(ook) Monstermarketplace verwijderen

Vaatie · 17 juni 2013

Hi, zelfde probleem als http://www.pc-helpforum.be/f163/monstermarketplace-verwijderen-61738/

Log :

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 18:50:40, on 17/06/2013

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

FIREFOX: 21.0 (nl)

Boot mode: Safe mode with network support

Running processes:

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Anne\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe -update activex

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Startup: Dropbox.lnk = Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11872 bytes

Alvast bedankt !

kape · 17 juni 2013

Download AdwCleaner by Xplode naar het bureaublad.

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht.

Vaatie · 18 juni 2013

Hé, thxs voor de snelle respons !

Hier adwcleaner log

# AdwCleaner v2.303 - Verslag gemaakt op 18/06/2013 om 08:56:35

# Geactualiseerd op 08/06/2013 door Xplode

# Besturingssysteem : Windows 7 Home Premium (64 bits)

# Gebruiker : Anne - ANNE-PC

# Opstarten Modus : Veillige modus met netwerk

# Gelanceerd vanaf : C:\Users\Anne\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijderd : C:\END

Map Verwijderd : C:\ProgramData\Babylon

Map Verwijderd : C:\Users\AMBER EN NANDO\AppData\LocalLow\BabylonToolbar

Map Verwijderd : C:\Users\Anne\AppData\Local\Babylon

Map Verwijderd : C:\Users\Anne\AppData\LocalLow\BabylonToolbar

Map Verwijderd : C:\Users\Anne\AppData\Roaming\Babylon

Map Verwijderd : C:\Users\familie\AppData\LocalLow\BabylonToolbar

Map Verwijderd : C:\Users\Gast\AppData\LocalLow\BabylonToolbar

Verwijderd bij het opstarten : C:\Users\Anne\Documents\Inbox

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Sleutel Verwijderd : HKLM\Software\Babylon

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v21.0 (nl)

File : C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [2451 octets] - [18/06/2013 08:56:35]

########## EOF - C:\AdwCleaner[s1].txt - [2511 octets] ##########

kape · 18 juni 2013

En hoe staat het nu met Monstermarketplace ?

Vaatie · 18 juni 2013

Hi, laptop ook nog extreem traag en er verschijnt nog regelmatig fout met script, iets van friendsfinder. Ik post morgen nog beeld van zoeen scriptfout. Grtz & thxs.

kape · 18 juni 2013

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht als bijlage.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
Illegal operation attempted on a registry key that has been marked for deletion.

Vaatie · 19 juni 2013

Hi,

kreeg wel de melding dat Avira nog draaide maar deze heb ik nochtans verwijderd en Avast in de plaats geinstalleerd ?!?

Hier log ComboFix :

ComboFix 13-06-18.02 - Anne 19/06/2013 9:07.1.4 - x64 NETWORK

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.2997.2651 [GMT 2:00]

Gestart vanuit: c:\users\Anne\Downloads\ComboFix.exe

AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\install.exe

c:\users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Repair.lnk

c:\users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk

c:\users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair

c:\users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair\System Repair.lnk

c:\users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair\Uninstall System Repair.lnk

c:\windows\msxml4-KB954430-enu.LOG

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-05-19 to 2013-06-19 ))))))))))))))))))))))))))))))

.

2013-06-19 07:47 . 2013-06-19 07:47 -------- d-----w- c:\users\Gast\AppData\Local\temp

2013-06-19 07:47 . 2013-06-19 07:47 -------- d-----w- c:\users\familie\AppData\Local\temp

2013-06-19 07:47 . 2013-06-19 07:47 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-06-19 07:47 . 2013-06-19 07:47 -------- d-----w- c:\users\Anne\AppData\Local\temp

2013-06-19 07:47 . 2013-06-19 07:47 -------- d-----w- c:\users\AMBER EN NANDO\AppData\Local\temp

2013-06-19 06:14 . 2013-06-19 06:14 -------- d-----w- c:\windows\Sun

2013-06-18 07:30 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-06-18 07:30 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-06-18 07:30 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-06-18 07:30 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-06-18 07:30 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-06-18 07:30 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-06-18 07:30 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-06-18 07:30 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-06-18 07:30 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-06-18 07:29 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr

