Ga naar inhoud

Internet irritante reclame :(


timph

Aanbevolen berichten

@ timph,

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

@ timph,

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Hoi, ik heb de tekst gekopiërd van het kladblok wat nu?

Link naar reactie
Delen op andere sites

@ timph,

Selecteer alles, kopie en plak / plaatst in jouw volgende bericht.

zo?:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:26, on 6/08/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Games\Steam\Steam.exe
C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe
C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files (x86)\MaskMyIP\MaskMyIP.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=44444&tt=gc_&babsrc=HP_ss_din2g&mntrId=20D1485B3909254B
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Tim\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tim\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [] C:\Users\Tim\AppData\Roaming\host.exe
O4 - HKCU\..\Run: [RGSC] D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [steam] "D:\Games\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3685974847-3701240896-942846842-1017\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3685974847-3701240896-942846842-1017\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: GamersFirst LIVE!.lnk = Tim\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: GPU Manager.lnk = C:\Windows\System32\Microsoft Coporation\GPU Manager.exe
O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Tim\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14267 bytes

Link naar reactie
Delen op andere sites

Ga naar Start - Alle programma's - Bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.

Tik in: sc stop DefaultTabSearch en druk op Enter.

Tik in: sc delete DefaultTabSearch en druk op Enter.

Tik in: sc stop DefaultTabUpdate en druk op Enter.

Tik in: sc delete DefaultTabUpdate en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search 3909254B

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Tim\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O4 - HKCU\..\Run: [] C:\Users\Tim\AppData\Roaming\host.exe

O20 - AppInit_DLLs:

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 

Vink nu de onderstaande opties aan.

  • HijackThis Log
  • Firefox Look
  • Chrome Look
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Reset Hosts
  • Auto Clean

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hoi, dit is wat het zoek.exe bestand mij vertelde.

Zoek.exe Version 4.0.0.4 Updated 31-07-2013
Tool run by Tim on di 06/08/2013 at 22:39:46,64.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tim\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

6/08/2013 22:40:54 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 

# localhost name resolution is handle within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3685974847-3701240896-942846842-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3685974847-3701240896-942846842-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1E33C672-FD42-47DC-A284-28EB370D147C} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default\prefs.js:
user_pref("browser.search.selectedEngine", "webwebweb");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default

---- Lines Search  removed from prefs.js ----


---- Lines Search  modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\MSN Toolbar\\\\Platform\\\\5.0.1449.0\\\\Firefox\",\"mtime\":1370686962190,\"rdfTime\":1272290838000},\"{27182e60-b5f3-411c-b545-b44205977502}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Microsoft\\\\Search Enhancement Pack\\\\Search Helper\\\\firefoxextension\\\\SearchHelperExtension\",\"mtime\":1370686963018,\"rdfTime\":1263495446000},\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1369242598001,\"rdfTime\":1368089726000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1372613766922,\"rdfTime\":1371557659000}}},{\"name\":\"winreg-app-user\",\"addons\":{\"Tubesaver@istqt.co\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\TubeSaver\\\\122.xpi\",\"mtime\":1373885073109}}},{\"name\":\"app-profile\",\"addons\":{\"battlefieldheroespatcher@ea.com\":{\"descriptor\":\"C:\\\\Users\\\\Tim\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\uzd4qthz.default\\\\extensions\\\\battlefieldheroespatcher@ea.com\",\"mtime\":1373552755798,\"rdfTime\":1373552749762},\"vdpure@link64\":{\"descriptor\":\"C:\\\\Users\\\\Tim\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\uzd4qthz.default\\\\extensions\\\\vdpure@link64.xpi\",\"mtime\":1374601808879},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Tim\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\uzd4qthz.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1375807009616}}}]");

