Het ene na het andere prog "reageert niet". zelf direct na opstart (=vrij geheugen)

[greybob]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:24:32, on 29/04/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe

R:\Mijn documenten Bob\Mijn ontvangen bestanden\Hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{141CD2B2-F149-48B2-8A3F-FDFF0A79C7D8}: NameServer = 193.174.208.135,193.121.171.135

O17 - HKLM\System\CS1\Services\Tcpip\..\{141CD2B2-F149-48B2-8A3F-FDFF0A79C7D8}: NameServer = 193.174.208.135,193.121.171.135

O17 - HKLM\System\CS2\Services\Tcpip\..\{141CD2B2-F149-48B2-8A3F-FDFF0A79C7D8}: NameServer = 193.174.208.135,193.121.171.135

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10532 bytes

[clarkie]

Ik heb je discussie verplaatst naar bestrijding spyware en virussen.

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[juisterr]

Ik zie niks verkeerds in het HijackThis logje.

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm;
  emptyclsid; 
  autoclean;
  shortcutfix;
  iedefaults; 
  
  
  
  
  

  
  

• Klik daarna op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[greybob]

Beste oude trol,

Dank voor je snelle reactie. Het gevraagde logbestand vindt je hierna.

In het vorige antwoord zag u niks verkeerds, maar als leek huiverde ik toch bij de regels die "file missing" vermeldden.

Ondertussen speel ik met een vermoeden richting hardware, maar wellicht wacht ik best uw analyse af van de onderstaande log af.

Vriendelijke groet,

bOb

Zoek.exe Version 4.0.0.2 Updated 23-04-2013

Tool run by Bob on ma 29/04/2013 at 18:47:03,02.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Creating Sample_20132904_1849.zip ======================

Copied file C:\Users\Bob\310.70-desktop-win8-win7-winvista-64bit-international-whql.exe to sample

sample\310.70-desktop-win8-win7-winvista-64bit-international-whql.exe renamed to 2C37845F5CBD848AC6F4672CE622490F

C:\Users\Public\Desktop\sample_20132904_1849.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4016790167-2948697978-3886021624-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\zvcxkmtw.default

user.js not found

---- Lines WebSearch removed from prefs.js ----

user_pref("extensions.toolbar.mindspark._39Members_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=86BCDD03-988F-4471-AC1E-6FA90036E313&n=77fc4226&p2=^UX^xdm170^YY^be&si=MDFIG11");

---- Lines WebSearch modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20132904_1854_.backup

==== Deleting Files \ Folders ======================

"C:\END" deleted

"C:\Users\Public\Desktop\YTD Video Downloader.lnk" deleted

"C:\Users\Bob\310.70-desktop-win8-win7-winvista-64bit-international-whql.exe" deleted

"C:\Users\Bob\AppData\Roaming\Lite" deleted

"C:\Users\Bob\AppData\Local\PackageAware" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Bob\AppData\Local\Temp ====

2013-04-29 07:48:00 5C8BF1592A4582BC4B4ADA1803646ADA 7672792 ----a-w- C:\Users\Bob\AppData\Local\Temp\Foxit Reader Updater.exe

====== C:\Windows\SysWOW64 =====

2013-04-28 19:26:40 8255AD29A44B2E14B2DD99319F92A0AB 95648 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

====== C:\Windows\SysWOW64\drivers =====

2013-04-18 14:42:31 88F57A15B786BF2AF9458F7903768085 28352 ----a-w- C:\Windows\SysWOW64\drivers\MxlW2k.sys

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-04-24 09:46:18 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

2013-04-13 19:05:53 7E44C2684A6CA779B9D07CB4BD3F649D 178624 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys

2013-04-13 19:05:49 DE6759B8D8E62BF0FFF2B05F05AFCEE6 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys

2013-04-10 18:38:23 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys

====== C:\Windows\Tasks ======

2013-04-24 15:14:42 28F983D2A7EEAD8E529D588B46157B52 1050 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-04-24 15:14:41 73E04AD0921E47E5756FC451A49186B8 1046 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-04-05 01:01:07 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-04-03 10:47:15 -------- d-----w- C:\Program Files\CyberLink