2013-06-18 07:28 . 2013-06-18 07:28 -------- d-----w- c:\program files\AVAST Software

2013-06-18 07:27 . 2013-06-18 07:28 -------- d-----w- c:\programdata\AVAST Software

2013-06-18 06:56 . 2013-06-18 06:57 97 ----a-w- c:\windows\DeleteOnReboot.bat

2013-06-16 17:52 . 2013-06-16 17:52 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-06-04 16:17 . 2013-06-18 07:05 -------- d-----r- c:\users\Anne\Dropbox

2013-06-04 16:14 . 2013-06-18 07:06 -------- d-----w- c:\users\Anne\AppData\Roaming\Dropbox

2013-05-23 10:18 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys

2013-05-23 10:03 . 2013-05-23 10:03 -------- d-----w- c:\windows\system32\SPReview

2013-05-23 10:02 . 2013-05-23 10:02 -------- d-----w- c:\windows\system32\EventProviders

2013-05-23 07:30 . 2013-05-23 07:30 -------- d-----w- c:\users\Anne\AppData\Local\Mozilla

2013-05-23 07:30 . 2013-05-23 07:30 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2013-05-23 07:09 . 2013-05-23 07:09 -------- d-----w- c:\programdata\AVS4YOU

2013-05-23 07:09 . 2013-05-23 07:09 -------- d-----w- c:\users\Anne\AppData\Roaming\AVS4YOU

2013-05-23 07:09 . 2013-05-23 07:09 -------- d-----w- c:\program files (x86)\AVS4YOU

2013-05-23 07:09 . 2013-05-23 07:09 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia

2013-05-23 07:09 . 2010-05-11 12:17 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll

2013-05-22 08:17 . 2013-05-22 08:17 -------- d-----w- c:\programdata\PC-Doctor for Windows

2013-05-22 08:16 . 2013-05-22 08:17 -------- d-----w- c:\program files\My Dell

2013-05-20 11:53 . 2013-05-20 11:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-20 11:53 . 2013-05-20 11:53 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-20 11:53 . 2013-05-20 11:53 -------- d-----w- c:\windows\system32\Macromed

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-23 10:49 . 2009-07-14 02:36 152064 ----a-w- c:\windows\SysWow64\msclmd.dll

2013-05-23 10:49 . 2009-07-14 02:36 175104 ----a-w- c:\windows\system32\msclmd.dll

2013-05-20 10:32 . 2011-03-20 18:01 75016696 ----a-w- c:\windows\system32\MRT.exe

2013-05-12 13:04 . 2013-05-12 13:04 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-05-12 13:04 . 2013-05-12 13:04 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-12 13:04 . 2013-05-12 13:04 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-05-12 13:04 . 2013-05-12 13:04 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-05-12 13:04 . 2013-05-12 13:04 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-05-12 13:04 . 2013-05-12 13:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-05-12 13:04 . 2013-05-12 13:04 367104 ----a-w- c:\windows\SysWow64\html.iec

2013-05-12 13:04 . 2013-05-12 13:04 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-05-12 13:04 . 2013-05-12 13:04 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2013-05-12 13:04 . 2013-05-12 13:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2013-05-12 13:04 . 2013-05-12 13:04 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-05-12 13:04 . 2013-05-12 13:04 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-05-12 13:04 . 2013-05-12 13:04 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2013-05-12 13:04 . 2013-05-12 13:04 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-05-12 13:04 . 2013-05-12 13:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-05-12 13:04 . 2013-05-12 13:04 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-05-12 13:04 . 2013-05-12 13:04 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2013-05-12 13:04 . 2013-05-12 13:04 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-05-12 13:04 . 2013-05-12 13:04 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2013-05-12 13:04 . 2013-05-12 13:04 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2013-05-12 13:04 . 2013-05-12 13:04 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2013-05-12 13:04 . 2013-05-12 13:04 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2013-05-12 13:04 . 2013-05-12 13:04 1346560 ----a-w- c:\windows\system32\urlmon.dll

2013-05-12 13:04 . 2013-05-12 13:04 85504 ----a-w- c:\windows\system32\jsproxy.dll

