Ga naar inhoud

QVO6 (kopie)


Aanbevolen berichten

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Hier het logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:36:08, on 12/08/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe

C:\Users\Mounier en Charlotte\AppData\Local\Softonic\Softonic.exe

C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120910195201.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

O4 - HKCU\..\Run: [spotify] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\Mounier en Charlotte\AppData\Local\Softonic\Softonic.exe" -minimize

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Mounier en Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 16470 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)

O3 - Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)

O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\Mounier en Charlotte\AppData\Local\Softonic\Softonic.exe" –minimize

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 
[b]C:\Users\Mounier en Charlotte\AppData\Local\Softonic;fs[/b]

Vink nu de onderstaande opties aan.

  • HijackThis Log
  • Firefox Look
  • Chrome Look
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Bij deze:

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Mounier en Charlotte on di 13/08/2013 at 17:01:06,95.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mounier en Charlotte\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

13/08/2013 17:03:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33E81A58-D133-4552-B3A8-ECDC1DD9047A} deleted successfully

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F558494-F7B3-4B38-BF84-50A8732F799C} deleted successfully

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} deleted successfully

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Mounier en Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131\prefs.js:

user_pref("browser.startup.homepage", "www.facebook.com|www.twitter.com|www.google.be|www.clwr.smartschool.be");

Added to C:\Users\Mounier en Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.facebook.com/");

user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=119776&babsrc=NT_ss&mntrId=a887d20000000000000070f1a1f556da");

user_pref("browser.search.defaultengine", "Ask.com");

user_pref("browser.search.defaultenginename", "Ask.com");

user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

user_pref("browser.search.order.1", "Ask.com");

user_pref("extensions.asktb.ff-original-keyword-url", "http://dts.search-results.com/sr?src=ffb&appid=1175&systemid=1&sr=0&q=");

user_pref("keyword.URL", "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=24F29A7F-33FB-4EF9-803E-3006F7E061E8&apn_ptnrs=&apn_sauid=6DB7F4C6-58C8-4143-A3A9-C1A052E8E436&apn_dtid=OSJ000&&q=");

Added to C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("extensions.asktb.ff-original-keyword-url", "http://dts.search-results.com/sr?src=ffb&appid=1175&systemid=1&sr=0&q=");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Mounier en Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131

user.js not found

---- Lines Search removed from prefs.js ----

---- Lines Search modified from prefs.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines asktb removed from prefs.js ----

---- Lines asktb modified from prefs.js ----

---- Lines crossrider removed from prefs.js ----

---- Lines crossrider modified from prefs.js ----

---- Lines Search-Results removed from prefs.js ----

---- Lines Search-Results modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131308_1706_.backup

ProfilePath: C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default

user.js not found

---- Lines Search removed from prefs.js ----

---- Lines Search modified from prefs.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines asktb removed from prefs.js ----

user_pref("extensions.asktb.ff-original-keyword-url", "http://dts.search-results.com/sr?src=ffb&appid=1175&systemid=1&sr=0&q=");

---- Lines asktb modified from prefs.js ----

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "1400c6f292dda6e3f6c57395cf144454");

---- Lines crossrider modified from prefs.js ----

---- Lines Search-Results removed from prefs.js ----

---- Lines Search-Results modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131308_1706_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Camdata.ini" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\CamLayout.ini" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\CamShapes.ini" deleted

"C:\extensions.sqlite" deleted

"C:\Users\Mounier en Charlotte\Downloads\SoftonicDownloader_voor_aviaddxsubs.exe" deleted

"C:\Users\Mounier en Charlotte\Downloads\SoftonicDownloader_voor_vso-convertxtodvd.exe" deleted

"C:\Users\Mounier en Charlotte\Downloads\SoftonicDownloader_voor_winrar.exe" deleted

"C:\windows\SysNative\Tasks\DSite" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\Windows\tasks\DSite.job" deleted

"C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\bprotector_extensions.sqlite" deleted

"C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\bprotector_prefs.js" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Garmin" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Nuance" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\Softonic" deleted

"C:\Windows\syswow64\appdata" deleted

"C:\Program Files (x86)\TornTV.com" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files (x86)\Common Files\337" deleted

"C:\Program Files (x86)\iMesh Applications" deleted

"C:\Program Files (x86)\OApps" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\eIntaller" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Babylon" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Ask" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Wincert" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\Softonic" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\hosts" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\PackageAware" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\Conduit" deleted

"C:\Users\Mounier en Charlotte\AppData\LocalLow\searchresultstb" deleted

"C:\Users\Mounier en Charlotte\AppData\LocalLow\DataMngr" deleted

"C:\Users\Mounier en Charlotte\AppData\LocalLow\Conduit" deleted

"C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\koyotesofttoolbarnew" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\MOUNIE~1\AppData\Local\Temp ====

2013-08-09 20:58:54 BFB04AEFB1C44F7D64F5E67B2AACE544 26372352 ----a-w- C:\Users\MOUNIE~1\AppData\Local\Temp\Softonic_NL_1-5-0.exe

====== C:\Windows\SysWOW64 =====

2013-08-09 21:10:30 FFFAAEF7265285A274C3535B65238693 208935 ----a-w- C:\Windows\SysWOW64\drv33260.dll

2013-08-09 21:10:30 CB4CC3D4EA7C94A35F1D81C3D750BC8D 626688 ----a-w- C:\Windows\SysWOW64\vp7vfw.dll

2013-08-09 21:10:30 79D15C3C4C03674FB88A95D8AFD470FE 273408 ----a-w- C:\Windows\SysWOW64\Pncrt.dll

2013-08-09 21:10:30 711DBC8F0A5D89A2C946C33F2D717C75 217127 ----a-w- C:\Windows\SysWOW64\drv43260.dll

2013-08-09 21:10:30 5FB0F4D86C76470E559CFC0A320B2D35 102439 ----a-w- C:\Windows\SysWOW64\sipr3260.dll

2013-08-09 21:10:30 3E1054C32532E726D9DAF20FA9048BE8 65602 ----a-w- C:\Windows\SysWOW64\cook3260.dll

2013-08-09 21:10:30 2BF29D229C9F685031945E77E6BABD34 176165 ----a-w- C:\Windows\SysWOW64\drv23260.dll

2013-08-09 21:10:29 6D22E6E5F03CDA4EEBED1E68CCAA1695 1184984 ----a-w- C:\Windows\SysWOW64\wvc1dmod.dll

2013-08-09 20:29:48 CFF867572B44212B01B711C1FA009537 101888 ----a-w- C:\Windows\SysWOW64\VB6STKIT.DLL

2013-08-09 20:29:48 C033C7EDA0E4D5B220CD3826CD0F49F0 15360 ----a-w- C:\Windows\SysWOW64\inetfr.DLL

2013-08-09 20:29:48 40D81470A19269D88BF44E766BE7F84A 115920 ----a-w- C:\Windows\SysWOW64\msinet.OCX

2013-08-09 20:29:47 F2E571C8F4858F404B37BF316CC9CDF2 141312 ----a-w- C:\Windows\SysWOW64\MSCMCFR.DLL

2013-08-09 20:29:47 DCBDCF28CBCF51EFE6D26BA3E05D734F 119568 ----a-w- C:\Windows\SysWOW64\VB6FR.DLL

2013-08-09 20:29:47 AB412429F1E5FB9708A8CDEA07479099 152848 ----a-w- C:\Windows\SysWOW64\COMDLG32.OCX

2013-08-09 20:29:47 A23596F0A33BFF856F6A48A5EC13B4A1 32768 ----a-w- C:\Windows\SysWOW64\CMDLGFR.DLL

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-07 15:03:08 -------- d-----w- C:\Program Files\WinRAR

2013-08-07 14:49:51 -------- d-----w- C:\Program Files\Ondertitels bij DVD

2013-08-07 14:28:27 -------- d-----w- C:\Program Files\PowerTab

2013-08-06 12:04:52 -------- d-----w- C:\Program Files\SRT to SSA

2013-08-06 11:59:36 -------- d-----w- C:\Program Files\Virtual Dub

======= C:\Program Files (x86) =====

2013-08-12 08:33:19 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-09 20:59:40 -------- d-----w- C:\Program Files (x86)\VSO

2013-08-09 20:29:20 -------- d-----w- C:\Program Files (x86)\Free Videos To DVD

2013-08-09 20:23:36 -------- d-----w- C:\Program Files (x86)\Gabest

2013-08-09 20:23:17 -------- d-----w- C:\Program Files (x86)\WinAVI

2013-08-06 11:27:43 -------- d-----w- C:\Program Files (x86)\FreeTime

======= C: =====

====== C:\Users\Mounier en Charlotte\AppData\Roaming ======

2013-08-10 12:52:29 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\RapidTyping

2013-08-09 21:11:44 4CAA8925D39B1CD9E90C28D3D98F9DA7 1189 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\vso_ts_preview.xml

