RSIT logje

[superjona]

Hallo daar ;-),

Heb de laatste tijd last van een zeer opmerkelijke sloomheid, dus heb ik even een RSIT-logje gemaakt. Hopelijk kan er aardig wat rotzooi weg, zodat het weer wat soepeler loopt.

[ATTACH]28855[/ATTACH]

RSIT 8-11-13.txt

[juisterr]

We zullen zien.

Download Zoek.zip naar het bureaublad.

1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
   
2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
   

• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  torpigcheck;
  emptyclsid;
  emptyfolderscheck;delete
  firefoxlook; 
  Chromelook; 
  autoclean; 
  iedefaults; 
  filesrcm;
  
  
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

[superjona]

Ziezo, hier het logje:

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by Jonathan on za 09/11/2013 at 8:48:36,54.

Microsoft Windows 8.1 Pro 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: F:\Gebruikers\Jona\Bureaublad\zoek.exe [script inserted]

==== System Restore Info ======================

9/11/2013 8:48:58 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\xml_param deleted successfully

C:\Users\Jonathan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully

C:\Users\Jonathan\AppData\Local\PackageStaging deleted successfully

C:\Users\Jonathan\AppData\Local\VirtualStore deleted successfully

C:\Users\Lana\AppData\Local\VirtualStore deleted successfully

==== Creating Sample_20130911_0855.zip ======================

Copied file C:\ProgramData\MakeMarkerFile.exe to sample\MakeMarkerFile.exe

sample\MakeMarkerFile.exe renamed to 6EBA4DF7D38DA6FCD75D8FCF8F0FA99B

C:\Users\Public\Desktop\sample_20130911_0855.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\WINDOWS\wininit.ini deleted

C:\WINDOWS\SysWow64\AI_RecycleBin deleted

C:\ProgramData\MakeMarkerFile.exe deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-11-09 07:23:30 A2384054100632F248EB45B4DC927779 43152 ----a-w- C:\WINDOWS\avastSS.scr

2013-10-17 14:17:45 4EC7DDE77607CD8251EF9F982DB934C0 45723 ----a-w- C:\WINDOWS\diagwrn.xml

2013-10-17 14:17:45 4EC7DDE77607CD8251EF9F982DB934C0 45723 ----a-w- C:\WINDOWS\diagerr.xml

====== C:\Users\Jonathan\AppData\Local\Temp ====

2013-11-07 05:06:40 3E0F447BAF24582A45E4D9E8E737DECA 2899292 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\fp_pl_pfs_installer.exe

2013-10-30 12:09:01 9C2D8860B369090F1F9B30AC9B8F60E4 6508424 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\77B0E5350DDE45FD868CBFE74A31D19C\DiscWizardInstall.exe

2013-10-30 12:08:48 9C2D8860B369090F1F9B30AC9B8F60E4 6508424 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\0040D286A0D0417CA121C001706D6A25\DiscWizardInstall.exe

2013-10-30 12:08:12 9C2D8860B369090F1F9B30AC9B8F60E4 6508424 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\BCF1640000A84558962533A95819EDDA\DiscWizardInstall.exe

2013-10-30 12:05:18 9C2D8860B369090F1F9B30AC9B8F60E4 6508424 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\CF9A377678744A4B8779FB4C59AEAC8B\DiscWizardInstall.exe

2013-10-30 12:03:30 9C2D8860B369090F1F9B30AC9B8F60E4 6508424 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\0C4AD76F55C44CC6BAAD3F84152CECC9\DiscWizardInstall.exe

====== Java Cache =====

2013-10-23 12:46:29 E5A1FB83F70A49DD6BF3D7A5DDB66C66 379660 ----a-w- C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\4db3f80b-43c7e576

2013-10-23 12:46:27 3FAFAB8F216384132849238D5E5A2D6A 91 ----a-w- C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\197a0b11-6.0.lap

2013-10-25 04:42:32 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-2351955d

2013-10-31 03:16:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Lana\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-240918cc