2013-05-12 13:04 . 2013-05-12 13:04 222208 ----a-w- c:\windows\system32\msls31.dll

2013-05-12 13:04 . 2013-05-12 13:04 2147840 ----a-w- c:\windows\system32\iertutil.dll

2013-05-12 13:04 . 2013-05-12 13:04 197120 ----a-w- c:\windows\system32\msrating.dll

2013-05-12 13:04 . 2013-05-12 13:04 17817088 ----a-w- c:\windows\system32\mshtml.dll

2013-05-12 13:04 . 2013-05-12 13:04 1392128 ----a-w- c:\windows\system32\wininet.dll

2013-05-12 13:04 . 2013-05-12 13:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-12 13:04 . 2013-05-12 13:04 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-05-12 13:04 . 2013-05-12 13:04 816640 ----a-w- c:\windows\system32\jscript.dll

2013-05-12 13:04 . 2013-05-12 13:04 76800 ----a-w- c:\windows\system32\tdc.ocx

2013-05-12 13:04 . 2013-05-12 13:04 65024 ----a-w- c:\windows\system32\pngfilt.dll

2013-05-12 13:04 . 2013-05-12 13:04 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-05-12 13:04 . 2013-05-12 13:04 49664 ----a-w- c:\windows\system32\imgutil.dll

2013-05-12 13:04 . 2013-05-12 13:04 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-05-12 13:04 . 2013-05-12 13:04 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2013-05-12 13:04 . 2013-05-12 13:04 448512 ----a-w- c:\windows\system32\html.iec

2013-05-12 13:04 . 2013-05-12 13:04 282112 ----a-w- c:\windows\system32\dxtrans.dll

2013-05-12 13:04 . 2013-05-12 13:04 267776 ----a-w- c:\windows\system32\ieaksie.dll

2013-05-12 13:04 . 2013-05-12 13:04 248320 ----a-w- c:\windows\system32\ieui.dll

2013-05-12 13:04 . 2013-05-12 13:04 2312704 ----a-w- c:\windows\system32\jscript9.dll

2013-05-12 13:04 . 2013-05-12 13:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-12 13:04 . 2013-05-12 13:04 163840 ----a-w- c:\windows\system32\ieakui.dll

2013-05-12 13:04 . 2013-05-12 13:04 160256 ----a-w- c:\windows\system32\ieakeng.dll

2013-05-12 13:04 . 2013-05-12 13:04 149504 ----a-w- c:\windows\system32\occache.dll

2013-05-12 13:04 . 2013-05-12 13:04 145920 ----a-w- c:\windows\system32\iepeers.dll

2013-05-12 13:04 . 2013-05-12 13:04 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-05-12 13:04 . 2013-05-12 13:04 12288 ----a-w- c:\windows\system32\mshta.exe

2013-05-12 13:04 . 2013-05-12 13:04 114176 ----a-w- c:\windows\system32\admparse.dll

2013-05-12 13:04 . 2013-05-12 13:04 111616 ----a-w- c:\windows\system32\iesysprep.dll

2013-05-12 13:04 . 2013-05-12 13:04 10925568 ----a-w- c:\windows\system32\ieframe.dll

2013-05-12 13:04 . 2013-05-12 13:04 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2013-05-12 13:04 . 2013-05-12 13:04 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2013-05-12 13:04 . 2013-05-12 13:04 96768 ----a-w- c:\windows\system32\mshtmled.dll

2013-05-12 13:04 . 2013-05-12 13:04 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2013-05-12 13:04 . 2013-05-12 13:04 85504 ----a-w- c:\windows\system32\iesetup.dll

2013-05-12 13:04 . 2013-05-12 13:04 82432 ----a-w- c:\windows\system32\icardie.dll

2013-05-12 13:04 . 2013-05-12 13:04 729088 ----a-w- c:\windows\system32\msfeeds.dll

2013-05-12 13:04 . 2013-05-12 13:04 599040 ----a-w- c:\windows\system32\vbscript.dll

2013-05-12 13:04 . 2013-05-12 13:04 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2013-05-12 13:04 . 2013-05-12 13:04 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2013-05-12 13:04 . 2013-05-12 13:04 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-05-12 13:04 . 2013-05-12 13:04 30720 ----a-w- c:\windows\system32\licmgr10.dll

