ISUPM.exe en issch.exe

Vermaesen · 20 maart 2013

Na het opstarten van mijn PC krijg ik telkens, na het verschijnen van mijn bureaublad, een bericht van een onbekende uitgever die via ISUPM.exe een verandering in mijn computer wil aanbrengen. Kies ik voor "nee" dan komt dezelfde vraag over issch.exe. Beide bestanden heb ik gevonden in: progr.files/common

files /instalshield/update service. Ik heb mijn virusscanner het laten scannen, geen resultaat. Ook heb ik TuneUp Utilities gebruikt. de berichten blijven komen. Wat betekent dit en kan ik deze bestanden gewoon verwijderen?

Jion · 20 maart 2013

Dag Vermaesen,

welkom op PCH!

Voer eerst het volgende uit:

Download MBAM (Malwarebytes Anti-Malware)
Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht.

Voer daarna het volgende uit:

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.
1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

De beide logjes van Mbam en HJT mag je in je volgende reactie plaatsen.

Vermaesen · 21 maart 2013

Bedankt voor de hulp. Als ik CTRL + A indruk gebeurt er echter niks. Dus kan ik ook niks in het kladblok plaatsen. Kunt u mij verder helpen?

Vriendelijke groet,

Laurens.

Jion · 21 maart 2013

Bij Hijackthis dien je voor de optie "Do a system scan and safe a logfile" te kiezen in het hoofdmenu.

Het kladblok met het rapport zal dan na de scan automatisch openen.

Selecteer deze tekst en kopieer alles hier in je volgende bericht.

Vermaesen · 22 maart 2013

Ik heb "Do a system scan and safe a logfile" gekozen en een kladblok verschijnt. Maar het kladblok is geheel leeg, er is geen rapport te zien.

Jion · 22 maart 2013

Kan je dat Mbam logje al plaatsen?

Vermaesen · 22 maart 2013

Het logje is geplaatst, maar dan krijg ik een venster waarin staat: Kan bestand C:\program Files(x86)\Trend Micro\HiJackThis\hijackthis.log niet vinden. Met de keus of ik een nieuw bestand wil maken. Klik ik "ja" dan gebeurt er echter niks. Wat doe ik fout?

kape · 22 maart 2013

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- Running processes
- Recently Created
- Installed Programs
- HijackThis Log
- Firefox Look
- Chrome Look
- Firefox Defaults
- Reset Chrome
- Empty Temp Folders
- IE Defaults
- Auto Clean
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

Vermaesen · 24 maart 2013

Zoek.exe Version 4.0.0.2 Updated 23-03-2013

Tool run by Laurens on zo 24-03-2013 at 17:11:20,31.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Secunia\PSI\sua.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe

C:\Program Files (x86)\DAP\DAP.exe

C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe

C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\TuneUp Utilities 2013\TURatingSynch.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Laurens\Desktop\zoek.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CFDEC32-E8A6-0F49-B02F-2AF75B9805A6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

AddThis Toolbar

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Creative Suite 2

Adobe Digital Editions 2.0

Adobe Flash Player 11 ActiveX

Adobe Help Center 1.0

Adobe Illustrator CS2

Adobe InDesign CS2

Adobe Photoshop CS2

Adobe Reader XI (11.0.02) - Nederlands

Adobe Stock Photos 1.0

Adobe SVG Viewer 3.0

Advanced SystemCare 6

Apple Application Support

Apple Software Update

Ashampoo Burning Studio 6 FREE v.6.83

Auslogics Disk Defrag

BrowserProtect

DealPly

DivX

Download Accelerator Plus (DAP)

EasyCleaner

EPSON Scan

Find Junk Files 1.51

Google Chrome

Google Update Helper

HiJackThis

IObit Apps Toolbar v7.0

IObit Malware Fighter

Malwarebytes Anti-Malware versie 1.70.0.1100

McAfee SecurityCenter

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

PDF Reader

PDF Reader Packages

QuickTime

Realtek Ethernet Controller Driver

Secunia PSI (3.0.0.4001)

Security Task Manager 1.8g

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Smart Defrag 2

Suite Specific

TuneUp Utilities 2013

TuneUp Utilities Language Pack (nl-NL)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Wajam

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserProtect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserProtect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\wajamupdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wajamupdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\wajamupdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\wajamupdater deleted successfully