====== C:\WINDOWS\SysWOW64 =====

2013-11-07 19:56:59 52200B557849C26BB97069777F10A125 17143808 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

2013-11-07 19:56:58 B38ADD349A7D21A4DAC9C1A9B1F2E694 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb

2013-11-07 19:56:58 7F3B6B342DBE8BAC12DF96402694C0D4 11222016 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll

2013-11-07 19:56:56 5618F48322A38CF7AD6B9838F7FDC7AA 2166272 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll

2013-10-29 05:25:53 474B4EC7DEDCF2D046EDB6E262BF34BE 698232 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2013-11-09 07:23:32 D372180CBBFB280C51061E30034B268B 334648 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe

2013-11-07 19:56:59 65B7EF044F18ABF281CA494F1C04FE9D 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb

2013-11-07 19:56:58 62BA06EE56362CD0B9AD8E9E51A29AFA 12995072 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll

2013-11-07 19:56:57 10E330CBEDE6592AC90227A70A5C9FB9 23213056 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

2013-11-07 19:56:56 3563774C8E27F362741E2BFDC7BD25DB 2763776 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll

2013-10-29 05:25:53 029D89926A1C52C785B4F2E697FD7105 872840 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll

====== C:\WINDOWS\Sysnative\drivers =====

2013-11-09 07:23:32 FAF7B0B0C44A2FBD6FBC54E3E0F38545 84328 ----a-w- C:\WINDOWS\Sysnative\drivers\aswMonFlt.sys

2013-11-09 07:23:32 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys

2013-11-09 07:23:32 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys

2013-11-09 07:23:32 59787B95DD9CA44CB139D96863438587 205320 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys

2013-11-09 07:23:32 511595FFE2E06D6E1947E0A0C8C7AD27 409832 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSP.sys

2013-11-09 07:23:32 3E07C93A2CB67840E4CD56C00959A402 1032416 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSnx.sys

2013-11-09 07:23:32 1EC6777695564CA7EB3ADB36C78322E5 38984 ----a-w- C:\WINDOWS\Sysnative\drivers\aswFsBlk.sys

2013-10-23 14:54:23 5A81DCCDA60D41BAC26C00B650D8769D 12537632 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys

2013-10-23 14:54:23 220B120EF4C36B4A3E23FAEC91E2FCE3 39200 ----a-w- C:\WINDOWS\Sysnative\drivers\nvvad64v.sys

2013-10-23 14:54:23 17902FF6CAD1BA9B4E362CB7D7C9CBD6 32544 ----a-w- C:\WINDOWS\Sysnative\drivers\nvpciflt.sys

2013-10-22 16:31:04 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys

2013-10-18 00:14:52 E6EF19470936A12524B61DBE7CB44B07 382808 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys

2013-10-18 00:14:52 AEAB1924098DB538784C1D2B268FF0C9 1537880 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys

2013-10-17 14:16:03 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf

====== C:\WINDOWS\Tasks ======

2013-11-09 07:23:35 B7ADAEDAF23B500175FD75B9D288019E 3924 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update

2013-10-20 16:11:44 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Nero

2013-10-20 15:50:33 B930F5DC22A39D341751B14D675F101B 3200 ----a-w- C:\WINDOWS\Sysnative\Tasks\DeviceDetector

2013-10-17 16:11:13 A2CFC80FFE45A0E7BFD287D0F3BB81F3 3982 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{9DB04F98-DA69-4D9B-9EAB-7F585DDB0809}

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-11-08 18:34:59 -------- d-----w- C:\Program Files\trend micro

2013-10-24 03:49:11 -------- d-----w- C:\Program Files\Microsoft.NET

2013-10-23 15:26:35 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-10-18 00:13:47 -------- d-----w- C:\Program Files\Reference Assemblies