2013-05-12 13:04 . 2013-05-12 13:04 249344 ----a-w- c:\windows\system32\webcheck.dll

2013-05-12 13:04 . 2013-05-12 13:04 237056 ----a-w- c:\windows\system32\url.dll

2013-05-12 13:04 . 2013-05-12 13:04 165888 ----a-w- c:\windows\system32\iexpress.exe

2013-05-12 13:04 . 2013-05-12 13:04 160256 ----a-w- c:\windows\system32\wextract.exe

2013-05-12 13:04 . 2013-05-12 13:04 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-12 13:04 . 2013-05-12 13:04 103936 ----a-w- c:\windows\system32\inseng.dll

2013-05-01 08:50 . 2012-06-20 08:21 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-04-29 12:29 . 2013-04-29 12:29 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin

2013-04-25 10:34 . 2013-04-25 10:34 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-25 10:34 . 2013-04-25 10:34 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-04-25 10:34 . 2011-05-23 12:03 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-04-12 14:36 . 2013-05-12 12:41 1653096 ----a-w- c:\windows\system32\drivers\ntfs.sys

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-13 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-09-20 560128]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2011-08-01 165184]

.

c:\users\AMBER EN NANDO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

c:\users\familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

c:\users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

Dropbox.lnk - c:\users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R0 aswRvrt;aswRvrt; [x]

R0 aswVmm;aswVmm; [x]

R1 aswSnx;aswSnx; [x]

R1 aswSP;aswSP; [x]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [x]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

R2 aswFsBlk;aswFsBlk; [x]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys;c:\windows\SYSNATIVE\DRIVERS\Acceler.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

Inhoud van de 'Gedeelde Taken' map

.

2013-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-20 11:53]

.

2013-06-18 c:\windows\Tasks\avast! Emergency Update.job

- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-06-18 08:58]

.

2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-13 13:19]

.

2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-13 13:19]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-20 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.be/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.2 195.130.130.130

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab

FF - ProfilePath - c:\users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default\

FF - ExtSQL: 2013-06-18 09:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-06-19 10:11:17

ComboFix-quarantined-files.txt 2013-06-19 08:11

.

Pre-Run: 432.686.796.800 bytes beschikbaar

Post-Run: 435.161.968.640 bytes beschikbaar

.

- - End Of File - - 07336723E28B58752C7AADA768A84512

5C616939100B85E558DA92B899A0FC36

kape · 19 juni 2013

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik op de knop "Options" en vink nu de onderstaande opties aan.
- Installed Programs
- Firefox Look
- Chrome Look
- Firefox Defaults
- Reset Chrome
- Shortcut Fix
- IE Defaults
- Auto Clean
[*] Klik nu op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

Vaatie · 19 juni 2013

Hé, zoek.exe log :

Zoek.exe Version 4.0.0.2 Updated 18-June-2013

Tool run by Anne on wo 19/06/2013 at 14:08:11,41.

Microsoft Windows 7 Home Premium 6.1.7600 x64

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader 9.1.2 - Nederlands

Advanced Audio FX Engine

ATI Catalyst Control Center

avast Free Antivirus

AVS Registry Cleaner 2.2.3.237

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibiliteitspakket voor het 2007 Microsoft Office system

D3DX10

Dell DataSafe Local Backup - Support Software

Dell DataSafe Local Backup

Dell Dock

Dell Edoc Viewer

Dell Getting Started Guide

Dell Webcam Central

Dell Wireless WLAN Card Utility

Dropbox

Google SketchUp 7

Google Toolbar for Internet Explorer

Google Update Helper

Hema Fotoalbum

Java 7 Update 21

Java Auto Updater

Java 6 Update 18 (64-bit)

Junk Mail filter update

Live Cam Avatar Creator

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Mozilla Firefox 21.0 (x86 nl)

Mozilla Maintenance Service

Mozilla Thunderbird (3.1.14)