======= C:\Program Files (x86) =====

2013-04-24 15:14:38 -------- d-----w- C:\Program Files (x86)\Google

2013-04-18 15:58:43 -------- d-----w- C:\Program Files (x86)\MP3Gain

2013-04-18 15:26:27 -------- d-----w- C:\Program Files (x86)\Lame For Audacity

2013-04-18 15:02:07 -------- d-----w- C:\Program Files (x86)\Audacity

2013-04-13 19:11:29 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

2013-04-10 22:28:43 -------- d-----w- C:\Program Files (x86)\Microsoft.NET

2013-04-07 20:13:48 -------- d-----w- C:\Program Files (x86)\TagScanner

2013-04-05 01:01:07 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

2013-04-04 10:34:09 -------- d-----w- C:\Program Files (x86)\Mozilla Thunderbird

2013-04-03 10:50:27 -------- d-----w- C:\Program Files (x86)\Cyberlink

======= C: =====

2013-04-12 16:46:02 7FBA17F06BC60A3988F41F4C56A4142F 8294454 ----a-w- C:\Zumba.bmp

====== C:\Users\Bob\AppData\Roaming ======

2013-04-24 15:19:48 -------- d-----w- C:\users\Bob\AppData\Locallow\Google

2013-04-24 15:14:38 -------- d-----w- C:\users\Bob\AppData\Local\Google

2013-04-20 18:45:30 -------- d-----w- C:\users\Bob\AppData\Local\GHISLER

2013-04-18 15:58:44 -------- d-----w- C:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain

2013-04-18 15:00:29 -------- d-----w- C:\users\Bob\AppData\Roaming\Audacity

2013-04-07 20:21:34 -------- d-----w- C:\users\Bob\AppData\Roaming\Mp3tag

2013-04-03 10:53:25 -------- d-----w- C:\users\Bob\AppData\Roaming\CyberLink

====== C:\Users\Bob ======

2013-04-29 10:33:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

2013-04-27 19:21:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

2013-04-26 21:01:26 -------- d-s---w- C:\Users\Bob\Google Drive

2013-04-26 20:56:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2013-04-24 15:19:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

2013-04-20 19:40:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-04-18 15:58:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain

2013-04-13 19:05:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

2013-04-07 20:13:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner

2013-04-05 01:06:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2013-04-03 10:53:28 -------- d-----w- C:\Users\Public\CyberLink

2013-04-03 10:52:11 -------- d-----w- C:\ProgramData\CyberLink

2013-04-03 10:50:34 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector

2013-04-03 10:46:30 -------- d-----w- C:\ProgramData\CLSK

====== C: exe-files ==

2013-04-29 07:48:00 5C8BF1592A4582BC4B4ADA1803646ADA 7672792 ----a-w- C:\Users\Bob\AppData\Local\Temp\Foxit Reader Updater.exe

2013-04-27 19:21:52 C17DA0BE97FC9F3C05FDE7BF3C5618D1 96216 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe

2013-04-27 19:21:48 5C8BF1592A4582BC4B4ADA1803646ADA 7672792 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Updater.exe

2013-04-27 19:21:46 0E4F7E2437FC70F9703A424B9DBF163C 33846744 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

2013-04-27 19:21:45 7FC062F566DBEE26A6DF69119C93B7B9 755672 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\UninstallPrint.exe

2013-04-27 19:21:45 0813008B0924F69873BF2F2B1BEFC9CC 60376 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exe

2013-04-27 19:21:42 1F34C47823497A3538D51F2FEC555B58 1904088 ----a-w- C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe

2013-04-24 15:18:34 55A65D7370AD0EADCAC97181539A8F08 25406864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.1.1.1580.exe

2013-04-24 15:14:39 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-04-24 15:14:39 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2013-04-24 15:14:39 43F58F0A466D23A92CE59E24E5DD146D 774600 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-04-24 15:14:39 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-04-24 15:14:38 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-04-24 15:14:38 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-04-24 15:14:38 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-04-24 08:17:28 08998554F2DBE7084AB9C9B21DBC4447 1286039 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe

=== C: other files ==

2013-04-29 16:53:20 A58C71820BB9ECCEB9C2854DB173CA64 220176366 ----a-w- C:\Users\Public\Desktop\sample_20132904_1849.zip

2013-04-29 10:10:48 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bob\AppData\Local\Temp\_MEI39722\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2013-04-29 08:55:02 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Bob\AppData\Local\Temp\_MEI40002\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

2013-04-24 09:46:18 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4016790167-2948697978-3886021624-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"hpqSRMon"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

"AdobeCS5ServiceManager"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeBridge"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Bridge CS5\\Bridge.exe\" -stealth"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Akamai NetSession Interface"

"hkey"="HKCU"

"command"="\"C:\\Users\\Bob\\AppData\\Local\\Akamai\\netsession_win.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avast]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="avast"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\AVAST Software\\Avast\\avastUI.exe\" /nogui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="beid"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HP Software Update"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="hpqSRMon"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MSC"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NokiaSuite.exe"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Sidebar"

"hkey"="HKCU"

"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSDMonitor]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SSDMonitor"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Common Files\\PC Tools\\sMonitor\\SSDMonitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TomTomHOME.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="WinampAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"AdobeAAMUpdater-1.0"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/04/2013 14:18]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/04/2013 17:14]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/04/2013 17:14]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\zvcxkmtw.default

- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

- Clickamp;Clean - %ProfilePath%\extensions\clickclean@hotcleaner.com

- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi

- New Tab Homepage - %ProfilePath%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\zvcxkmtw.default

F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{993963C0-802A-42B8-A5A4-1E12B537BAFB}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{993963C0-802A-42B8-A5A4-1E12B537BAFB} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Bob\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe

C:\Users\Bob\Desktop\Downloads.lnk - R:\Mijn documenten Bob\Mijn ontvangen bestanden

C:\Users\Bob\Desktop\Google Drive.lnk - C:\Users\Bob\Google Drive

C:\Users\Bob\Desktop\Photoshop CS5 (64 Bit).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe

C:\Users\Bob\Desktop\TagScanner.lnk - C:\Program Files (x86)\TagScanner\Tagscan.exe

C:\Users\Bob\Desktop\WakeMeOnLan.exe - Snelkoppeling.lnk - R:\Mijn documenten Bob\Mijn ontvangen bestanden\Wake-sleep on lan\wakemeonlan\WakeMeOnLan.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\CyberLink PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.exe

C:\Users\Public\Desktop\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe

C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk - C:\Windows\System32\fsquirt.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility\Bulk Rename Utility.lnk - C:\Program Files (x86)\Bulk Rename Utility\Bulk Rename Utility.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector\PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\MP3Gain Help.lnk - C:\Program Files (x86)\MP3Gain\MP3Gain.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\MP3Gain.lnk - C:\Program Files (x86)\MP3Gain\MP3GainGUI.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain\Uninstall MP3Gain.lnk - C:\Program Files (x86)\MP3Gain\uninst-mp3gain.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Verwijder Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner\TagScanner on the Web.lnk - C:\Program Files (x86)\TagScanner\Tagscan.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner\TagScanner.lnk - C:\Program Files (x86)\TagScanner\Tagscan.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner\Uninstall TagScanner.lnk - C:\Program Files (x86)\TagScanner\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk - C:\Windows\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Verwijder TomTom HOME 2.lnk - C:\Windows\SysWOW64\msiexec.exe /x {EC5F4C1B-F838-4CB7-8561-8F809296428B}

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Quick Launch ======================

C:\Users\Bob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe

C:\Users\Bob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Users\Bob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

C:\Users\Bob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Bob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Bob\AppData\Local\Mozilla\Firefox\Profiles\zvcxkmtw.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Bob\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

[juisterr]

Upload dit bestand naar Gratis bestanden delen en uploaden via Mijn Bestand! en plaats het linkje in het volgende bericht.

==== Creating Sample_20132904_1849.zip ======================

Copied file C:\Users\Bob\310.70-desktop-win8-win7-winvista-64bit-international-whql.exe to sample

sample\310.70-desktop-win8-win7-winvista-64bit-international-whql.exe renamed to 2C37845F5CBD848AC6F4672CE622490F

C:\Users\Public\Desktop\sample_20132904_1849.zip created successfully

Ps. die missing items zijn niet missing, dat is een bugje van het HJT programma.

[greybob]

Juisterr,

Ik moet ff de rol lossen. U vraagt om "dit" bestand te uploaden. Welk bestand bedoelt u precies?

Grtz.

bOb

[juisterr]

C:\Users\Public\Desktop\sample_20132904_1849.zip staat op je bureaublad.

[greybob]

Was niet vertrouwd met dit prog. Hier de link:

sample_20132904_1849.zip downloaden

Grtz

bOb

[juisterr]

Dank je, ik laat weten wat de eventuele vervolg stap(pen) word(en).

[greybob]

Beste Juisterr,

Kan ik zelf nog iets aanleveren om de oorzaak te helpen vinden?

Dank en groeten,

bOb