---- Lines Search  removed from user.js ----


---- FireFox user.js and prefs.js backups ---- 

user_20130608_2243_.backup
prefs_20130608_2243_.backup

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\TubeSaver" deleted
"C:\Program Files (x86)\DefaultTab" deleted
"C:\Program Files (x86)\MyPC Backup" deleted
"C:\Program Files (x86)\OApps" deleted
"C:\Users\Tim\AppData\Roaming\Babylon" deleted
"C:\Users\Tim\AppData\Roaming\DefaultTab" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Package Cache" deleted
"C:\Users\Tim\AppData\Local\Bundled software uninstaller" deleted
"C:\Windows\SysWow64\searchplugins" deleted
"C:\Windows\SysWow64\Extensions" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-07-25 08:51:38    332FEAB1435662FC6C672E25BEB37BE3    2871808    ----a-w-    C:\Windows\explorer.backup.exe
2013-07-25 08:46:00    332FEAB1435662FC6C672E25BEB37BE3    2871808    ----a-w-    C:\Windows\explorer_backup.exe
2013-07-24 16:11:56    332FEAB1435662FC6C672E25BEB37BE3    2871808    ----a-w-    C:\Windows\explorer_edit_w7sbc.exe
2013-07-24 16:11:56    332FEAB1435662FC6C672E25BEB37BE3    2871808    ----a-w-    C:\Windows\explorer_backup_w7sbc.exe
2013-07-24 16:03:59    026715650C2A750DCBFA8011191D1E65    925184    ----a-w-    C:\Windows\expstart.exe
2013-07-24 16:02:59    57ABEEBFF1C942D41417FDE7477B25EE    2871808    ----a-w-    C:\Windows\new_explorer.exe
2013-07-24 16:02:59    332FEAB1435662FC6C672E25BEB37BE3    2871808    ----a-w-    C:\Windows\explorer.exe
====== C:\Users\Tim\AppData\Local\Temp ====
2013-07-31 16:13:46    E12E5AACE2482EA38DF2B1F99F934024    40328    ----a-w-    C:\Users\Tim\AppData\Local\Temp\AcDeltree.exe
2013-07-26 19:41:44    E5B43485D986CFECA401F10E9268C85A    515584    ----a-w-    C:\Users\Tim\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-07-26 09:22:42    F4F883EAF7F7413A085D9868511AF8A9    17408    ----a-w-    C:\Users\Tim\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-32-gfea36d9-b2820jnks.dll
====== C:\Windows\SysWOW64 =====
2013-07-31 11:39:21    351D111CD5C5479946EB724DBBB1275E    96168    ----a-w-    C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-07-24 13:29:37    D29E998E8277666982B4F0303BF4E7AF    332288    ----a-w-    C:\Windows\Sysnative\uxtheme.dll.backup
2013-07-24 13:29:35    2C647ABE9A424E55B5F3DAE4629B4277    2851840    ----a-w-    C:\Windows\Sysnative\themeui.dll.backup
2013-07-24 13:29:33    F0344071948D1A1FA732231785A0664C    44544    ----a-w-    C:\Windows\Sysnative\themeservice.dll.backup
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-08-01 15:38:37    --------    d-----w-    C:\Program Files\TeamSpeak 3 Client
2013-07-31 15:59:42    --------    d-----w-    C:\Program Files\Common Files\Macrovision Shared
2013-07-31 15:58:34    --------    d-----w-    C:\Program Files\Common Files\Autodesk Shared
2013-07-31 15:58:34    --------    d-----w-    C:\Program Files\Autodesk
2013-07-29 14:37:08    --------    d-----w-    C:\Program Files\Blender Foundation
2013-07-09 13:08:14    --------    d-----w-    C:\Program Files\AutoHotkey
======= C:\Program Files (x86) =====
2013-08-06 17:57:07    --------    d-----w-    C:\Program Files (x86)\Trend Micro
2013-08-04 16:03:16    --------    d-----w-    C:\Program Files (x86)\MaskMyIP