2013-10-18 00:13:47 -------- d-----w- C:\Program Files\MSBuild

2013-10-17 14:16:11 -------- d-----w- C:\Program Files\Realtek

2013-10-17 14:16:10 -------- d-----w- C:\Program Files\Elantech

======= C:\PROGRA~2 =====

2013-10-29 11:53:55 -------- d-----w- C:\PROGRA~2\Craften Terminal

2013-10-26 16:54:24 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition

2013-10-26 16:54:05 -------- d-----w- C:\PROGRA~2\Windows Live

2013-10-26 16:52:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Windows Live

2013-10-26 07:00:39 -------- d-----w- C:\PROGRA~2\PIXresizer

2013-10-23 15:26:35 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight

2013-10-23 12:46:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2013-10-23 12:46:08 -------- d-----w- C:\PROGRA~2\Java

2013-10-20 16:11:05 -------- d-----w- C:\PROGRA~2\Nero

2013-10-20 16:08:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Nero

2013-10-20 16:07:30 -------- d-----w- C:\PROGRA~2\MSXML 4.0

2013-10-20 15:50:05 -------- d-----w- C:\PROGRA~2\CyberLink

2013-10-18 00:13:47 -------- d-----w- C:\PROGRA~2\Reference Assemblies

2013-10-18 00:13:47 -------- d-----w- C:\PROGRA~2\MSBuild

2013-10-13 13:34:56 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe

======= C: =====

====== C:\Users\Jonathan\AppData\Roaming ======

2013-11-09 07:23:42 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft

2013-10-31 03:16:36 -------- d-----w- C:\Users\Lana\AppData\Locallow\Sun

2013-10-29 11:54:03 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Craften Terminal

2013-10-29 11:54:02 -------- d-----w- C:\Users\Jonathan\AppData\Local\Craften.de

2013-10-28 15:23:30 -------- d-s---w- C:\Users\UpdatusUser\AppData\Locallow\Microsoft

2013-10-26 16:53:22 -------- d-----w- C:\Users\Jonathan\AppData\Local\Windows Live

2013-10-24 03:43:34 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help

2013-10-24 03:43:34 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help

2013-10-23 14:55:31 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft

2013-10-23 14:55:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-23 14:55:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp

2013-10-23 14:55:31 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-20 22:50:59 -------- d-----w- C:\Users\Lana\AppData\Roaming\Identities

2013-10-20 16:25:53 -------- d-----w- C:\Users\Jonathan\AppData\Local\Nero

2013-10-20 16:20:41 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Nero

2013-10-20 15:52:11 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\CyberLink

2013-10-20 15:50:34 -------- d-----w- C:\Users\Jonathan\AppData\Local\Cyberlink

2013-10-20 09:34:35 -------- d-----w- C:\Users\Jonathan\AppData\Local\Unity

2013-10-20 09:34:34 -------- d-----w- C:\Users\Jonathan\AppData\Locallow\Unity

2013-10-18 00:14:35 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft

2013-10-17 16:14:03 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google

2013-10-17 14:24:27 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Identities

2013-10-17 14:22:48 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft

2013-10-17 14:22:28 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft

2013-10-17 14:22:00 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe

2013-10-17 14:20:27 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer

2013-10-17 14:17:45 -------- d-s---w- C:\Users\Jonathan\AppData\Roaming\Microsoft

2013-10-17 14:17:45 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-17 14:17:45 -------- d-----w- C:\Users\Jonathan\AppData\Local\Temp

2013-10-17 14:17:45 -------- d-----w- C:\Users\Jonathan\AppData\Local\Microsoft

2013-10-17 14:17:45 -------- d-----r- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-17 14:17:45 -------- d-----r- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-17 14:17:45 -------- d-----r- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-17 14:17:44 -------- d-s---w- C:\Users\Lana\AppData\Roaming\Microsoft

2013-10-17 14:17:44 -------- d-----w- C:\Users\Lana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-17 14:17:44 -------- d-----w- C:\Users\Lana\AppData\Local\Temp