==== FireFox Fix ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Batch Command(s) Run By Tool======================

C:\Windows\System32\roboot64.exe deleted successfully

==== Deleting Files \ Folders ======================

"C:\Windows\SysNative\roboot64.exe" not found

"C:\user.js" deleted

"C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted

"C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted

"C:\user.js" deleted

"C:\prefs.js" deleted

"C:\END" deleted

"C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth160.dll" deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not deleted

"C:\Program Files (x86)\Application Updater" deleted

"C:\Program Files (x86)\Delta" deleted

"C:\Program Files (x86)\IObit Apps Toolbar" deleted

"C:\Program Files (x86)\DealPly" deleted

"C:\Program Files (x86)\Wajam" deleted

"C:\Program Files (x86)\Perion" deleted

"C:\Program Files (x86)\Common Files\Spigot" not deleted

"C:\Users\Laurens\AppData\Roaming\Babylon" deleted

"C:\Users\Laurens\AppData\Roaming\DealPly" deleted

"C:\Users\Laurens\AppData\Roaming\Delta" deleted

"C:\Users\Laurens\AppData\Roaming\Systweak" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\ProgramData\BrowserProtect" not deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly" deleted

"C:\Users\Laurens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted

"C:\Users\Laurens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect" deleted

"C:\Users\Laurens\AppData\Local\APN" deleted

"C:\Users\Laurens\AppData\Local\Wajam" deleted

"C:\Users\Laurens\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\Laurens\AppData\LocalLow\DataMngr" deleted

"C:\Users\Laurens\AppData\LocalLow\Search Settings" deleted

"C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted

"C:\Program Files (x86)\Common Files\Spigot\Search Settings" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components" not deleted

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Laurens\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-03-13 20:24:53 E7E671A2A0159ED8D86CA98DF134BB70 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-03-13 20:24:53 60D6B33E77A297AA1B14BF0452C20471 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-03-13 20:24:52 C9A2D460FD5E409C9320B4CE68A81549 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-03-13 20:24:52 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-03-13 20:24:52 15CF0E37F2B406BDE06CBA4F507B25DE 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-03-13 20:24:51 D0F2CB059B2A89AD5B24FD9EB8D784BE 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2013-03-13 20:24:51 2A324C44A1B2352EF5F2E1C8984935C0 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-03-13 20:24:51 180D098704551DE37C6299AA888D6821 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-03-13 20:24:50 C798EB903A4FA90D2961E164518090C5 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-03-13 20:24:49 03728C624D05C2F157BBD46F6B7F6EA0 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-03-13 20:24:48 73BDB1C0801D44BEA5F6749FD340CC0F 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-03-13 20:24:48 69F42E40A0C4344939437D86A8893DA6 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-03-13 20:24:48 1895402C57C32BF8281E8F6C65522253 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-03-13 20:24:47 6428A1B56B4F426F35A029231FF0BB1E 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-03-13 20:24:46 263963D93A3CA8F685EFA5966F1E6581 12321792 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-03-13 20:24:44 D3EAB9BCB2B92EFCA615781C215644C0 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-03-10 20:11:49 45746C118436AA14E38BF0A2B4975ECE 21792 ----a-w- C:\Windows\SysWOW64\authuitu.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-03-13 20:24:54 315BD7958BD33C71442A7383BBAD2237 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-03-13 20:24:53 E532E71207987BE22BEEE1F1F7E5B371 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-03-13 20:24:52 ACFA7C9F9DBAE8143598F23C3DE8934A 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-03-13 20:24:52 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-03-13 20:24:51 FF1AAEDD4A1A0FC3C5ED66B4EE0B254A 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-03-13 20:24:51 F5F7A06D538619CB3B8081DF766F1D39 237056 ----a-w- C:\Windows\Sysnative\url.dll

2013-03-13 20:24:51 406533EADD808A7A9B5A022F298C6841 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-03-13 20:24:50 D845B455663AE3B4AEB153D9B2E6A4C3 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-03-13 20:24:50 0A1BB8FF664EA24C2679B70F731A6F7A 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-03-13 20:24:49 FA274190682AA41A46B285208ED46A74 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-03-13 20:24:48 B9996038ABB1664E49DE171AD14DE275 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-03-13 20:24:48 A54A16DAE7497CDCB8C5A021C0F6FEB8 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-03-13 20:24:48 7784649104ED574EC129C3282F54E846 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-03-13 20:24:48 0E92BD6EBE215FA80288AFA7996A622B 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-03-13 20:24:45 460723A080D6F22E56D45BC8C1F15B2A 17815040 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-03-13 20:24:44 E829C45F0D77852C43BE99C4B1BD215D 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-03-10 20:11:50 B9EC73306189EDAA8CEB2F903543B05D 35104 ----a-w- C:\Windows\Sysnative\TURegOpt.exe

2013-03-10 20:11:50 801B69A01FF47130E3C125D70DDED43A 26400 ----a-w- C:\Windows\Sysnative\authuitu.dll

====== C:\Windows\Sysnative\drivers =====

2013-03-23 13:51:43 DD0443BC6CC78A19FD399817F8C51401 17720 ----a-w- C:\Windows\Sysnative\drivers\SmartDefragDriver.sys

2013-03-23 13:50:52 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys

2013-03-20 13:11:15 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-02-25 15:35:06 6BC3FE66BFAA363468D95C56D6403AB2 58880 ----a-w- C:\Windows\Sysnative\drivers\RxFilter.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-03-16 14:02:19 -------- d-----w- C:\Program Files\Dell Support Center

2013-03-13 20:23:41 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-02-25 14:46:45 -------- d-----w- C:\Program Files\iPod

2013-02-25 14:46:38 -------- d-----w- C:\Program Files\iTunes

======= C:\Program Files (x86) =====

2013-03-20 13:28:39 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-03-13 20:23:41 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

2013-03-10 20:11:17 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013

2013-02-26 14:18:41 -------- d-----w- C:\Program Files (x86)\Ashampoo

2013-02-25 15:31:41 -------- d-----w- C:\Program Files (x86)\Common Files\Roxio Shared

2013-02-25 15:31:15 -------- d-----w- C:\Program Files (x86)\DivX

2013-02-25 14:46:38 -------- d-----w- C:\Program Files (x86)\iTunes

2013-02-25 13:36:34 -------- d-----w- C:\Program Files (x86)\ToniArts

2013-02-25 13:36:06 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield

2013-02-24 14:23:13 -------- d-----w- C:\Program Files (x86)\Find Junk Files

======= C: =====

2013-03-17 21:18:30 82097D1A9D2847DB80D8FD98475DD5FA 3560 ------w- C:\bootsqm.dat

====== C:\Users\Laurens\AppData\Roaming ======

2013-03-16 14:21:13 -------- d-----w- C:\users\Laurens\AppData\Local\Deployment

2013-03-16 14:21:13 -------- d-----w- C:\users\Laurens\AppData\Local\Apps

2013-03-16 14:03:10 -------- d-----w- C:\users\Laurens\AppData\Roaming\Dell

2013-03-16 14:00:47 -------- d-----w- C:\users\Laurens\AppData\Roaming\PCDr

2013-03-03 20:10:02 -------- d-----w- C:\users\Laurens\AppData\Roaming\TuneUp Software

2013-03-03 14:55:59 -------- d-----w- C:\users\Laurens\AppData\Roaming\Belastingdienst

2013-02-26 14:18:58 -------- d-----w- C:\users\Laurens\AppData\Roaming\Ashampoo

2013-02-26 14:18:48 -------- d-----w- C:\users\Laurens\AppData\Local\ashampoo

2013-02-26 14:18:26 -------- d-----w- C:\users\Laurens\AppData\Local\Programs

2013-02-26 14:07:12 -------- d-----w- C:\users\Laurens\AppData\Roaming\Digiarty

2013-02-25 19:58:24 -------- d-----w- C:\users\Laurens\AppData\Roaming\Searchya

2013-02-25 15:51:44 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\users\Laurens\AppData\Local\rx_image.Cache

2013-02-25 15:38:09 -------- d-----w- C:\users\Laurens\AppData\Roaming\Roxio

====== C:\Users\Laurens ======

2013-03-19 19:31:46 -------- d-----w- C:\ProgramData\SecTaskMan

2013-03-16 14:02:53 -------- d-----w- C:\ProgramData\PCDr

2013-03-16 14:02:53 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2013-03-16 14:02:52 -------- d-----w- C:\ProgramData\Dell