2013-08-09 21:05:40 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Local\CrashRpt

2013-08-09 20:59:54 AF7CE12C4F3DC8CB2B07685C916BBCFE 82816 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\pcouffin.sys

2013-08-09 20:59:54 7F13C6D2AE5F9D8B41E9D7D6CAD16EAA 1167 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\pcouffin.inf

2013-08-09 20:59:54 1E7BDB2AC98BCE13AE85C0F6DB1ECCB8 7859 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\pcouffin.cat

2013-08-09 20:59:54 16E53BFC96CE14021C0E07EB1C198478 99384 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\inst.exe

2013-08-09 20:59:54 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\Vso

2013-08-09 20:29:55 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\FreeMoviesToDVD

2013-08-09 20:23:45 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\WinAVI

2013-08-09 20:23:45 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Local\WinAVI

2013-08-07 15:03:21 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\WinRAR

2013-08-07 15:03:21 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-08-06 11:38:32 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\Radiocom

2013-08-06 11:38:31 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Local\Radiocom

2013-08-06 11:27:51 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

2013-08-06 11:18:34 -------- d-----w- C:\users\Mounier en Charlotte\AppData\Local\Rich Media Player

====== C:\Users\Mounier en Charlotte ======

2013-08-10 12:55:55 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Mounier en Charlotte\Downloads\adwcleaner.exe

2013-08-10 12:52:29 -------- d-----w- C:\ProgramData\RapidTyping

2013-08-10 11:55:51 -------- d-----w- C:\ProgramData\vsosdk

2013-08-09 21:10:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO

2013-08-09 21:04:49 4F7D390B1492836C7DBA3C64FC16D868 264760 ----a-w- C:\Users\Mounier en Charlotte\Downloads\VSO_Software_ConvertXtoDVD_4.v4.1.10.exe

2013-08-09 20:59:40 -------- d-----w- C:\ProgramData\VSO

2013-08-09 20:28:30 4FECE2B2413CC2B773D11368B9553240 1024211 ----a-w- C:\Users\Mounier en Charlotte\Downloads\NoMoneyFreeVideosToDVDSetupstub.exe

2013-08-09 20:26:29 2C6ADB80DBFFC7125659C4AF0C3FB793 31727168 ----a-w- C:\Users\Mounier en Charlotte\Downloads\vsoConvertXtoDVD5_setup.exe

2013-08-09 20:23:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub

2013-08-09 20:20:55 5D40396F076D9751150E975EE90DB1BE 734160 ----a-w- C:\Users\Mounier en Charlotte\Downloads\VobSub_2.23.exe

2013-08-09 20:20:51 DDE69496533EC03CF571D7764B7E15D4 18903019 ----a-w- C:\Users\Mounier en Charlotte\Downloads\WinAVI_Video_Converter.exe

2013-08-08 12:12:33 -------- d-----w- C:\Users\Mounier en Charlotte\RichMedia

2013-08-07 15:03:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-08-06 12:01:29 140991020105EE70FE70F9F658537DE2 426064 ----a-w- C:\Users\Mounier en Charlotte\Downloads\SRTtoSSA_v10zip.exe

2013-08-06 11:24:43 5B144738E4231221A2DD24429964B9F5 489520 ----a-w- C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd(1).exe

2013-08-06 11:14:36 5B144738E4231221A2DD24429964B9F5 489520 ----a-w- C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd.exe

====== C: exe-files ==

2013-08-10 12:55:55 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Mounier en Charlotte\Downloads\adwcleaner.exe

2013-08-09 21:23:10 4A8FB5BAE7085420D55C6F46ADAF9F5F 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IS7R8SP.exe

2013-08-09 21:22:55 0F27F40AA5DFBA2BF2FEB332450B5E63 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$IN391XX.exe

2013-08-09 21:10:32 18D4A023842DC83FC6615A63B571C933 2002944 ----a-w- C:\Program Files (x86)\VSO\ConvertX\4\lang\EditLoc.exe

2013-08-09 21:10:30 9338A77C9FA83B346D3C32B0CE76DB52 2279464 ----a-w- C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe

2013-08-09 21:10:28 76602A62685B9A1F88FD0692C86447F6 1158472 ----a-w- C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe

2013-08-09 21:10:28 1096E1AF36A8E19D4AC1CA2664D09A99 9862944 ----a-w- C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe

2013-08-09 21:10:00 D81F1B9D8A021A2F1C4F9E6D529B0E96 19652944 ----a-w- C:\Users\Mounier en Charlotte\Desktop\ConvertXtoDVD 4.v4.1.10.348\vsoConvertXtoDVD4_setup.exe

2013-08-09 21:08:10 8E390845A88CB1E0406CE350F570CF4B 10434864 ----a-w- C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5KCXY09F\component_libcef_1.1364.1123[1].exe

2013-08-09 21:07:31 361ED14144827F528A83F0C5A7DF5A92 1238504 ----a-w- C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7TPJ8D1B\WebCakesetup[1].exe

2013-08-09 21:07:16 0F363DBC0B2CE13955D0491388460568 260800 ----a-w- C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QEPR6KD\torntvdownloader[1].exe

2013-08-09 21:04:49 4F7D390B1492836C7DBA3C64FC16D868 264760 ----a-w- C:\Users\Mounier en Charlotte\Downloads\VSO_Software_ConvertXtoDVD_4.v4.1.10.exe

2013-08-09 20:59:54 16E53BFC96CE14021C0E07EB1C198478 99384 ----a-w- C:\Users\Mounier en Charlotte\AppData\Roaming\inst.exe

2013-08-09 20:59:43 AEF63EC338CCACF90D7E8A8170F4C641 1476920 ----a-w- C:\Program Files (x86)\VSO\common\VsoRep\vsorep.exe

2013-08-09 20:58:54 D9B947D9801057CFFDCE1346F85411CD 27915808 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$RS7R8SP.exe

2013-08-09 20:58:54 BFB04AEFB1C44F7D64F5E67B2AACE544 26372352 ----a-w- C:\Users\Mounier en Charlotte\AppData\Local\Temp\Softonic_NL_1-5-0.exe

2013-08-09 20:29:51 834B61217016A3C9BD91F6B408CE7B80 129301 ----a-w- C:\Program Files (x86)\Free Videos To DVD\Uninstall.exe

2013-08-09 20:28:30 4FECE2B2413CC2B773D11368B9553240 1024211 ----a-w- C:\Users\Mounier en Charlotte\Downloads\NoMoneyFreeVideosToDVDSetupstub.exe

2013-08-09 20:26:29 2C6ADB80DBFFC7125659C4AF0C3FB793 31727168 ----a-w- C:\Users\Mounier en Charlotte\Downloads\vsoConvertXtoDVD5_setup.exe

2013-08-09 20:20:55 5D40396F076D9751150E975EE90DB1BE 734160 ----a-w- C:\Users\Mounier en Charlotte\Downloads\VobSub_2.23.exe

2013-08-09 20:20:51 DDE69496533EC03CF571D7764B7E15D4 18903019 ----a-w- C:\Users\Mounier en Charlotte\Downloads\WinAVI_Video_Converter.exe

2013-08-09 11:58:48 5F81D016A839439529D613BA0CCEF951 219456 ----atw- C:\Users\Mounier en Charlotte\AppData\Local\Temp\{14E4D10A-A33D-487B-B24B-D4765415FA04}\setup.exe

2013-08-07 15:03:09 7BD9CA6D982EC421C09DA80A7EC6B8A0 135168 ----a-w- C:\Program Files\WinRAR\Uninstall.exe

2013-08-07 15:03:09 5AA8E9DDD2A35F9AE8D9C131906B1617 282624 ----a-w- C:\Program Files\WinRAR\UnRAR.exe

2013-08-07 15:03:09 3C173AF2A515B72EDCB3B58D55C0F3AF 424448 ----a-w- C:\Program Files\WinRAR\Rar.exe

2013-08-07 15:03:09 16982BD2722C25B6EDA9ECD96AAB1FDE 55296 ----a-w- C:\Program Files\WinRAR\Formats\ace32loader.exe

2013-08-07 15:03:09 0289426F325F796121CA1AAC3E605C73 1219072 ----a-w- C:\Program Files\WinRAR\WinRAR.exe

2013-08-07 15:02:32 FEBF89F8F510DAFB0985581AAB2A4A77 1639789 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$RN391XX.exe

=== C: other files ==

2013-08-10 12:49:45 81E1D982BF67BB23723CDFCA1DA72650 218 ----a-w- C:\Users\Mounier en Charlotte\Desktop\Oude Firefox-gegevens\CT2504091\toolbarImages\storage.conduit.com

2013-08-09 20:59:54 AF7CE12C4F3DC8CB2B07685C916BBCFE 82816 ----a-w- C:\Users\Mounier en Charlotte\AppData\Roaming\pcouffin.sys