MSVCRT

MSVCRT_amd64

My Dell

OpenOffice.org 3.2

PowerDVD DX

Quickset64

Roxio Burn

SAMSUNG Mobile USB Modem 1.0 Software

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office Outlook 2007 (KB980376)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB982124)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Skins

Skype Click to Call

SkypeT 6.3

Synaptics Pointing Device Driver

Update for 2007 Microsoft Office System (KB967642)

Update for Outlook 2007 Junk Email Filter (KB2508979)

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

VLC media player 1.0.1

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR

==== FireFox Fix ======================

Deleted from C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions ======================

ProfilePath: C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default

- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==== Firefox Plugins ======================

Profilepath: C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\vu3hdccb.default

ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11

F8EFDCFC440A420D6C1ECD245AB20207 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{737F55F8-D5C9-4664-92EF-7D56BAF0F0D6} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2231284464-3879192972-4008850363-1001\Software\Microsoft\Internet Explorer\SearchScopes\{737F55F8-D5C9-4664-92EF-7D56BAF0F0D6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Anne\Desktop\AVS Registry Cleaner.lnk - C:\Program Files (x86)\AVS4YOU\AVSRegistryCleaner\AVSRegistryCleaner.exe

C:\Users\Anne\Desktop\Canon DIGITAL IXUS 60 - Snelkoppeling.lnk -

C:\Users\Anne\Desktop\Dropbox.lnk - C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Anne\Desktop\Hema Fotoalbum.lnk - C:\Users\Anne\AppData\Local\Hema Fotoalbum\apc.exe

C:\Users\Anne\Desktop\Hema7_NL - Snelkoppeling.lnk - C:\Users\Anne\Pictures\Hema7_NL.exe

C:\Users\Anne\Desktop\IMG_0615 - Snelkoppeling.lnk - C:\Users\Anne\Pictures\verjaardag Dorien\IMG_0615.JPG

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

C:\Users\Public\Desktop\Google SketchUp 7.lnk - C:\Program Files (x86)\Google\Google SketchUp 7\SketchUp.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Users Start Menu ======================

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Uninstall.lnk - C:\Program Files (x86)\AVS4YOU\Uninstall.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Anne\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Anne\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Activation.lnk - C:\Program Files (x86)\AVS4YOU\Registration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Help.lnk - C:\Program Files (x86)\AVS4YOU\AVS4YOUHelp.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\License Agreement.lnk - C:\Program Files (x86)\AVS4YOU\License Agreement.rtf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\System Utilities\AVS Registry Cleaner.lnk - C:\Program Files (x86)\AVS4YOU\AVSRegistryCleaner\AVSRegistryCleaner.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk - C:\Program Files\My Dell\pcdlauncher.exe -lloc dsc

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk - C:\Program Files\My Dell\pcdlauncher.exe -startingpage pccheckup -lloc pccheckup

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk - C:\Windows\Installer\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}\wksss.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\AMBER EN NANDO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\familie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\AMBER EN NANDO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\familie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FD2D54J will be deleted at reboot

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IO4J0IF0 will be deleted at reboot

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3WH18Y3 will be deleted at reboot

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OXRP5SAG will be deleted at reboot

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TS1RY1TC will be deleted at reboot

C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Anne\AppData\Local\Mozilla\Firefox\Profiles\vu3hdccb.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Anne\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FD2D54J" not found

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IO4J0IF0" not found

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3WH18Y3" not found

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OXRP5SAG" not found

"C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TS1RY1TC" not found

"C:\users\AMBER EN NANDO\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DY57FJDD\media.y8.com" not found

"C:\users\AMBER EN NANDO\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DY57FJDD\spiele.1001spiele.at" not found

"C:\users\Anne\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\53HP2WND\1003.easy.agenda.photoconnector.net" not found

"C:\users\Anne\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\53HP2WND\epub02.publitas.nl" not found

==== EOF on wo 19/06/2013 at 16:19:55,49 ======================

kape · 19 juni 2013

Via Configuratiescherm -> Software mag je dit verwijderen: Java 6 Update 18 (64-bit)

Laat dan de speciale Removal Tool van Avira nog even lopen.

En dan de belangrijkste vraag: nog Monstermarketplace-meldingen te zien ?

Inloggen

(ook) Monstermarketplace verwijderen

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie