plots trage pc

[hobbyfotograaf]

sinds 3 dagen is mijn pc enorm traag geworden, en kan ik ook geen programma's tegelijkertijd openen of internet erbij. alles duurt enorm lang.

Ik heb volgende scans al uitgevoerd cccleaner, Spybot - Search & Destroy, Malwarebytes Anti-Malware, adwcleaner er waren spyware enzo gevonden, dit is de eerste keer dat ik dit voorheb vroeger vonden die programmas niks, nu is alles opgeschoond, maar probleem is er nog.

Ook zijn er plots ddl files verdwenen zoals nieuwe hardware instaleren. windows update werkt niet meer enz...

Hier onder meer info

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:56:31, on 20/12/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Windows\vsnp2uvc.exe

C:\Windows\System32\PrintDisp.exe

C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe

C:\Program Files (x86)\Ditto\Ditto.exe

C:\Program Files (x86)\POP Peeper\POPPeeper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Microsoft Office\Office10\MSOFFICE.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Optiplex\Desktop\Downloads\drivermax.exe

C:\Users\Optiplex\AppData\Local\Temp\is-FD777.tmp\drivermax.tmp

C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe

C:\Users\Optiplex\virus\HijackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/emilie.mertens.92

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Facebook Toolbar - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe

O4 - HKCU\..\Run: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

O4 - HKCU\..\Run: [MCW Startup] "C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe" /s /p

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe

O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min

O4 - HKLM\..\Policies\Explorer\Run: [60194] C:\PROGRA~3\LOCALS~1\Temp\mszxveu.com

O4 - Startup: Clipboard Magic.lnk = C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe

O4 - Startup: Microsoft Office XP component.lnk = C:\Program Files (x86)\Microsoft Office\Office10\MSOFFICE.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe

O23 - Service: Printer Control - Unknown owner - (no file)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11703 bytes

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31

Run by Optiplex at 22:03:33 on 2013-12-20

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1033.18.4022.2445 [GMT 1:00]

.

AV: avast! Internet Security *Enabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Internet Security *Enabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\nlssrv32.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\rundll32.exe

C:\Windows\vsnp2uvc.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Windows\System32\PrintDisp.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe

C:\Program Files (x86)\Ditto\Ditto.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\POP Peeper\POPPeeper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Microsoft Office\Office10\MSOFFICE.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskmgr.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Optiplex\Desktop\Downloads\drivermax.exe

C:\Users\Optiplex\AppData\Local\Temp\is-FD777.tmp\drivermax.tmp

C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.facebook.com/emilie.mertens.92

mURLSearchHooks: <No Name>: - LocalServer32 - <no file>

BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - LocalServer32 - <no file>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - LocalServer32 - <no file>

BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - <orphaned>

BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned>

uRun: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe

uRun: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

uRun: [MCW Startup] "C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe" /s /p

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe

uRun: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min

uRun: [DriverMax] <no file>

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mExplorerRun: [60194] C:\PROGRA~3\LOCALS~1\Temp\mszxveu.com

StartupFolder: C:\Users\Optiplex\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CLIPBO~1.LNK - C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe

StartupFolder: C:\Users\Optiplex\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\MSOFFICE.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} - hxxp://download.microsoft.com/download/7/3/8/7384c441-3721-41ee-ae15-b678888f00dd/clearadj.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.smartphoto.be/ExtraFilmUploader6.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{1F515B10-405D-4E9A-AA40-D1C3FCC7ED32} : DHCPNameServer = 192.168.178.1

TCP: Interfaces\{C7DEEBE0-A156-4E05-9960-368015EAC74E} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{C7DEEBE0-A156-4E05-9960-368015EAC74E}\2626F68723D203460353 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{C7DEEBE0-A156-4E05-9960-368015EAC74E}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - LocalServer32 - <no file>

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe

x64-BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - LocalServer32 - <no file>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

x64-Run: [PrintDisp] C:\Windows\System32\PrintDisp.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/hobbyfotograaf

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin8.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Optiplex\AppData\Roaming\Mozilla\plugins\np-mswmp.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