2013-08-07 15:07:08 FE093FA529D15949C10AABC5FB868760 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$I20PK3W.zip

2013-08-07 14:45:42 4F0849A4922ADCE22714F3884F008879 907946 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-697365305-3729413489-3807942375-1000\$R20PK3W.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Spotify Web Helper"="C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

"Spotify"="C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

"Uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"

"Spotify Web Helper"="C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

"Spotify"="C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

"Uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

==== Startup Folders ======================

2012-03-11 19:18:57 1028 ----a-w- C:\users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2012-03-11 09:47:54 2048 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

2010-09-26 11:21:38 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/06/2013 13:49]

C:\Windows\tasks\HPCeeScheduleForMounier en Charlotte.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 12:53]

C:\Windows\tasks\HPCeeScheduleForMOUNIERENCHARLO$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [05/01/2010 12:53]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default

- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

- Search-Results Toolbar - %ProfilePath%\extensions\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mounier en Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131

AE7B288233C212C62CD544BF768C45E6 - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director

3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash

66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default\extensions\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]

doagiokpgboiomffjfhaiimafndmmpni - C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[22/05/2013 10:24]

fkcdbkhjcaljlfolhllfneigeepmjfim - C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx[]

jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[]

MixiDj Chrome Toolbar - Mounier en Charlotte - default\Extensions\kpepfkjapeclaafmhoelccknpfedainn

==== Chrome Fix ======================

C:\Users\Mounier en Charlotte\AppData\Local\Google\Chrome\User Data\default\Extensions\kpepfkjapeclaafmhoelccknpfedainn deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{28205FEB-945F-4360-A178-D5DE5B4C74B7} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{A8A89CAF-5B6B-4485-BE7D-BA21AD4FEC0D} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully

==== Deleting CLSID Registry Values ======================

==== shortcuts on Users Desktops ======================

C:\Users\Mounier en Charlotte\Desktop\ConvertXtoDVD 4.lnk - C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe

C:\Users\Mounier en Charlotte\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe

C:\Users\Mounier en Charlotte\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe

C:\Users\Mounier en Charlotte\Desktop\Free Screen To Video.lnk - C:\Program Files (x86)\Free Screen To Video\FreeScreenVideo.exe

C:\Users\Mounier en Charlotte\Desktop\HiJackThis.lnk - C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Mounier en Charlotte\Desktop\Foto's\Verjaardag%2520Marie%25202011%2520Knokke%2520116 - Snelkoppeling.lnk - C:\@CHARLOTTE\Foto's\2011-10-02 Verjaardag Marie 2011 Knokke\Verjaardag%2520Marie%25202011%2520Knokke%2520116.JPG

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\mcuicnt.exe SecurityScanner.dll

C:\Users\Public\Desktop\Picto Selector.lnk - C:\Program Files (x86)\Picto Selector\PictoSelector.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee AntiVirus Plus.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\DirectVobSub Configure.lnk - C:\Windows\System32\rundll32.exe dvobsub.ax,Configure

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\Uninstall.lnk - C:\Program Files (x86)\Gabest\VobSub\uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\VobSub Configure.lnk - C:\Windows\System32\rundll32.exe vobsub.dll,Configure

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\VobSub Cutter.lnk - C:\Windows\System32\rundll32.exe vobsub.dll,Cutter

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\VobSub dir.lnk - C:\Program Files (x86)\Gabest\VobSub

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub\VobSub Joiner.lnk - C:\Windows\System32\rundll32.exe vobsub.dll,Joiner

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\ConvertXtoDVD 4.lnk - C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\l glp license.lnk - C:\Program Files (x86)\VSO\ConvertX\4\lgpl-2.1.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\Verwijder ConvertXToDVD.lnk - C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoDVD 4\ Drivers\ Remover Driver (Modo de Compatibilidade).lnk - C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe /remove /removeatip " Kompatibilitätsmodus wird eingerichtet... Bitte anschließend neu starten"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk - C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Screen To Video.lnk - C:\Program Files (x86)\Free Screen To Video\FreeScreenVideo.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picto Selector.lnk - C:\Program Files (x86)\Picto Selector\PictoSelector.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\CyberLink DVD Suite Deluxe.lnk - C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\PIXresizer.lnk - C:\Program Files (x86)\PIXresizer\PIXresizer.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MP Navigator 2.0.lnk - C:\Program Files (x86)\Canon\MP Navigator 2.0\mpn20.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picto Selector.lnk - C:\Program Files (x86)\Picto Selector\PictoSelector.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Mounierie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\doagiokpgboiomffjfhaiimafndmmpni deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120910195201.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

