Ga naar inhoud

Advertentie pop-ups


Aanbevolen berichten

Hallo,

Ik heb erg last van continue pop-ups en vensters die onverwachts in advertenties veranderen i.p.v. de site die ik graag wil openen.

Ik heb al een Logje met Hijackthis gemaakt, wie kan mij helpen?

Het is bij google chrome maar ook bij internet explorer.

Hierbij mijn logje

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 11:09:10, on 28-11-2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files (x86)\Microsoft Office\Office14\MSTORDB.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Mediamarkt2\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: surf aannd akEEep - {9F2437AF-7575-8E54-5DAB-6769E0866414} - C:\Program Files (x86)\surf aannd akEEep\bTFa5kQ3_.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10345 bytes

Link naar reactie
Delen op andere sites

Ik zie net dat jullie nu met RSIT werken. Dus maar even een logje van RSIT

info.txt logfile of random's system information tool 1.09 2013-11-28 11:28:37

======Uninstall list======

Adobe Shockwave Player 11.6-->"C:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe"

ANNO 2070-->"C:\Program Files (x86)\InstallShield Installation Information\{B48E264C-C8CD-4617-B0BE-46E977BAD694}\setup.exe" -runfromtemp -l0x0809 -removeonly

Apple Application Support-->MsiExec.exe /I{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}

Apple Mobile Device Support-->MsiExec.exe /I{2F72F540-1F60-4266-9506-952B21D6640D}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

Connected Music powered by Universal Music Group version 1.0-->"C:\Program Files (x86)\Connected Music powered by Universal Music Group\unins000.exe"

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" /z-uninstall

CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall

CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall

CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall

CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall

CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall

CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall

CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{6BDEB2BD-7C8B-4734-9E2F-E9EDC9D6C844}" "1043" "0"

Energy Star-->MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24}

Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Hewlett-Packard ACLM.NET v1.2.0.0-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}

HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}

HP Documentation-->MsiExec.exe /X{8E7CB625-076C-4812-87B9-A2695C2CFABF}

HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}

HP Quick Launch-->MsiExec.exe /I{4ED7050C-9332-4FB2-AB07-E94F25A53D39}

HP Recovery Manager-->MsiExec.exe /I{528AB81B-D65A-4AB0-A2B6-82B51A087D01}

HP Registration Service-->MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}

HP Software Framework-->MsiExec.exe /X{4983EBE7-5117-43C9-8DE1-FFEBFDBD35DB}

HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{B8019B54-F9BE-490A-9619-6D06F18F129F}\setup.exe" -runfromtemp -l0x0409 -removeonly

HP Utility Center-->MsiExec.exe /I{0C57987A-A03A-4B95-A309-D23F78F406CA}

HP Wireless Button Driver-->MsiExec.exe /X{941DE69D-6CEE-4171-8F1F-3D7E352AA498}

Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall

Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall

Intel® SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall

Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}

iTunes-->MsiExec.exe /I{0225AD21-F3E2-4916-BFF3-65D3F9052582}

Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}

Microsoft Office Home and Student 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL

Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}

Microsoft Office Shared 64-bit MUI (Dutch) 2010-->MsiExec.exe /X{90140000-002A-0413-1000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}

Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

Ralink RT5390R 802.11bgn Wi-Fi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0013 -removeonly

Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DC8EDDCF-2031-4C8D-916C-64058A3ACA95}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{63EF0C85-5B63-410F-ACE4-C1D4E6769E7A}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{FCF15674-9DAA-46C3-BF37-BDA4BA00F656}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{6840DC59-F17B-415D-BA04-A62A164C7E7A}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{D1673BA3-FA9D-434F-BD8B-CF663F1A70BA}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{9A854864-23D5-4FD5-8357-F4602A2A7CC4}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EC2CA755-17D8-4392-A91E-FD4D2DD31072}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0241FB40-015F-42AC-A711-1AE59E346B51}" "1043" "0"