2013-03-03 20:08:28 -------- d-----w- C:\ProgramData\TuneUp Software

2013-03-03 20:07:48 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-02-26 14:18:47 -------- d-----w- C:\ProgramData\Ashampoo

2013-02-25 15:34:59 -------- d-----w- C:\ProgramData\InstallShield

2013-02-25 15:34:28 -------- d-----w- C:\ProgramData\Sonic

2013-02-25 15:31:56 -------- d-----w- C:\ProgramData\Roxio

2013-02-25 15:15:56 7EF2009A2EF6E8DAF10254B9F786999B 9 ----a-w- C:\Users\Laurens\ist.txt

2013-02-25 15:14:45 -------- d-----w- C:\ProgramData\BrowserProtect

2013-02-25 14:46:38 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

====== C: exe-files ==

2013-03-23 19:19:51 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[2].exe

2013-03-23 13:51:30 6CA14382E4B8C66B0FBAEE91CDA625E2 1184128 ----a-w- C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe

2013-03-22 15:03:25 628E4CB562E97AD7418F1F87914AF7CB 286840 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000305a\drsupdate.15298159_RUNASUSER.exe

2013-03-20 13:10:33 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Laurens\Desktop\e-book\mbam-setup-1.70.0.1100.exe

2013-03-20 12:56:01 A9ADBB9CF5EB800CA3D3A7D08136269A 69784 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\wajam_update[1].exe

2013-03-19 19:43:25 D86D528632406C4F6BEE98D2FFA3F806 6220680 ----a-w- C:\Users\Laurens\Desktop\e-book\speedupmypc.exe

=== C: other files ==

2013-03-23 13:51:43 DD0443BC6CC78A19FD399817F8C51401 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys

2013-03-23 13:50:52 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-22 15:18:50 2767142218E1320AF49E0510D01512C9 36563 ----a-w- C:\ProgramData\PCDr\6032\AddOnDownloaderCache\zipped\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.zip

2013-03-22 15:05:31 46991380D6CA3F13187D6A01C7737955 121931939 ----a-w- C:\Users\Laurens\Desktop\Nieuwe map (3)\wetransfer-ae5335.zip

2013-03-20 13:11:15 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-20 13:07:37 E94C1BE7C4B4FD264079C8398F64A5B8 68884499 ----a-w- C:\Users\Laurens\Desktop\e-book\pleaseread_1.zip

2013-03-20 12:53:56 C292D35C844B1B8D0B89209057051C0F 219136873 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter08.zip

2013-03-20 12:48:08 95288372FF7212087F0A0C7C1E8CC9CF 289929997 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter07.zip

2013-03-20 12:47:32 ECD572287C1946D477452ADFF4CC3FE3 376975492 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter06.zip

2013-03-20 12:47:17 7B399B5D41A23337B4CA501967B9C4D0 305900882 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter05.zip

2013-03-20 12:47:03 95B544386DC830A170519593D8A9D37A 255975744 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter04.zip

2013-03-20 12:46:39 285FE3126B54D726AE3F7854C9CE5A44 207225354 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter03.zip

2013-03-20 12:45:10 04C486F3C06A200798AB18864FB79588 169604978 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter02.zip

2013-03-20 12:44:23 9C26E96EA2DF4D7FF5823248211960E4 98288119 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter01.zip

2013-03-20 12:43:50 28F78D80B0F4E83177258A7FDFF38738 18377116 ----a-w- C:\Users\Laurens\Desktop\e-book\creative-skpage-chapter00.zip

2013-03-19 20:20:29 70F56FB19C5EAB7EC2520B89BD0F902C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3353428398-178236928-3314485351-1000\$I17DI4G.zip

2013-03-19 20:06:30 FB671F62C52AB6D272E39FAF4B350883 545363 ----a-w- C:\$Recycle.Bin\S-1-5-21-3353428398-178236928-3314485351-1000\$R17DI4G.zip

2013-03-19 20:05:19 FB671F62C52AB6D272E39FAF4B350883 545363 ----a-w- C:\Users\Laurens\Desktop\Tools\Autoruns.zip