FF - ExtSQL: 2013-11-07 21:44; firefox@glindorus.net; C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\firefox@glindorus.net.xpi

FF - ExtSQL: 2013-12-03 20:46; s0sc3fqxz@ls-xm.com; C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\s0sc3fqxz@ls-xm.com

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-8-9 69376]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-6-7 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-6-7 378944]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SAS***IL;SAS***IL;C:\Program Files\SUPERAntiSpyware\sas***il64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-6-7 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-6-7 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-1 46808]

R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\nlssrv32.exe [2013-9-9 71280]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 Printer Control;Printer Control; [x]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-5-1 161384]

S2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\System32\drivers\wcmvcam64.sys [2011-6-23 1071032]

S3 DCamUSBVM;Lenovo Q350 USB PC Camera;C:\Windows\System32\drivers\usbVM31b.sys [2005-9-19 142336]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-18 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-12-20 20:22:29 -------- d-----w- C:\ProgramData\Driver Whiz

2013-12-20 18:32:11 91544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll

2013-12-20 18:32:11 375192 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll

2013-12-20 18:32:11 272280 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe

2013-12-20 18:32:11 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

2013-12-20 18:32:11 172440 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll

2013-12-20 18:32:10 920472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

2013-12-20 18:32:10 825752 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll

2013-12-20 18:32:10 279448 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll

2013-12-20 17:40:48 -------- d-----w- C:\Program Files (x86)\NirSoft

2013-12-20 16:58:03 119808 ----a-r- C:\Users\Optiplex\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe

2013-12-20 16:57:42 -------- d-----w- C:\Users\Optiplex\AppData\Local\Apps

2013-12-20 13:22:26 -------- d-----w- C:\Windows\CheckSur

2013-12-20 12:17:37 -------- d-----w- C:\Program Files (x86)\iSafe

2013-12-20 12:17:29 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\iSafe

2013-12-20 11:40:26 -------- d-----w- C:\Program Files (x86)\ESET

2013-12-20 11:23:49 -------- d-sh--w- C:\$RECYCLE.BIN

2013-12-20 04:19:11 2347384 ----a-w- C:\Users\Optiplex\esetsmartinstaller_enu.exe

2013-12-20 02:57:10 5067472 ----a-w- C:\Windows\uninst.exe

2013-12-20 02:56:59 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters

2013-12-20 02:56:50 -------- d-----w- C:\ProgramData\PC1Data

2013-12-20 02:23:49 -------- d-----w- C:\Program Files (x86)\PC Drivers HeadQuarters

2013-12-20 02:10:51 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\ParetoLogic

2013-12-20 02:08:10 -------- d-----w- C:\ProgramData\ParetoLogic

2013-12-20 00:49:27 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\DriverCure

2013-12-19 21:43:09 -------- d-----w- C:\Program Files (x86)\POP Peeper

2013-12-19 21:09:06 -------- d-sh--w- C:\found.000

2013-12-19 21:05:06 -------- d-----w- C:\Program Files\POP Peeper

2013-12-19 20:36:59 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0DF09EDD-E630-4613-89FF-94EC342BBF14}\offreg.dll

2013-12-19 13:51:44 -------- d-----w- C:\ProgramData\ioloGovernor

2013-12-19 13:51:38 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\ioloGovernor

2013-12-19 13:49:55 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat

2013-12-19 13:49:43 -------- d-----w- C:\iolo

2013-12-19 13:49:21 74703 ----a-w- C:\Windows\SysWOW64mfc45.dll

2013-12-19 12:07:56 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0DF09EDD-E630-4613-89FF-94EC342BBF14}\mpengine.dll

2013-12-16 20:08:54 -------- d-----w- C:\Users\Optiplex\pc geluiden

2013-12-15 00:15:08 -------- d-----w- C:\Program Files\Common Files\Lavasoft

2013-12-14 00:34:36 -------- d-----w- C:\Users\Optiplex\AppData\Local\{35BE2B73-921D-4D0F-B296-B4E2CE113EBE}

2013-12-13 21:49:48 -------- d-----w- C:\Users\Optiplex\lettertypes

2013-12-13 19:04:01 -------- d-----w- C:\Program Files\eysy photo effects

2013-12-11 19:19:11 -------- d-----w- C:\Program Files (x86)\Photo!