2013-07-31 16:06:47    --------    d-----w-    C:\Program Files (x86)\Autodesk
2013-07-31 15:59:41    --------    d-----w-    C:\Program Files (x86)\Common Files\Autodesk Shared
2013-07-30 09:20:12    --------    d-----w-    C:\Program Files (x86)\Maxon
2013-07-28 16:10:59    --------    d-----w-    C:\Program Files (x86)\Unity
2013-07-25 08:57:39    --------    d-----w-    C:\Program Files (x86)\Resource Hacker
2013-07-24 19:11:18    --------    d-----w-    C:\Program Files (x86)\MSECache
2013-07-17 09:12:08    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-07-17 09:07:49    --------    d-----w-    C:\Program Files (x86)\Eidos
2013-07-13 12:46:17    --------    d-----w-    C:\Program Files (x86)\Common Files\BinarySense
2013-07-13 12:46:17    --------    d-----w-    C:\Program Files (x86)\BinarySense
2013-07-08 19:27:39    --------    d-----w-    C:\Program Files (x86)\Technitium
2013-07-08 15:14:41    --------    d-----w-    C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-07-08 12:57:22    --------    d-----w-    C:\Program Files (x86)\SplitMediaLabs
======= C: =====
====== C:\Users\Tim\AppData\Roaming ======
2013-08-04 16:03:20    --------    d-----w-    C:\users\Tim\AppData\Roaming\MaskMyIP
2013-08-01 15:38:47    --------    d-----w-    C:\users\Tim\AppData\Roaming\TS3Client
2013-07-31 16:14:01    --------    d-----w-    C:\users\Tim\AppData\Local\Autodesk
2013-07-31 15:39:48    --------    d-----w-    C:\users\Tim\AppData\Roaming\Autodesk
2013-07-31 15:38:41    --------    d-----w-    C:\users\Tim\AppData\Local\Akamai
2013-07-30 09:17:50    --------    d-----w-    C:\users\Tim\AppData\Roaming\MAXON
2013-07-29 14:45:08    --------    d-----w-    C:\users\Tim\AppData\Roaming\Blender Foundation
2013-07-28 17:58:57    --------    d-----w-    C:\users\Tim\AppData\Roaming\stetic
2013-07-28 17:58:53    --------    d-----w-    C:\users\Tim\AppData\Roaming\MonoDevelop-Unity-2.8
2013-07-28 17:58:51    --------    d-----w-    C:\users\Tim\AppData\Local\MonoDevelop-Unity-2.8
2013-07-28 09:42:05    --------    d-----w-    C:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-07-24 17:28:35    --------    d-----w-    C:\users\Tim\AppData\Roaming\.minecraft
2013-07-24 16:20:56    64DDAE7B601076F1D362EC2FCDA0D559    132    ----a-w-    C:\users\Tim\AppData\Roaming\Adobe BMP Format CC Prefs
2013-07-18 17:15:10    --------    d-----w-    C:\users\Tim\AppData\Local\ElevatedDiagnostics
2013-07-16 17:36:23    --------    d-----w-    C:\users\Tim\AppData\Roaming\Unity
2013-07-16 17:34:47    --------    d-----w-    C:\users\Tim\AppData\Locallow\Unity
2013-07-16 17:34:47    --------    d-----w-    C:\users\Tim\AppData\Local\Unity
2013-07-13 12:46:21    --------    d-----w-    C:\users\Tim\AppData\Roaming\BinarySense
2013-07-12 15:37:53    13939D6336670E87F2773F038D3CE82C    132    ----a-w-    C:\users\Tim\AppData\Roaming\Adobe PNG Format CC Prefs
2013-07-11 19:01:05    --------    d-----w-    C:\users\Tim\AppData\Locallow\Adobe
2013-07-08 15:31:28    --------    d--h--r-    C:\users\Tim\AppData\Roaming\SecuROM
2013-07-08 15:17:28    --------    d-----w-    C:\users\Tim\AppData\Local\Rockstar Games
2013-07-08 12:57:39    --------    d-----w-    C:\users\Tim\AppData\Local\SplitMediaLabs
2013-07-08 12:56:52    --------    d-----w-    C:\users\Tim\AppData\Roaming\SplitMediaLabs
====== C:\Users\Tim ======
2013-08-04 16:03:20    --------    d-----w-    C:\ProgramData\MaskMyIP
2013-08-04 16:03:17    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mask My IP
2013-08-02 07:55:23    583611402D046E76C6B1FD10AAF53E20    640000    ----a-w-    C:\Users\Tim\Downloads\Bunch'o'hair_[www.unknowncheats.me]_(1).exe
2013-08-01 15:38:38    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-08-01 15:33:40    E403E6F9894DAB876661326BCC765DE5    36202272    ----a-w-    C:\Users\Tim\Downloads\TeamSpeak3-Client-win64-3.0.11.exe
2013-07-31 16:14:02    --------    d-----w-    C:\ProgramData\FLEXnet
2013-07-31 15:59:41    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2013-07-31 15:39:48    --------    d-----w-    C:\ProgramData\Autodesk
2013-07-31 15:38:15    F7203B0D4A207438811CD8041F47A0BE    11463040    ----a-w-    C:\Users\Tim\Downloads\Autodesk_Maya_2014_wi_en-US_Setup.exe
2013-07-31 10:46:17    74C56F72C53AB7709AEFA4E4ADA5BB1A    3582864    ----a-w-    C:\Users\Tim\Downloads\GhostReconOnline_Setup(EU).exe
2013-07-31 10:45:50    71A1C0DF06BFBB3B0739A8B2F6C33591    1068184    ----a-w-    C:\Users\Tim\Downloads\setup.exe
2013-07-30 19:05:16    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Users\Tim\Downloads\Bunch'o'hair_[www.unknowncheats.me]_.exe
2013-07-29 14:37:25    --------    d-----w-    C:\Users\Tim\.thumbnails
2013-07-29 14:37:20    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2013-07-29 14:35:46    50EE496A2AEB72835768190CEE3D61CD    50488341    ----a-w-    C:\Users\Tim\Downloads\blender-2.68a-windows64.exe
2013-07-28 16:25:06    --------    d-----w-    C:\ProgramData\Unity
2013-07-28 16:25:06    --------    d-----w-    C:\ProgramData\Microsoft Corporation LTD
2013-07-28 16:16:09    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2013-07-26 20:26:27    24429F04B410172169C19574E017E461    5127312    ----a-w-    C:\Users\Tim\Desktop\LaunchGTAIV.exe
2013-07-25 08:57:39    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2013-07-25 08:46:00    --------    d-----w-    C:\ProgramData\Start Orb Manager
2013-07-17 09:11:25    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
2013-07-16 17:53:22    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2013-07-13 12:46:19    --------    d---a-w-    C:\ProgramData\TEMP
2013-07-13 12:46:19    --------    d-----w-    C:\ProgramData\Licenses
2013-07-13 12:46:17    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDDlife
2013-07-11 14:54:38    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2013-07-11 13:17:43    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cherry De Games
2013-07-11 07:54:26    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-09 13:08:14    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2013-07-08 19:27:41    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6
2013-07-08 17:38:49    --------    d-sh--w-    C:\ProgramData\SecuROM
2013-07-08 15:20:36    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2013-07-08 14:38:10    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2013-07-08 12:57:22    --------    d-----w-    C:\ProgramData\SplitMediaLabs
2013-07-08 12:57:22    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

====== C: exe-files ==
2013-08-04 16:03:17    A5CF1CC8E990D8551A141ED78E83E0B9    60449    ----a-w-    C:\Program Files (x86)\MaskMyIP\uninst.exe
2013-08-04 16:03:03    ACBF41DD4355F6B90A2CFB444E234795    4764491    ----a-w-    C:\Users\Tim\Downloads\s16mathers_MaskMyIP\Mask My IP v2.2.3.6 patch RES\MaskMyIP-2.2.3.6.Setup.exe
2013-08-04 16:03:03    423FF41F40FCAD9DA35C28229877F3A7    616960    ----a-w-    C:\Users\Tim\Downloads\s16mathers_MaskMyIP\Mask My IP v2.2.3.6 patch RES\Mask.My.Ip.v2.2.3.x.generic-patch.exe
2013-08-04 16:01:33    687946D047308D252783182F972229A1    2040016    ----a-w-    C:\ProgramData\NVIDIA\Updatus\Packages\000044ea\dao.16585357.exe
2013-08-02 07:55:23    583611402D046E76C6B1FD10AAF53E20    640000    ----a-w-    C:\Users\Tim\Downloads\Bunch'o'hair_[www.unknowncheats.me]_(1).exe
2013-08-01 15:38:38    6E18E85B165C73BC018D4A82E906E44D    126204    ----a-w-    C:\Program Files\TeamSpeak 3 Client\Uninstall.exe
2013-08-01 15:33:40    E403E6F9894DAB876661326BCC765DE5    36202272    ----a-w-    C:\Users\Tim\Downloads\TeamSpeak3-Client-win64-3.0.11.exe
2013-08-01 15:07:10    6F0A88EF4278F37B52C351EE460763CF    776192    ----a-w-    C:\Users\Tim\Downloads\Bunch'o'Hair_mpgh.net\Bunch'o'Hair.exe
2013-07-31 16:13:46    E12E5AACE2482EA38DF2B1F99F934024    40328    ----a-w-    C:\Users\Tim\AppData\Local\Temp\AcDeltree.exe
2013-07-31 15:59:42    ECC329F6104EE208C24C4A8C1B4A9D14    1471352    ----a-w-    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
2013-07-31 15:39:06    9BD2E3C86EFAAD38D9230445462361B7    4415736    ----a-w-    C:\Users\Tim\AppData\Local\Akamai\ControlPanel.exe
2013-07-31 15:38:57    EE021F352F3D2CC51536450AAEFD7201    10028936    ----a-w-    C:\Users\Tim\AppData\Local\Akamai\netsession_installer.exe
2013-07-31 15:38:15    F7203B0D4A207438811CD8041F47A0BE    11463040    ----a-w-    C:\Users\Tim\Downloads\Autodesk_Maya_2014_wi_en-US_Setup.exe
2013-07-31 10:46:49    EE2F024F1139AA3AA4C4E56B717BECC3    757304    ------w-    C:\Users\Tim\AppData\Local\Apps\2.0\47WY71YH.PEZ\ZJ8HJ7LP.3CY\laun...app_59711684aa47878d_0001.0021_75874090487f0510\Uninstaller.exe
2013-07-31 10:46:49    DC6F4D4150280DCD4D51C24D2ADC7835    1643576    ------w-    C:\Users\Tim\AppData\Local\Apps\2.0\47WY71YH.PEZ\ZJ8HJ7LP.3CY\laun...app_59711684aa47878d_0001.0021_75874090487f0510\Launcher.exe
2013-07-31 10:46:49    4E8842EB96CF42CADB2725E0BFA46876    34872    ------w-    C:\Users\Tim\AppData\Local\Apps\2.0\47WY71YH.PEZ\ZJ8HJ7LP.3CY\laun...app_59711684aa47878d_0001.0021_75874090487f0510\LauncherReporter.exe
2013-07-31 10:46:17    74C56F72C53AB7709AEFA4E4ADA5BB1A    3582864    ----a-w-    C:\Users\Tim\Downloads\GhostReconOnline_Setup(EU).exe
2013-07-31 10:45:50    71A1C0DF06BFBB3B0739A8B2F6C33591    1068184    ----a-w-    C:\Users\Tim\Downloads\setup.exe
2013-07-31 09:23:22    78013EAD3ADF4FB1EB6C33D3D0B2182D    2004104    ----a-w-    C:\ProgramData\NVIDIA\Updatus\Packages\00004447\dao.16557018.exe
=== C: other files ==
2013-08-06 15:28:48    88B7372FB68F60A89EFCF94B52C9D0C7    1127902    ----a-w-    C:\Users\Tim\Downloads\57h88dl8hq-roadelements(1).zip
2013-08-05 16:29:24    88B7372FB68F60A89EFCF94B52C9D0C7    1127902    ----a-w-    C:\Users\Tim\Downloads\57h88dl8hq-roadelements.zip
2013-08-05 13:35:42    9D90F5AA1AFCE795D53AB12F954DAA1F    833971    ----a-w-    C:\Users\Tim\Downloads\R.GEN.1.1.Supercaly.zip
2013-08-01 15:07:00    9063EE5C30888B17456E452247188AFB    771678    ----a-w-    C:\Users\Tim\Downloads\Bunch'o'Hair_mpgh.net.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3685974847-3701240896-942846842-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"uTorrent"="C:\Users\Tim\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"RGSC"="D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Steam"="D:\Games\Steam\Steam.exe -silent"
"Akamai NetSession Interface"="C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe"