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{FD346649-CCFA-4FB8-9406-ED3FC568BC72}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{09A9DF49-DA06-4093-A2FD-F339211E39EA}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{2C2D6CA0-1F04-4551-A82A-E0800CD616FA}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{E4D76E88-C65F-4003-9C71-EC4306679D17}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0413-1000-0000000FF1CE}" "{8218F3D1-A3CE-483C-819B-855338E4397C}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0413-0000-0000000FF1CE}" "{0B17C286-F7CC-4605-80D0-B465D5A44152}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{07466203-7D4B-49A0-85BC-85CCC297AD9E}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

SK.Enhancer-->"c:\programdata\wintersoft\sk.enhancer\sk.enhancer.exe" /uninstall

surf aannd akEEep-->"C:\ProgramData\surf aannd akEEep\eNd8KKWyLy.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1043" "0"

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}" "1043" "0"

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}" "1043" "0"

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1043" "0"

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1043" "0"

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1043" "0"

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1043" "0"

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9D69691D-823D-4C3E-9B12-563A3F520366}" "1043" "0"

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1043" "0"

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1043" "0"

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1043" "0"

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1043" "0"

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}" "1043" "0"

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}" "1043" "0"

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}" "1043" "0"

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{01C54C3F-EF56-4753-A0EC-6B3938822923}" "1043" "0"

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}" "1043" "0"

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8C55AA83-54C2-4236-A622-78440A411DC5}" "1043" "0"

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}" "1043" "0"

VLC media player 2.0.6-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe

Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399}

Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}

Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}

Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}

Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}

Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}

Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}

Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}

Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}

Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}

Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}

Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}

Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}

======System event log======

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 7040

Message: Het opstarttype van de service Windows Search is gewijzigd van automatisch starten in uitgeschakeld.

Record Number: 743

Source Name: Service Control Manager

Time Written: 20121007072621.885887-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 1014

Message: In de naamomzetting voor de naam detect.gocyberlink.com is een time-out opgetreden omdat geen van de geconfigureerde DNS-servers reageert.

Record Number: 742

Source Name: Microsoft-Windows-DNS-Client

Time Written: 20121007072616.096936-000

Event Type: Waarschuwing

User: NT AUTHORITY\NETWORK SERVICE

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 104

Message: Logboekbestand Setup is gewist.

Record Number: 741

Source Name: Microsoft-Windows-Eventlog

Time Written: 20121007072617.081385-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 104

Message: Logboekbestand Application is gewist.

Record Number: 740

Source Name: Microsoft-Windows-Eventlog

Time Written: 20121007072616.909502-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 104

Message: Logboekbestand System is gewist.

Record Number: 739

Source Name: Microsoft-Windows-Eventlog

Time Written: 20121007072616.846997-000

Event Type: Informatie

User:

=====Application event log=====

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 105

Message: msiexec (796) Instance: De database-engine heeft een nieuwe sessie (0) gestart. (Tijd=0 seconden)

Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.

Record Number: 791

Source Name: ESENT

Time Written: 20121007072832.000000-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 102

Message: msiexec (796) Instance: De database-engine (6.02.9200.0000) start een nieuwe sessie (0).

Record Number: 790

Source Name: ESENT

Time Written: 20121007072832.000000-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 1003

Message: De Windows Search-service is gestart.

Record Number: 789

Source Name: Microsoft-Windows-Search

Time Written: 20121007072623.000000-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 1013

Message: De Windows Search-service is normaal gestopt.

Record Number: 788

Source Name: Microsoft-Windows-Search

Time Written: 20121007072622.000000-000

Event Type: Informatie

User:

Computer Name: WIN-Q0IJ8VNI91E

Event Code: 103

Message: SearchIndexer (716) Windows: De database-engine heeft de sessie (0) stopgezet.

Dirty Shutdown: 0

Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.062, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.032, [10] 0.000, [11] 0.015, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Record Number: 787

Source Name: ESENT

Time Written: 20121007072622.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: mediamarkt

Event Code: 4907

Message: De controle-instellingen voor een object zijn gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: MEDIAMARKT$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3E7

Object:

Objectserver: Security

Objecttype: File

Objectnaam: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nl\Microsoft.Transactions.Bridge.Dtc.resources.dll

Ingangs-id: 0x4c

Procesgegevens:

Proces-id: 0x368

Procesnaam: C:\Windows\System32\poqexec.exe

Controle-instellingen:

Oorspronkelijke security descriptor: S:AI

Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 4355

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130225164102.123904-000

Event Type: Controle geslaagd

User:

Computer Name: mediamarkt

Event Code: 4907

Message: De controle-instellingen voor een object zijn gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: MEDIAMARKT$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3E7

Object:

Objectserver: Security

Objecttype: File

Objectnaam: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nl\Microsoft.Transactions.Bridge.resources.dll

Ingangs-id: 0x4c

Procesgegevens:

Proces-id: 0x368

Procesnaam: C:\Windows\System32\poqexec.exe

Controle-instellingen:

Oorspronkelijke security descriptor: S:AI

Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 4354

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130225164101.905139-000

Event Type: Controle geslaagd

User:

Computer Name: mediamarkt

Event Code: 4907

Message: De controle-instellingen voor een object zijn gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: MEDIAMARKT$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3E7

Object:

Objectserver: Security

Objecttype: File

Objectnaam: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nl\System.Web.Abstractions.resources.dll

Ingangs-id: 0x4c

Procesgegevens:

Proces-id: 0x368

Procesnaam: C:\Windows\System32\poqexec.exe

Controle-instellingen:

Oorspronkelijke security descriptor: S:AI

Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 4353

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130225164101.764489-000

Event Type: Controle geslaagd

User:

Computer Name: mediamarkt

Event Code: 4907

Message: De controle-instellingen voor een object zijn gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: MEDIAMARKT$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3E7

Object:

Objectserver: Security

Objecttype: File

Objectnaam: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nl\Microsoft.Activities.Build.resources.dll

Ingangs-id: 0x4c

Procesgegevens:

Proces-id: 0x368

Procesnaam: C:\Windows\System32\poqexec.exe

Controle-instellingen:

Oorspronkelijke security descriptor: S:AI

Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 4352

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130225164101.623876-000

Event Type: Controle geslaagd

User:

Computer Name: mediamarkt

Event Code: 4907

Message: De controle-instellingen voor een object zijn gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: MEDIAMARKT$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3E7

Object:

Objectserver: Security

Objecttype: File

Objectnaam: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nl\System.ServiceModel.Web.resources.dll

Ingangs-id: 0x4c

Procesgegevens:

Proces-id: 0x368

Procesnaam: C:\Windows\System32\poqexec.exe

Controle-instellingen:

Oorspronkelijke security descriptor: S:AI

Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)

Record Number: 4351

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130225164101.483243-000

Event Type: Controle geslaagd

User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO

"USERNAME"=SYSTEM

"Path"=C:\PROGRAM FILES (X86)\INTEL\ICLS CLIENT\;C:\PROGRAM FILES\INTEL\ICLS CLIENT\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES\INTEL\INTEL® MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES\INTEL\INTEL® MANAGEMENT ENGINE COMPONENTS\IPT;C:\PROGRAM FILES (X86)\INTEL\INTEL® MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES (X86)\INTEL\INTEL® MANAGEMENT ENGINE COMPONENTS\IPT

"ComSpec"=%SystemRoot%\system32\cmd.exe

"TMP"=%SystemRoot%\TEMP

"OS"=Windows_NT

"windir"=%SystemRoot%

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=4

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=2a07

"OnlineServices"=Online Services

"Platform"=MCD

"PCBRAND"=Presario

"asl.log"=Destination=file

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

RSIT-log ontvangen via PB.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
{9F2437AF-7575-8E54-5DAB-6769E0866414};c
 C:\Program Files (x86)\surf aannd akEEep;fs
 C:\Windows\tasks\SK.Enhancer-S-747939423.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414}];r64
 C:\ProgramData\surf aannd akEEep;fs
 C:\ProgramData\9077d6ea9c26dfcc;fs
 C:\ProgramData\InstallMate;fs
 startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 30-November-2013

Tool run by Mediamarkt2 on ma 02-12-2013 at 11:34:04,16.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Mediamarkt2\Desktop\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

2-12-2013 11:36:17 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Users\Mediamarkt2\AppData\Roaming\hpqlog deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{06BC3F51-2E1B-4045-AF16-7808AA00B723} deleted successfully

HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F2437AF-7575-8E54-5DAB-6769E0866414}]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\surf aannd akEEep deleted

C:\ProgramData\surf aannd akEEep deleted

C:\ProgramData\9077d6ea9c26dfcc deleted

C:\ProgramData\InstallMate deleted

C:\Users\Mediamarkt2\AppData\LocalLow\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted

C:\Users\Mediamarkt2\AppData\Local\Packages\windows_ie_ac_001\AC\{9F2437AF-7575-8E54-5DAB-6769E0866414} deleted

C:\Windows\tasks\SK.Enhancer-S-747939423.job deleted

C:\windows\SysNative\tasks\SK.Enhancer-S-747939423 deleted

C:\Bestanden Vera\Prive\Nieuwe map\CR_Downloader_for_pokemon-firered.exe deleted

"C:\ProgramData\WinterSoft\SK.Enhancer\SK.Enhancer.exe" deleted

"C:\ProgramData\WinterSoft" not deleted

"C:\ProgramData\WinterSoft\SK.Enhancer" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\MEDIAM~1\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-11-14 10:42:04 E94F7A7B48C7638D1F3F8089344C97B7 151896 ----a-w- C:\Windows\Sysnative\drivers\tpm.sys

2013-11-14 10:42:04 C1646A95EAC515F60CDB2A7A8A013C1E 465240 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys

2013-11-14 10:42:02 07C872F13ACC81A5F10DEC6CF37BF9A8 61784 ----a-w- C:\Windows\Sysnative\drivers\crashdmp.sys

2013-11-14 10:41:38 7C0E0EDF18D6CC565D7BFBB451709FA5 576512 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-14 10:41:34 44BB9C31E6242C4BD1CE7C2B440C2533 96600 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-28 10:28:26 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

======= C: =====

====== C:\Users\Mediamarkt2\AppData\Roaming ======

====== C:\Users\Mediamarkt2 ======

2013-11-28 10:28:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mediamarkt2\Downloads\RSITx64.exe

2013-11-14 13:38:38 -------- d-----w- C:\ProgramData\WinterSoft

====== C: exe-files ==

2013-11-28 10:28:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mediamarkt2.exe

2013-11-28 10:28:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mediamarkt2\Downloads\RSITx64.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-02-2013 13:17]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-02-2013 13:17]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chrome Look ======================

surrf and Kaeep - Mediamarkt2 - Default\Extensions\akhcnjnnpdpcodjallfmikcloeljjjie

Google Docs - Mediamarkt2 - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Mediamarkt2 - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Mediamarkt2 - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Mediamarkt2 - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Mediamarkt2 - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Mediamarkt2 - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhcnjnnpdpcodjallfmikcloeljjjie deleted successfully

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_akhcnjnnpdpcodjallfmikcloeljjjie_0.localstorage deleted successfully

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_akhcnjnnpdpcodjallfmikcloeljjjie_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/CQCON13/7"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/CQCON13/7"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CC14472-9C7B-10D2-9AF3-C8956544E92B} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-747939423 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\MEDIAM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\WinterSoft" not found

==== EOF on ma 02-12-2013 at 11:49:52,87 ======================

Link naar reactie
Delen op andere sites

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

  • 3 weken later...

Excuses dat het even geduurd heeft. Drukke tijd.

Hierbij het logbestand:

# AdwCleaner v3.015 - Report created 19/12/2013 at 09:10:22

# Updated 10/12/2013 by Xplode

# Operating System : Windows 8 (64 bits)

# Username : Mediamarkt2 - VERA

# Running from : C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DZA8NX7V\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1583 octets] - [19/12/2013 09:09:14]

AdwCleaner[s0].txt - [1510 octets] - [19/12/2013 09:10:22]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1570 octets] ##########

Link naar reactie
Delen op andere sites

Dan kunnen we gebruikte tools en nog wat restjes opruimen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.