O4 - HKCU\..\Run: [spotify] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Mounier en Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Mounier en Charlotte\AppData\Local\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131\Cache emptied successfully

C:\users\Mounier en Charlotte\AppData\Local\Mozilla\Firefox\Profiles\de3p5fjd.default\Cache emptied successfully

C:\users\Mounierie\AppData\Local\Mozilla\Firefox\Profiles\efowjwz6.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\MOUNIE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\users\Mounierie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7DZL7GZ5\drtuber.com" not found

"C:\users\Mounierie\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7DZL7GZ5\www.bingel.be" not found

==== EOF on di 13/08/2013 at 17:16:05,59 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
{BFB04AEFB1C44F7D64F5E67B2AACE544];c
C:\users\Mounier en Charlotte\AppData\Local\Rich Media Player;fs
C:\Users\Mounier en Charlotte\RichMedia;fs
C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd(1).exe;f
C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd.exe;f
C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7TPJ8D1B\WebCakesetup[1].exe;f
C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QEPR6KD\torntvdownloader[1].exe;f
C:\Users\Mounier en Charlotte\AppData\Local\Temp\Softonic_NL_1-5-0.exe;f
C:\Users\Mounier en Charlotte\AppData\Local\Temp\{14E4D10A-A33D-487B-B24B-D4765415FA04}\setup.exe;f
C:\Users\Mounier en Charlotte\Desktop\Oude Firefox-gegevens\CT2504091\toolbarImages\storage.conduit.com;fs
{1FD91A9C-410C-4090-BBCC-55D3450EF433};c
C:\Program Files (x86)\TornTV.com;fs
C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player;fs
C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk;f
C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk;f
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk;f
{ba14329e-9550-4989-b3f2-9732e92d17cc};c
autoclean;

Vink nu de onderstaande opties aan.

  • HijackThis Log

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

aangepast door kape
Link naar reactie
Delen op andere sites

AUB:

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Mounier en Charlotte on vr 16/08/2013 at 15:45:54,54.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mounier en Charlotte\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-697365305-3729413489-3807942375-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7TPJ8D1B\WebCakesetup[1].exe" not found

"C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QEPR6KD\torntvdownloader[1].exe" not found

"C:\Users\Mounier en Charlotte\AppData\Local\Temp\Softonic_NL_1-5-0.exe" not found

"C:\Users\Mounier en Charlotte\AppData\Local\Temp\{14E4D10A-A33D-487B-B24B-D4765415FA04}\setup.exe" not found

"C:\Program Files (x86)\TornTV.com" not found

"C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd(1).exe" deleted

"C:\Users\Mounier en Charlotte\Downloads\FFSetup3.1.0-oc-jd.exe" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk" deleted

"C:\Users\Mounier en Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk" deleted

"C:\Users\Mounier en Charlotte\Desktop\Oude Firefox-gegevens\CT2504091\toolbarImages\storage.conduit.com" deleted

"C:\users\Mounier en Charlotte\AppData\Local\Rich Media Player" deleted

"C:\Users\Mounier en Charlotte\RichMedia" deleted

"C:\Users\Mounier en Charlotte\AppData\Local\Rich Media Player" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Mounierie\AppData\Roaming\Mozilla\Firefox\Profiles\efowjwz6.default

- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mounier en Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131

AE7B288233C212C62CD544BF768C45E6 - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director

3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash

66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[22/05/2013 10:24]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{28205FEB-945F-4360-A178-D5DE5B4C74B7} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{A8A89CAF-5B6B-4485-BE7D-BA21AD4FEC0D} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox"

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120910195201.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

O4 - HKCU\..\Run: [spotify] "C:\Users\Mounier en Charlotte\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

O4 - HKCU\..\RunOnce: [uninstall C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Mounier en Charlotte\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Mounier en Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounier en Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mounierie\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Mounier en Charlotte\AppData\Local\Mozilla\Firefox\Profiles\0ascounk.default-1376138982131\Cache emptied successfully

C:\users\Mounier en Charlotte\AppData\Local\Mozilla\Firefox\Profiles\de3p5fjd.default\Cache emptied successfully

C:\users\Mounierie\AppData\Local\Mozilla\Firefox\Profiles\efowjwz6.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\MOUNIE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 16/08/2013 at 15:56:19,57 ======================

Link naar reactie
Delen op andere sites

Verwijder zeker nog zoek.exe van je bureaublad en laat CCleaner nog even scannen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.