[HKEY_USERS\S-1-5-21-3685974847-3701240896-942846842-1017\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3685974847-3701240896-942846842-1017\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Bing Bar"="C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"uTorrent"="C:\Users\Tim\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"RGSC"="D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Steam"="D:\Games\Steam\Steam.exe -silent"
"Akamai NetSession Interface"="C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"GPU Manager"="C:\Windows\System32\GPU\System 32 - GPU Booster.exe"

==== Startup Folders ======================

2013-07-28 16:25:06    1149    ----a-w-    C:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GPU Manager.lnk
2013-07-13 12:46:22    1212    ----a-w-    C:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/06/2013 19:52]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2013 18:56]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2013 18:56]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default
- Battlefield Heroes Updater - %ProfilePath%\extensions\battlefieldheroespatcher@ea.com
- Video Downloader pure - %ProfilePath%\extensions\vdpure@link64.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default
D7324EB1EDCB8990F8522DE0311359E9    - C:\Windows\SysWOW64\npDeployJava1.dll -    Java Deployment Toolkit 7.0.250.17
07FAA8B85F81784DEC315E04E5852F2F    - C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -    Unity Player
AA2B0803778428522D1CF29EF5AC2DDB    - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\uzd4qthz.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll -    EA Battlefield Heroes Updater
3D76B5C0E02ECC19C1F5756E8FD97F72    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll -    Shockwave Flash
15E298B5EC5B89C5994A59863969D9FF    - C:\Windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
foeonbigljkdkcepilfdopmaepmpcgbl - C:\Program Files (x86)\OApps\chrome-sl.crx[]
kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[]
lkojdlfbcgjhhjmdgdbbbbbnfjpepbcj - C:\Program Files (x86)\TubeSaver\122.crx[]

Google Docs - Tim - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Tim - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Tim - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Tim - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Select Links App - Tim - Default\Extensions\foeonbigljkdkcepilfdopmaepmpcgbl
AdBlock - Tim - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
DefaultTab - Tim - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
TubeSaver - Tim - Default\Extensions\lkojdlfbcgjhhjmdgdbbbbbnfjpepbcj
Gmail - Tim - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\foeonbigljkdkcepilfdopmaepmpcgbl deleted successfully
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage-journal deleted successfully
C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkojdlfbcgjhhjmdgdbbbbbnfjpepbcj deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{2C5586E7-23A5-44CF-89B8-46E574311674} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Tim\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\foeonbigljkdkcepilfdopmaepmpcgbl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lkojdlfbcgjhhjmdgdbbbbbnfjpepbcj deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tim\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [steam] "D:\Games\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Tim\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3685974847-3701240896-942846842-1017\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3685974847-3701240896-942846842-1017\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: GamersFirst LIVE!.lnk = Tim\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: GPU Manager.lnk = C:\Windows\System32\Microsoft Coporation\GPU Manager.exe
O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HEWVGTG will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TCV8Q8Q will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50L0X312 will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6C1312C6 will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A7YVQCHW will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G14HHEET will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PEJ88JXC will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDDC5G1U will be deleted at reboot
C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJHIPKRO will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Tim\AppData\Local\Mozilla\Firefox\Profiles\uzd4qthz.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Tim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Tim\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HEWVGTG" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TCV8Q8Q" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50L0X312" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6C1312C6" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A7YVQCHW" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G14HHEET" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PEJ88JXC" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDDC5G1U" not found
"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJHIPKRO" not found

==== EOF on di 06/08/2013 at 22:48:10,91 ======================

aangepast door kape
quote verwijderd
Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.