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bodfdknjhecmadheclfjkhhiofeagdbh - C:\Program Files (x86)\DAP\daplinkchecker.crx[16-12-2012 13:46]

ffdcfjdljhbehggjdkdioajnknjcpbjb - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx[16-12-2012 13:48]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04-12-2012 10:47]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]

jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]

jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\Laurens\AppData\Local\Wajam\Chrome\wajam.crx[]

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx[]

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[11-08-2012 11:46]

niogeckbkdcabhnapjbkeiklablhjoca - C:\Program Files (x86)\Perion\ChromeInfoBar\ChromeInfoBar.crx[]

pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[19-02-2013 13:00]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

DAP Link Checker - Laurens - Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh

Download Accelerator Plus (DAP) - Laurens - Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb

SiteAdvisor - Laurens - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

DealPly - Laurens - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Ebay Shopping Assistant by Spigot - Laurens - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Domain Error Assistant - Laurens - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

SweetIM for Facebook - Laurens - Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Wajam - Laurens - Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Savings-Slider - Laurens - Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

Advanced SystemCare Surfing Protection - Laurens - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

IncrediBar for Chrome\u2122 - Laurens - Default\Extensions\niogeckbkdcabhnapjbkeiklablhjoca

Amazon Shopping Assistant by Spigot - Laurens - Default\Extensions\pfndaklgolladniicklehhancnlgocpp

BrowserProtect - Laurens - Default\Extensions\pgafcinpmmpklohkojmllohd****efph

==== Chrome Fix ======================

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\niogeckbkdcabhnapjbkeiklablhjoca deleted successfully

C:\Users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0DzzzzyDzz0DtBzz0B0DtN0D0Tzu0CyEtBtBtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1673291767&ir="

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0DzzzzyDzz0DtBzz0B0DtN0D0Tzu0CyEtBtBtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1673291767&ir="

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://www.searchya.com/?f=2&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0DzzzzyDzz0DtBzz0B0DtN0D0Tzu0CyEtBtBtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1673291767&ir="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://www.searchya.com/?f=2&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0DzzzzyDzz0DtBzz0B0DtN0D0Tzu0CyEtBtBtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1673291767&ir="

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{7F4EFF06-7032-458e-AE16-1C1D8255C28A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&affID=119585&tt=210213_ol&babsrc=SP_ss&mntrId=609f28bd000000000000d4bed9d8858d"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{7F4EFF06-7032-458e-AE16-1C1D8255C28A} SearchYa//www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0DzzzzyDzz0DtBzz0B0DtN0D0Tzu0CyEtBtBtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1673291767&ir="

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-3353428398-178236928-3314485351-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9SE_ENUS/110

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: FCTBPos00Pos - {9EBF8AAF-0A31-4786-909A-97A0EF101743} - (no file)

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: (no name) - {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - (no file)

O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart

O4 - HKCU\..\Run: [Cookienator] "C:\Users\Laurens\Desktop\cookienator.exe" /auto

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [speedBitVideoAccelerator] "C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" /startup

O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_SC976.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3353428398-178236928-3314485351-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3353428398-178236928-3314485351-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm

O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O20 - AppInit_DLLs: c:\progra~3\browse~2\261095~1.52\{c16c1~1\browse~1.dll

O23 - Service: McAfee Application Installer Cleanup (0130211363533121) (0130211363533121mcinstcleanup) - - (no file)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Laurens\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Laurens\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SGIG974 will be deleted at reboot

C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MV4L7MHF will be deleted at reboot

C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2SK1VNT will be deleted at reboot

C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Laurens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Laurens\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files (x86)\Common Files\Spigot" not found

"C:\ProgramData\BrowserProtect" not found

"C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SGIG974" not found

"C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MV4L7MHF" not found

"C:\Users\Laurens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2SK1VNT" not found

24 maart 2013 aangepast door kape
dubbellog (onvolledig) verwijderd

kape · 24 maart 2013

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
 C:\ProgramData\BrowserProtect;fs
 C:\Program Files (x86)\Common Files\Spigot;fs
 C:\users\Laurens\AppData\Roaming\Searchya;fs
 C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F};fs
 C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69;fs

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- HijackThis Log
- Firefox Defaults
- Reset Chrome
- Auto Clean
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

Inloggen

ISUPM.exe en issch.exe

Aanbevolen berichten

Vermaesen

Jion

Vermaesen

Jion

Vermaesen

Jion

Vermaesen

kape

Vermaesen

kape

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie