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 02:00:16 79FA7D8B488F90EDE325963379A6F738 11266048 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2014-02-13 02:00:15 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2014-02-13 02:00:14 99280392987A1A96C756A9F38C4CE396 4244480 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:04:14 EA093130471090037BB70A4AF86FAD1B 420008 —-a-w- C:\Windows\SysWOW64\locale.nls
2014-02-12 23:04:13 E4561704CBFA193761743E5AF746C669 1237504 —-a-w- C:\Windows\SysWOW64\msxml3.dll
2014-02-12 23:04:13 17B06F23237FCD731FA2E10ECD6EDFE1 2048 —-a-w- C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 23:04:06 E01D2AC63453534DB8AD1EA97DEE9C3A 594944 —-a-w- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 23:04:06 6142C5540C8D2764D59CBC11AF4A5900 572416 —-a-w- C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 23:04:06 0F5FEF37588AF457E02125674F171A4F 508928 —-a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 23:04:05 BBCE3E9E74C7CEA47FA4115B360AC2C6 423936 —-a-w- C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 23:04:05 12A9F24DC9F465DA79AC2272D829A81E 428032 —-a-w- C:\Windows\SysWOW64\secproc.dll
2014-02-12 23:04:05 08D323750350A8A29611D1004C0CF319 510976 —-a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 23:04:04 9158DBE2F8483434FC72F320690C9DB8 87040 —-a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 23:04:04 7FA485555BF802FE3DB5598004DBDFAC 390144 —-a-w- C:\Windows\SysWOW64\msdrm.dll
2014-02-12 23:04:04 58712A48D31B40EBCB35B47205F87771 87040 —-a-w- C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 23:04:02 D96106CF60505734B14F6AE80AAA4B07 1987584 —-a-w- C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 23:04:01 14800BD31701A5047AC3145BB1E698AE 3419136 —-a-w- C:\Windows\SysWOW64\d2d1.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-02-13 02:01:01 F67C7D80745379DC4C5332EFFE5AC696 548864 —-a-w- C:\Windows\Sysnative\vbscript.dll
2014-02-13 02:00:27 94C59DD02BC7EA0E421055B9946CA861 2724864 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2014-02-13 02:00:27 1D1D7F52EC84294859642A4309FE648E 195584 —-a-w- C:\Windows\Sysnative\msrating.dll
2014-02-13 02:00:26 63B5E990896BA81D604032A48CC80A5C 574976 —-a-w- C:\Windows\Sysnative\ieui.dll
2014-02-13 02:00:25 FD08F8BA2437A85F500EFFE3FD3158A6 33792 —-a-w- C:\Windows\Sysnative\iernonce.dll
2014-02-13 02:00:25 E77092C38028EB0A5C461B3436E0A6D5 4096 —-a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-02-13 02:00:25 27516B54E116D5EF8B0129B5C829A87C 218624 —-a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-02-13 02:00:24 CDE728C8FB1D6E132CED44835FA44C87 627200 —-a-w- C:\Windows\Sysnative\msfeeds.dll
2014-02-13 02:00:24 99ED8FBAFD325550D07A32664D9E3CC8 53760 —-a-w- C:\Windows\Sysnative\jsproxy.dll
2014-02-13 02:00:23 C1E2C16D58D76323800C3EE5E2C5095A 66048 —-a-w- C:\Windows\Sysnative\iesetup.dll
2014-02-13 02:00:23 338415F2E9A188875B6E43B5269620B0 139264 —-a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-02-13 02:00:22 FCFAEDF0AA1A78A1875FDB798598408B 48640 —-a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-02-13 02:00:22 E129D34089E70215B65EA611F802FA9A 111616 —-a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-02-13 02:00:21 D016F5092E4FFC41147E8555A71D2DDE 23170048 —-a-w- C:\Windows\Sysnative\mshtml.dll
2014-02-13 02:00:21 3906C9640406FC0FC00A324947C74893 708608 —-a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-02-13 02:00:20 F348B2D0983C91392632B4291C517AA4 817664 —-a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-02-13 02:00:19 6300AD525D639CECBB3D144B6D7B30F9 2765824 —-a-w- C:\Windows\Sysnative\iertutil.dll
2014-02-13 02:00:19 263B6E451526A90FF8B1CEC759F22956 2334208 —-a-w- C:\Windows\Sysnative\wininet.dll
2014-02-13 02:00:18 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 —-a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-02-13 02:00:18 22874047B810B5B174C68ACD7C0B6510 1393664 —-a-w- C:\Windows\Sysnative\urlmon.dll
2014-02-13 02:00:17 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 —-a-w- C:\Windows\Sysnative\ieframe.dll
2014-02-13 02:00:14 5922EEA922D3AD686342F866CAEE851F 5768704 —-a-w- C:\Windows\Sysnative\jscript9.dll
2014-02-12 23:04:14 EA093130471090037BB70A4AF86FAD1B 420008 —-a-w- C:\Windows\Sysnative\locale.nls
2014-02-12 23:04:13 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 —-a-w- C:\Windows\Sysnative\msxml3r.dll
2014-02-12 23:04:13 0D298133C359AB8CB9EB4FA178BF3947 1882112 —-a-w- C:\Windows\Sysnative\msxml3.dll
2014-02-12 23:04:06 297926B15AE5390409F1007EB28A8EFB 552960 —-a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe
2014-02-12 23:04:06 1B3741488AA7E237961A29D1E7A44C0A 626176 —-a-w- C:\Windows\Sysnative\RMActivate.exe
2014-02-12 23:04:06 17CF3B3F68272BD40C878D4DBAB0EBC9 658432 —-a-w- C:\Windows\Sysnative\RMActivate_isv.exe
2014-02-12 23:04:05 C6AC2C91541D24F9E236A670C0CA793D 528384 —-a-w- C:\Windows\Sysnative\msdrm.dll
2014-02-12 23:04:05 5693212AB2EBCACBBE05EC3A642113E2 485888 —-a-w- C:\Windows\Sysnative\secproc_isv.dll
2014-02-12 23:04:05 399FC1B75790EE606A6FD9F2FB4C891C 488448 —-a-w- C:\Windows\Sysnative\secproc.dll
2014-02-12 23:04:05 03F8F411F118CFDA508E77C747BB05EA 553984 —-a-w- C:\Windows\Sysnative\RMActivate_ssp.exe
2014-02-12 23:04:04 DC6DD779F35BB42E2E76FDFEC565C251 123392 —-a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll
2014-02-12 23:04:04 B41B1FEDEBBD955B4E25676B42087885 123392 —-a-w- C:\Windows\Sysnative\secproc_ssp.dll
2014-02-12 23:04:02 E8710B5DDA963E6BA198DF5FB209E72A 2565120 —-a-w- C:\Windows\Sysnative\d3d10warp.dll
2014-02-12 23:04:01 C676E5EA388AF7C4C031F56F9B42E362 3928064 —-a-w- C:\Windows\Sysnative\d2d1.dll
====== C:\Windows\Sysnative\drivers =====
2014-02-22 14:13:41 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2014-01-29 22:50:36 91E12952A3A441509ADE45621D7165B7 3140 —-a-w- C:\Windows\Sysnative\Tasks\{8DABE963-0183-4F9E-8999-0FA7F502741C}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-02-25 17:25:17 ——– d—–w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-01-29 23:28:55 ——– d—–w- C:\PROGRA~2\Dream Aquarium
======= C: =====
2014-02-18 17:59:24 D46D074B8BF3F42AB0820C49AD760823 426 —-a-w- C:\AVScanner.ini
====== C:\Users\Daniel\AppData\Roaming ======
====== C:\Users\Daniel ======
2014-02-25 17:24:53 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Daniel\Downloads\RSITx64.exe
2014-01-31 03:21:36 ——– d—–r- C:\Windows\SysNative\config\systemprofile\Desktop
====== C: exe-files ==
2014-02-25 17:25:17 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Daniel.exe
2014-02-25 17:24:53 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Daniel\Downloads\RSITx64.exe
2014-02-22 18:06:22 5EB5B34C2538268B78DD5FD35E09CB00 17858952 —-a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
=== C: other files ==
2014-02-22 17:39:23 7E1C072961BE0D108C81AB91BD89D687 957290 —-a-w- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2014-02-22 14:13:41 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\System32\drivers\mbam.sys
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IMSS”=“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
“USB3MON”=“C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
“IAStorIcon”=“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60”
“Dell Webcam Central”=“C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
==== Startup Registry Enabled x64 ======================
“Apoint”=“C:\Program Files\DellTPad\Apoint.exe”
“TdmNotify”=“C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe”
“DFEPApplication”=“C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe”
“IntelPROSet”=“C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PROSet/Wireless”
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“Persistence”=“C:\Windows\system32\igfxpers.exe”
“MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“SysTrayApp”=“C:\Program Files\IDT\WDM\sttray64.exe”
==== Startup Registry Disabled x64 ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DellSystemDetect”
“hkey”=“HKCU”
“command”=“C:\\Users\\dell\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Dell\\Dell System Detect.appref-ms”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Google Update”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\dell\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\“ /c”
“item”=“Win 8 Desktop Clock”
“path”=“C:\\Users\\dell\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Win 8 Desktop Clock.lnk”
“backup”=“C:\\Windows\\pss\\Win 8 Desktop Clock.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\dell\\DOCUME~1\\WINDOW~1.EXE”
==== Startup Folders ======================
2013-06-12 19:01:22 1073 —-a-w- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
2012-12-13 13:51:27 1073 —-a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
2012-12-13 13:51:27 1073 —-a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
2012-12-13 13:32:55 834 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001Core.job –a—— C:\Users\dell\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001UA.job –a—— C:\Users\dell\AppData\Local\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001Core”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2917839972-3848154303-1242016582-1001UA”
“C:\Windows\SysNative\tasks\Dell\Client System Update”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2013-12-11 21:18:45 ——– d—–w- C:\PROGRA~3\Samsung
2014-02-22 14:13:42 ——– d—–w- C:\PROGRA~3\Malwarebytes
==== Firefox Extensions ======================
ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default
- Speed Dial - New Tab Page Sync - %ProfilePath%\extensions\pavel.sherbakov@gmail.com
- Super Start - %ProfilePath%\extensions\superstart@enjoyfreeware.org
- SaveSense - %ProfilePath%\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}
- Google Calendar Watcher - %ProfilePath%\extensions\gcw@devseo.co.uk.xpi
- Integrated Google Calendar - %ProfilePath%\extensions\intgcal@egarracingteam.com.ar.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
EE8D96E7899D12FC3AA5DB2034C0853C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll - Shockwave Flash
AF661355EBAB898EB92D5454AEF93CE0 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.400.43
0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleted Firefox Extensions ======================
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\3bfwqza9.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} deleted
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://dell13-comm.msn.com”
“Default_Search_URL”=“http://www.google.com”
“Default_Page_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.awesomehp.com/web/?type=ds&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F&q={searchTerms}”
“Default_Search_URL”=“http://www.google.com”
“Default_Page_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.awesomehp.com/web/?type=ds&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F&q={searchTerms}”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
not found
New Values:
“Start Page”=“http://dell13-comm.msn.com”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{B8FE5BE9-9CFF-4D22-9FF2-5A77BAD5B233} Unknown Url=“Not_Found”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2917839972-3848154303-1242016582-1003\Software\Microsoft\Internet Explorer\SearchScopes\{B8FE5BE9-9CFF-4D22-9FF2-5A77BAD5B233} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Daniel\Desktop\µTorrent.lnk -
C:\Users\Daniel\Desktop\Documenten\Programma's\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Daniel\Desktop\Documenten\Programma's\Dream Aquarium.lnk - C:\Windows\DreamAquarium.scr -S
C:\Users\Daniel\Desktop\Documenten\Programma's\McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\mcuicnt.exe SecurityScanner.dll
C:\Users\Daniel\Desktop\Documenten\Programma's\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Daniel\Desktop\Documenten\Programma's\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\beschrijvingen - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\beschrijvingen.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 11 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 11 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 2 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 2 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 4 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 4 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 5 samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 5 samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 6 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 6 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 7 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 7 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 8 Samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 8 Samenvatting.docx
C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\Oceanography Herkansing\Hoofdstuk 9 samenvatting - Snelkoppeling.lnk - C:\Users\Daniel\Desktop\School\AFGESLOTEN MODULE\PERIODE 1\LK101VN\OCEANOGRAPHY\uitprinten\Hoofdstuk 9 samenvatting.docx
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
==== shortcuts in Users Start Menu ======================
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
==== shortcuts in Quick Launch ======================
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=1391035804&from=ild&uid=TOSHIBAXMK3261GSYN_Y27CY8M3FXXY27CY8M3F
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
O4 - HKLM\..\Run: “C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe” /mode2
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User ‘Default user’)
O4 - Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NTRU TSS v1.2.1.37 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5L40JZQ will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\3bfwqza9.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=718 folders=68 68048660 bytes)
==== Empty Temp Folders ======================
C:\Users\Daniel\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Daniel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5L40JZQ” not found
==== EOF on di 25-02-2014 at 19:35:10,93 ======================
Ben

25-02-2014 19:42

Hallo,
Download
AdwCleaner by Xplode naar het bureaublad.
Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,
Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik vervolgens op Scan.
Klik vervolgens op Clean als er items zijn gevonden.
Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt
Post aansluitend de inhoud van dit log in je volgende bericht.
Daniel

25-02-2014 19:48

logje
# AdwCleaner v3.019 - Report created 25/02/2014 at 19:45:37
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Daniel - DELL-PC
# Running from : C:\Users\Daniel\Desktop\adwcleaner.exe
# Option : Clean
***** *****
***** *****
***** *****
***** *****
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SOFTWARE\5a53dc8fbc38e945
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592260}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596660}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592260}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596660}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
***** *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (nl)
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Ben

25-02-2014 19:51

Hallo,
Hoe staat het hierna met je probleem?
Daniel

25-02-2014 19:53

prima
startpagina is weer goed
en geen ellendige popups reclames
gr Daniel
Ben

25-02-2014 19:56

Hallo,
Dat is mooi (tu)
Malwarebytes kan je laten staan en één maal in de week (na te hebben geupdate) je pc mee scannen.
Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:
Download
Delfix by Xplode naar het bureaublad.
Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.
Daniel

25-02-2014 20:02

gedaan
mijn hartelijke dank voor jou hulp -D
groeten Daniel
Ben

25-02-2014 20:04

Hallo,
Bedankt en graag gedaan B)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

awesome hp probleem

Daniel

Ben

Daniel

Ben

Daniel

Ben

Daniel

Ben

Daniel

Ben