2013-10-17 14:17:44 -------- d-----w- C:\Users\Lana\AppData\Local\Microsoft

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-13 13:41:20 EE8840ADF7CD213213F1500C694C1ED4 132 ----a-w- C:\Users\Jonathan\AppData\Roaming\Adobe PNG Format CS6 Prefs

2013-10-13 13:35:16 -------- d-----w- C:\Users\Jonathan\AppData\Locallow\Adobe

2013-10-11 07:58:40 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Copy

2013-10-11 07:58:40 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Copy

====== C:\Users\Jonathan ======

2013-11-09 07:23:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2013-10-29 11:53:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal

2013-10-26 07:00:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXresizer

2013-10-23 15:26:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2013-10-23 14:55:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2013-10-23 14:55:33 -------- d-----w- C:\Users\UpdatusUser\Searches

2013-10-23 14:55:33 -------- d-----w- C:\Users\UpdatusUser\Contacts

2013-10-23 14:55:32 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini

2013-10-23 14:55:31 -------- d--h--w- C:\Users\UpdatusUser\AppData

2013-10-23 14:55:31 -------- d-----w- C:\Users\UpdatusUser\Saved Games

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Videos

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Pictures

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Music

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Links

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Favorites

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Downloads

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Documents

2013-10-23 14:55:31 -------- d-----r- C:\Users\UpdatusUser\Desktop

2013-10-23 12:46:17 -------- d-----w- C:\ProgramData\Sun

2013-10-23 12:46:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-21 16:46:00 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-10-20 22:50:58 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Lana\ntuser.ini

2013-10-20 16:08:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero

2013-10-20 16:08:31 -------- d-----w- C:\ProgramData\Nero

2013-10-20 15:52:28 -------- d-----w- C:\ProgramData\CyberLink

2013-10-20 15:50:33 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso

2013-10-20 15:49:39 -------- d-----w- C:\ProgramData\Temp

2013-10-17 16:09:17 -------- d---a-r- C:\Users\Jonathan\SkyDrive

2013-10-17 14:24:25 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Jonathan\ntuser.ini

2013-10-17 14:17:45 -------- d--h--w- C:\Users\Jonathan\AppData

2013-10-17 14:17:45 -------- d-----r- C:\Users\Jonathan\Favorites

2013-10-17 14:17:44 -------- d--h--w- C:\Users\Lana\AppData

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\Favorites

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\Documents

2013-10-17 14:17:44 -------- d-----r- C:\Users\Lana\Desktop

2013-10-11 07:59:32 -------- d-----r- C:\Users\Jonathan\Copy

====== C: exe-files ==

2013-11-09 07:23:32 D372180CBBFB280C51061E30034B268B 334648 ----a-w- C:\Windows\System32\aswBoot.exe

2013-11-08 18:34:59 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jonathan.exe

2013-11-08 18:06:26 F5EA5BD5A849D74448C9817DFBDFCFEA 2640304 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005525\dao.17238084.exe

2013-11-08 18:06:14 E190B516A15819F585B60C9B1397A45B 355488 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000550c\updatus.17225710_RUNASUSER.exe

2013-11-07 05:06:40 3E0F447BAF24582A45E4D9E8E737DECA 2899292 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\fp_pl_pfs_installer.exe

2013-11-02 15:27:55 42047732F6FF71587DDAE77EC5E2E871 2416200 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000054ed\dao.17204360.exe

=== C: other files ==

2013-11-09 07:55:16 F396237A60C5934820292BC34615B06D 866188 ----a-w- C:\Users\Public\Desktop\sample_20130911_0855.zip

2013-11-09 07:23:32 FAF7B0B0C44A2FBD6FBC54E3E0F38545 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-11-09 07:23:32 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-11-09 07:23:32 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-11-09 07:23:32 59787B95DD9CA44CB139D96863438587 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-11-09 07:23:32 511595FFE2E06D6E1947E0A0C8C7AD27 409832 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2013-11-09 07:23:32 3E07C93A2CB67840E4CD56C00959A402 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-11-09 07:23:32 1EC6777695564CA7EB3ADB36C78322E5 38984 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys

==== Folders in C:\ProgramData 0-6 Months Old ======================

2013-08-22 13:36:15 -------- d-s---w- C:\ProgramData\Microsoft

2013-08-22 14:45:52 -------- d-sh--we C:\ProgramData\Application Data

2013-08-22 14:45:52 -------- d-sh--we C:\ProgramData\Desktop

2013-08-22 14:45:52 -------- d-sh--we C:\ProgramData\Documents

2013-08-22 14:45:52 -------- d-sh--we C:\ProgramData\Start Menu

2013-08-22 14:45:52 -------- d-sh--we C:\ProgramData\Templates

2013-08-22 15:36:30 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft

2013-08-27 16:56:27 -------- d-----w- C:\ProgramData\PRICache

2013-08-27 17:07:16 -------- d-----w- C:\ProgramData\Samsung

2013-08-27 17:17:03 -------- d-----w- C:\ProgramData\Intel

2013-08-27 17:24:23 -------- d-----w- C:\ProgramData\NVIDIA

2013-08-27 17:25:19 -------- d-----w- C:\ProgramData\ColorMode

2013-08-27 17:27:27 -------- d-----w- C:\ProgramData\WinClon

2013-08-27 17:51:22 -------- d-----w- C:\ProgramData\BootRacer

2013-08-27 18:12:15 -------- d-----w- C:\ProgramData\Mozilla

2013-08-29 16:08:02 -------- d-----w- C:\ProgramData\Microsoft Toolkit

2013-08-29 16:09:12 -------- d-----w- C:\ProgramData\Microsoft Help

2013-09-03 15:43:03 -------- d-----w- C:\ProgramData\EPSON

2013-09-11 12:32:39 -------- d-----w- C:\ProgramData\Apple

2013-09-11 12:34:23 -------- d-----w- C:\ProgramData\Apple Computer

2013-10-06 11:48:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-06 15:54:15 -------- d-----w- C:\ProgramData\Aimersoft Video Converter Ultimate

2013-10-20 15:49:39 -------- d-----w- C:\ProgramData\Temp

2013-10-20 15:52:28 -------- d-----w- C:\ProgramData\CyberLink

2013-10-20 16:08:31 -------- d-----w- C:\ProgramData\Nero

2013-10-21 16:46:00 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-10-22 16:31:05 -------- d-----w- C:\ProgramData\Malwarebytes

2013-10-23 12:46:17 -------- d-----w- C:\ProgramData\Sun

2013-11-09 07:22:49 -------- d-----w- C:\ProgramData\AVAST Software

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [09/11/2013 08:23]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\91sw8iid.default

86616A2DB28CBDE470874BD61E8C9B1B - C:\Users\Jonathan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[09/11/2013 08:23]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[25/09/2013 05:05]

Google Docs - Jonathan - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jonathan - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Cloud To Butt Plus - Jonathan - Default\Extensions\apmlngnhgbnjpajelfkmabhkfapgnoai

YouTube - Jonathan - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - Jonathan - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - Jonathan - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - Jonathan - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

bol.comppl - Jonathan - Default\Extensions\jkgenemciogcgmpcahfbfcdamgcjfbpp

DVDVideoSoft - Jonathan - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Google Wallet - Jonathan - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jonathan - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Lana - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Lana - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Lana - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Lana - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Lana - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Lana - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jonathan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Lana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Jonathan\AppData\Local\Mozilla\Firefox\Profiles\91sw8iid.default\Cache emptied successfully

C:\Users\Lana\AppData\Local\Mozilla\Firefox\Profiles\gqnaaqm3.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Jonathan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 09/11/2013 at 8:59:25,35 ======================

[juisterr]

Is er al minder sloomheid ?

[superjona]

Het lijkt al een stuk beter te gaan

Heb MBAM nog eens laten lopen, die heeft ook nog een aantal infecties kunnen verwijderen.

Thanks!

[juisterr]

Ik vermoed dat je de vervolg stap al weet maar toch aub.

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.