2013-12-11 11:51:32 -------- d-----w- C:\Users\Optiplex\AppData\Local\{1BA76E3C-76E9-454F-B861-97D512A7395B}

2013-12-10 21:29:23 -------- d-----w- C:\AdwCleaner

2013-12-10 18:55:47 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\NCH Software

2013-12-10 14:04:25 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\Spesoft Image Converter

2013-12-10 14:02:59 -------- d-----w- C:\Program Files (x86)\gs

2013-12-05 14:38:00 -------- d-----w- C:\Users\Optiplex\AppData\Local\{00ABD095-48FB-43F5-8062-4EB7DE20EC4C}

2013-12-03 19:52:12 -------- d-----w- C:\Users\Optiplex\AppData\Local\ALLPlayer

2013-12-03 19:47:30 -------- d-----w- C:\Users\Optiplex\AppData\Local\Packages

2013-12-03 19:47:30 -------- d-----w- C:\ProgramData\SuRf oanD, keEp

2013-12-03 19:47:29 -------- d-----w- C:\Program Files (x86)\SuRf oanD, keEp

2013-12-03 19:45:53 -------- d-----w- C:\ProgramData\5a77797519338ba3

2013-12-03 19:44:13 -------- d-----w- C:\ProgramData\InstallMate

2013-11-28 19:44:42 -------- d-----w- C:\Program Files (x86)\Picture Collage Maker Pro

2013-11-28 19:08:14 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\PearlMountainSoft

2013-11-28 19:08:14 -------- d-----w- C:\ProgramData\PearlMountainSoft

2013-11-22 19:12:35 -------- d-----w- C:\Users\Optiplex\AppData\Local\MetaGeek,_LLC

2013-11-22 17:01:47 -------- d-----w- C:\Users\Optiplex\AppData\Local\{F60083B0-68A4-45B3-9A8A-392AD18290D3}

.

==================== Find3M ====================

.

2013-12-19 12:39:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-19 12:39:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-11-19 02:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe

2013-10-08 05:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

.

============= FINISH: 22:07:41,78 ===============

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 {0EEDB912-C5FA-486F-8334-57288578C627};c
 {AF69DE43-7D58-4638-B6FA-CE66B5AD205D};c
 {d2ce3e00-f94a-4740-988e-03dc2f38c34f};c
 {DBC80044-A445-435b-BC74-9C25C1C588A9};c
 {A823A630-78C6-4637-AF80-AEDCA5BB74C1};c
 {8dcb7100-df86-4384-8842-8fa844297b3f};c
 {91774881-D725-4E58-B298-07617B9B86A8};c
 Printer Control;s
 C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\firefox@glind orus.net.xpi;f
 C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\s0sc3fqxz@ls-xm.com;fs
 C:\Program Files (x86)\iSafe;fs
C:\Users\Optiplex\AppData\Roaming\iSafe;fs
 C:\found.000;fs
 C:\ProgramData\SuRf oanD, keep;fs
 C:\Program Files (x86)\SuRf oanD, keep;fs
 C:\ProgramData\5a77797519338ba3;fs
 C:\ProgramData\InstallMate;fs
FFdefaults;
CHRdefaults;

 C:\Users\Optiplex\AppData\Local\{F60083B0-68A4-45B3-9A8A-392AD18290D3};fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• HijackThis Log
  
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[hobbyfotograaf]

Ik krijg zoek niet open als ik het dus open komt er een snelkoppeling en al ik dit open krijg ik een dos venster

[hobbyfotograaf]

Zoek.exe v5.0.0.0 Updated 18-December-2013

Tool run by Optiplex on za 21/12/2013 at 1:23:11,04.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Optiplex\Desktop\zoek.com [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

21/12/2013 1:24:47 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\File Scavenger deleted successfully

C:\PROGRA~2\PC Drivers HeadQuarters deleted successfully

C:\PROGRA~2\Recode Media deleted successfully

C:\PROGRA~2\Softinterface, Inc deleted successfully

C:\PROGRA~2\Solveig Multimedia deleted successfully

C:\PROGRA~2\SuRf oanD, keEp deleted successfully

C:\PROGRA~2\VS Revo Group deleted successfully

C:\PROGRA~2\Winamp deleted successfully

C:\PROGRA~2\COMMON~1\PC Tools deleted successfully

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully

C:\ProgramData\AKLogData64 deleted successfully

C:\ProgramData\Driver Whiz deleted successfully

C:\ProgramData\Elcomsoft Password Recovery deleted successfully

C:\ProgramData\ioloGovernor deleted successfully

C:\ProgramData\Karen's Power Tools deleted successfully

C:\ProgramData\kprologs deleted successfully

C:\ProgramData\Local Settings deleted successfully

C:\ProgramData\Media Get LLC deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\PC Drivers HeadQuarters deleted successfully

C:\ProgramData\QuickTime deleted successfully

C:\ProgramData\SuRf oanD, keEp deleted successfully

C:\ProgramData\TamoSoft deleted successfully

C:\ProgramData\TuneUp360 deleted successfully

C:\ProgramData\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE} deleted successfully

C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F} deleted successfully

C:\Users\Optiplex\AppData\Roaming\FireArc Arcade deleted successfully

C:\Users\Optiplex\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\Optiplex\AppData\Roaming\Spesoft Image Converter deleted successfully

C:\Users\Optiplex\AppData\Roaming\TeamViewer deleted successfully

C:\Users\Optiplex\AppData\Roaming\ZoomBrowser EX deleted successfully

==== Creating Sample_20132112_0143.zip ======================

Copied file C:\Users\Optiplex\esetsmartinstaller_enu.exe to sample\esetsmartinstaller_enu.exe

sample\esetsmartinstaller_enu.exe renamed to E8D3E34FFDAF21DF7C09CBBBA5763237

C:\Users\Public\Desktop\sample_20132112_0143.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{A823A630-78C6-4637-AF80-AEDCA5BB74C1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Printer Control deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Printer Control deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.facebook.com/hobbyfotograaf");

user_pref("browser.search.defaulturl", "");

user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\prefs.js:

ProfilePath: C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20132112_0147_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\SuRf oanD, keep not found

C:\Program Files (x86)\SuRf oanD, keep not found

C:\Users\Optiplex\AppData\Local\{F60083B0-68A4-45B3-9A8A-392AD18290D3} not found

C:\ProgramData\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE} not found

C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F} not found

C:\PROGRA~2\Yahoo not found

C:\Users\Optiplex\AppData\Roaming\Yahoo not found

C:\ProgramData\Yahoo not found

"C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\firefox@glind orus.net.xpi" not found

C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\s0sc3fqxz@ls-xm.com deleted

C:\Program Files (x86)\iSafe deleted

C:\Users\Optiplex\AppData\Roaming\iSafe deleted

C:\found.000 deleted

C:\ProgramData\5a77797519338ba3 deleted

C:\ProgramData\InstallMate deleted

C:\PROGRA~2\FoxTabPDFConverter deleted

C:\PROGRA~2\File Type Assistant deleted

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\PROGRA~2\SpeedyPC Software deleted

C:\PROGRA~2\TorrentHandler deleted

C:\PROGRA~2\Toolbar Cleaner deleted

C:\PROGRA~2\COMMON~1\SpeedyPC Software deleted

C:\extensions deleted

C:\User Data\Default\Extensions deleted

C:\Users\Optiplex\AppData\Roaming\GoforFiles deleted

C:\Users\Optiplex\AppData\Roaming\SpeedyPC Software deleted

C:\Users\Optiplex\AppData\Roaming\ParetoLogic deleted

C:\Users\Optiplex\AppData\Roaming\DriverCure deleted

C:\ProgramData\svcdotnet.txt deleted

C:\ProgramData\whlb32g.dll deleted

C:\ProgramData\SpeedyPC Software deleted

C:\ProgramData\ParetoLogic deleted

C:\ProgramData\ICQ deleted

C:\ProgramData\SearchOnline deleted

C:\ProgramData\Package Cache deleted

C:\Users\Optiplex\AppData\Local\FileTypeAssistant deleted

C:\Users\Optiplex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software deleted

C:\Users\Optiplex\AppData\LocalLow\surfcanyon deleted

C:\Users\Optiplex\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted

C:\Windows\wininit.ini deleted

C:\windows\SysNative\Tasks\GoforFilesUpdate deleted

C:\Windows\tasks\SpeedyPC Pro.job deleted

C:\Windows\tasks\SpeedyPC Registration3.job deleted

C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job deleted

C:\Windows\tasks\SpeedyPC Update Version3.job deleted

C:\user.js deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\firefox@glindorus.net.xpi deleted

C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\FVD Toolbar deleted

C:\Users\Optiplex\esetsmartinstaller_enu.exe deleted

"C:\Users\Optiplex\AppData\Roaming\fHhd7tgd1kH7" deleted

"C:\Users\Optiplex\AppData\Roaming\Ditto\Ditto.db" not deleted

"C:\Users\Optiplex\AppData\Roaming\Ditto" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-12-20 02:57:10 649FAB7A4EA865886980D4B2FDFA04C1 5067472 ----a-w- C:\Windows\uninst.exe

2013-12-19 13:49:21 DE7ECC022151ACB7375F09C5417E7425 74703 ----a-w- C:\Windows\SysWOW64mfc45.dll

====== C:\Users\Optiplex\AppData\Local\Temp ====

2013-12-20 20:18:26 0AD28C88864D3DEB357CE201228A9987 12800 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\f9o4n1zw.dll

2013-12-20 12:05:29 4891CF0EE1A39EDB81299FE6FC0AB903 9057960 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\13bbd9e6-8bfd-4be4-ad0d-336d829fee24\yac.exe

2013-12-20 02:49:27 345A019010385872A4B3B545429FECC9 36864 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\7feze4h9.dll

2013-12-20 01:48:27 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-12-20 00:12:15 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe

2013-12-20 00:09:25 6AFD195573837B81BF6548357F72BD6A 1069568 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\install_reader11_nl_mssd_aaa_aih.exe

2013-12-19 23:25:55 6C2517362F2C436D93E8EE6FDEA7725B 608208 ----a-w- C:\Users\Optiplex\AppData\Local\Temp\xcrashreport\XCrashReport.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2013-12-20 21:46:39 52F99C6DA5A2E41C6C090963277D0EFD 60028 ----a-w- C:\Windows\SysWOW64\MyDefrag.dat

2013-12-19 13:49:55 23D2EFCB9063056F7C55A63A7BA6DD14 74703 ----a-w- C:\Windows\SysWOW64\mfc45.dat

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-12-19 13:59:05 BF7E3A603CA922B25B81DFA503827A11 406 ----a-w- C:\Windows\Sysnative\ioloBootDefrag.cfg

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2013-12-19 13:51:38 89B32AC8FE97B590FA337F1C2316CA03 3118 ----a-w- C:\Windows\Sysnative\Tasks\iolo Process Governor

2013-12-19 11:56:41 1F21B2F03FA577558EF3AD0D84A25FF5 3026 ----a-w- C:\Windows\Sysnative\Tasks\SlimCleaner Run

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-12-19 21:05:06 -------- d-----w- C:\Program Files\POP Peeper

2013-12-15 00:15:08 -------- d-----w- C:\Program Files\Common Files\Lavasoft

2013-12-13 19:04:01 -------- d-----w- C:\Program Files\eysy photo effects

======= C:\PROGRA~2 =====

2013-12-20 17:40:48 -------- d-----w- C:\PROGRA~2\NirSoft

2013-12-19 21:43:09 -------- d-----w- C:\PROGRA~2\POP Peeper

2013-12-11 19:19:11 -------- d-----w- C:\PROGRA~2\Photo!

2013-12-10 14:02:59 -------- d-----w- C:\PROGRA~2\gs

2013-11-28 19:44:42 -------- d-----w- C:\PROGRA~2\Picture Collage Maker Pro

======= C: =====

2013-12-21 00:23:08 546DBD55D8152BED94AE43204317AEA5 3565 ----a-w- C:\runcheck.txt

====== C:\Users\Optiplex\AppData\Roaming ======

2013-12-20 17:40:59 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ProduKey

2013-12-20 16:58:14 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool

2013-12-20 16:57:42 -------- d-----w- C:\Users\Optiplex\AppData\Local\Apps

2013-12-19 21:30:41 620152D4BD4B205F8E0715EDAF45831B 7649 ----a-w- C:\Users\Optiplex\AppData\Local\Resmon.ResmonCfg

2013-12-19 13:52:54 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\iolo

2013-12-19 12:35:38 43FB4C661E06114B9298196757EFB088 133200 ----a-w- C:\Users\Optiplex\AppData\Local\GDIPFONTCACHEV1.DAT

2013-12-15 00:15:41 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\Lavasoft

2013-12-10 18:55:47 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\NCH Software

2013-12-03 19:52:12 -------- d-----w- C:\Users\Optiplex\AppData\Local\ALLPlayer

2013-12-03 19:47:30 -------- d-----w- C:\Users\Optiplex\AppData\Local\Packages

2013-12-03 19:47:29 -------- d-----w- C:\Users\Optiplex\AppData\Locallow\{D8502D19-2446-DBDF-60C6-AA5BB206E5CC}

2013-11-28 19:08:14 -------- d-----w- C:\Users\Optiplex\AppData\Roaming\PearlMountainSoft

2013-11-22 19:12:35 -------- d-----w- C:\Users\Optiplex\AppData\Local\MetaGeek,_LLC

====== C:\Users\Optiplex ======

2013-12-20 21:00:41 8B968045D75783A09592C3105F2865DA 688992 ----a-r- C:\Users\Optiplex\virus\dds.com

2013-12-20 02:56:50 -------- d-----w- C:\ProgramData\PC1Data

2013-12-19 13:04:45 -------- d-----w- C:\Users\Public\Lavasoft

2013-12-19 11:56:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner

2013-12-16 20:08:54 -------- d-----w- C:\Users\Optiplex\pc geluiden

2013-12-16 19:19:56 775DC34BDC921DC3F79E229F348C046C 1143 ----a-w- C:\Users\Public\PC Pitstop Bandwidth Speed Test.url

2013-12-16 19:05:13 8E6BC20092810B46590FDDC6D4914A82 213 ----a-w- C:\Users\Public\Speedtest.net by Ookla - De wereldwijde breedband snelheidstest.URL

2013-12-13 21:49:48 -------- d-----w- C:\Users\Optiplex\lettertypes

2013-12-11 14:12:38 6175AE5AA5802E139910DE6A7C185638 7687325 ----a-w- C:\Users\Public\Naamloos-12-2-2.jpg

2013-11-28 19:45:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker Pro

2013-11-28 19:08:14 -------- d-----w- C:\ProgramData\PearlMountainSoft

====== C: exe-files ==

2013-12-20 20:37:24 46E8752BC8530D59486F416B4B6775F0 3885984 ----a-w- C:\Documents and Settings\Optiplex\Desktop\Downloads\drivermax.exe

2013-12-20 17:41:00 C7BF1BB1C5C5007BDEAEE1B797C61C9C 47777 ----a-w- C:\Program Files (x86)\NirSoft\ProduKey\uninst.exe

2013-12-20 16:58:03 644C74FC96FB068005ABDBD309263018 119808 ----a-r- C:\Documents and Settings\Optiplex\Application Data\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe

2013-12-20 16:58:03 644C74FC96FB068005ABDBD309263018 119808 ----a-r- C:\Documents and Settings\Optiplex\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe

2013-12-20 16:25:43 AF911BE206423BF440EA9D4DF075A632 2721168 ----a-w- C:\Documents and Settings\Optiplex\Desktop\Downloads\Windows 7 SP1 x64\Windows 7 ISO To USB - Flash Tool\Windows 7 ISO To USB - Flash Tool.exe

2013-12-20 12:05:29 4891CF0EE1A39EDB81299FE6FC0AB903 9057960 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\13bbd9e6-8bfd-4be4-ad0d-336d829fee24\yac.exe

2013-12-20 12:05:29 4891CF0EE1A39EDB81299FE6FC0AB903 9057960 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\13bbd9e6-8bfd-4be4-ad0d-336d829fee24\yac.exe

2013-12-20 01:48:27 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\erunt\ERUNT.EXE

2013-12-20 01:48:27 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-12-20 00:12:15 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe

2013-12-20 00:12:15 3F512AF8DB108FCA028BA731CE0B4700 224408 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe

2013-12-20 00:10:24 90D22256AE799A99FE33953957F984FC 38517904 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Adobe\AIH.467520035d25db6e8cc2396c484496889d6a64b5\AdbeRdr11000_nl_NL.exe

2013-12-20 00:10:24 90D22256AE799A99FE33953957F984FC 38517904 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Adobe\AIH.467520035d25db6e8cc2396c484496889d6a64b5\AdbeRdr11000_nl_NL.exe

2013-12-20 00:09:47 AD6274FC24DF32A8433FDC7969CD5AD3 121856 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Adobe\AIH.467520035d25db6e8cc2396c484496889d6a64b5\gccheck.exe

2013-12-20 00:09:47 AD6274FC24DF32A8433FDC7969CD5AD3 121856 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Adobe\AIH.467520035d25db6e8cc2396c484496889d6a64b5\gccheck.exe

2013-12-20 00:09:25 6AFD195573837B81BF6548357F72BD6A 1069568 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\install_reader11_nl_mssd_aaa_aih.exe

2013-12-20 00:09:25 6AFD195573837B81BF6548357F72BD6A 1069568 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\install_reader11_nl_mssd_aaa_aih.exe

2013-12-19 23:25:55 6C2517362F2C436D93E8EE6FDEA7725B 608208 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\xcrashreport\XCrashReport.exe

2013-12-19 23:25:55 6C2517362F2C436D93E8EE6FDEA7725B 608208 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\xcrashreport\XCrashReport.exe

2013-12-19 21:43:09 68392A19E5D5A30CED983F15198C1AAB 46708 ----a-w- C:\Program Files (x86)\POP Peeper\Uninstall.exe

2013-12-19 21:05:08 68392A19E5D5A30CED983F15198C1AAB 46708 ----a-w- C:\Program Files\POP Peeper\Uninstall.exe

2013-12-19 21:05:06 CCCE51A85D1BA455FC789EFF3A9CF97B 1613824 ----a-w- C:\Program Files\POP Peeper\POPPeeper.exe

2013-12-19 13:05:47 87088212EBEE2FF8CBB6B8EAE6B871FE 150888 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe

2013-12-19 13:05:46 1AD052C6F21D226B10E01000F6072EB1 395112 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe

2013-12-19 13:05:14 10100B9927B7DF47AFC1BCE3ED57E92C 443224 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe

2013-12-19 13:05:12 4BC7572FD77F4D0D3C0339040FA1B490 2043760 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe

2013-12-19 13:05:10 2F7E916024A2E774037B851D18EF8E10 2274672 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe

2013-12-19 13:05:09 F566CCC5887DC51FDF096F41413B9D5C 853336 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\threatwork.exe

2013-12-19 13:05:04 3B8A88F01D0548FD4D056202D5F0453C 15688 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\lsdelete.exe

2013-12-19 13:05:03 3B4173353D76E736C3CE064756AC4C64 1815920 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Download Guard for Internet Explorer.exe

2013-12-19 13:04:50 DE71F39D76B4F9C856AF3503C5BEC4A8 806264 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Ad-AwareCommand.exe

2013-12-19 13:04:49 F6EF9FC0B5D11231909D049F6B100169 805736 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

2013-12-19 13:04:48 77602A082D62D6ACDA00299A5F73A469 1437000 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Ad-Aware.exe

2013-12-19 13:04:47 8E374F572AAB2A30E3F2FD4E56B678D0 778072 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\AAWTray.exe

2013-12-19 13:04:47 3265FD334C4870F785973CB1E5AAC088 707704 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\AAWWSC.exe

2013-12-19 13:04:46 8DEFDEFD8E46216A61C69458B40D1043 1169232 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\AAWService.exe

2013-12-16 23:04:49 B8B9560A00A3DB97A094A42D5D7D8B09 21759496 ----a-w- C:\Program Files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\7.1.2.2041\GoogleEarth-Win-Plugin-7.1.2.2041.exe

=== C: other files ==

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\Public\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:43:57 AF0D0DC2ED8444792BBCD04127E2AA15 477663 ----a-w- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Desktop\sample_20132112_0143.zip

2013-12-21 00:21:53 181ACFD2B1C180B71BEE42A2AAB9BB7C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3914006647-1630085638-4196342802-1000\$IJEJB05.com

2013-12-21 00:19:05 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\scripttest.vbs

2013-12-21 00:19:05 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\scripttest.vbs

2013-12-20 21:05:28 E6AA356DDA550BB9DC1A57EA73644C7E 579031 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Innovative Solutions\DriverMax\Backup\48962cf8723222e670e50a12674608e5.zip

2013-12-20 21:05:28 E6AA356DDA550BB9DC1A57EA73644C7E 579031 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Innovative Solutions\DriverMax\Backup\48962cf8723222e670e50a12674608e5.zip

2013-12-20 21:04:54 06BB9AAFE663C884052ABFE76236F380 269820 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Innovative Solutions\DriverMax\Backup\27473f02629ef0b47fde8c24932e8840.zip

2013-12-20 21:04:54 06BB9AAFE663C884052ABFE76236F380 269820 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Innovative Solutions\DriverMax\Backup\27473f02629ef0b47fde8c24932e8840.zip

2013-12-20 21:04:39 7F694F9CD5D218AB390DEF75731B746B 152236 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Innovative Solutions\DriverMax\Backup\866ea6d2f1f5934af0574e153eeb90ec.zip

2013-12-20 21:04:39 7F694F9CD5D218AB390DEF75731B746B 152236 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Innovative Solutions\DriverMax\Backup\866ea6d2f1f5934af0574e153eeb90ec.zip

2013-12-20 21:04:25 D54A7F0432C8B45C9B020362D062E95B 1711258 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Innovative Solutions\DriverMax\Backup\645cb24e30121f2e84ef3b6f36c777f9.zip

2013-12-20 21:04:25 D54A7F0432C8B45C9B020362D062E95B 1711258 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Innovative Solutions\DriverMax\Backup\645cb24e30121f2e84ef3b6f36c777f9.zip

2013-12-20 21:00:41 8B968045D75783A09592C3105F2865DA 688992 ----a-r- C:\Documents and Settings\Optiplex\virus\dds.com

2013-12-20 01:48:23 FDB9CF820305FE44231763042642F7A6 12733 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\searchlnk.bat

2013-12-20 01:48:23 FDB9CF820305FE44231763042642F7A6 12733 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\searchlnk.bat

2013-12-20 01:48:23 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\modules.bat

2013-12-20 01:48:23 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\modules.bat

2013-12-20 01:48:23 BF94ACE8571A5324A5B9D0B49932A9B8 10261 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\JRT.bat

2013-12-20 01:48:23 BF94ACE8571A5324A5B9D0B49932A9B8 10261 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\JRT.bat

2013-12-20 01:48:23 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\FWPolicy.bat

2013-12-20 01:48:23 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\FWPolicy.bat

2013-12-20 01:48:23 B5FB2F0EBA361E63C485CD74644562B2 16063 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\get.bat

2013-12-20 01:48:23 B5FB2F0EBA361E63C485CD74644562B2 16063 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\get.bat

2013-12-20 01:48:23 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\ask.bat

2013-12-20 01:48:23 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\ask.bat

2013-12-20 01:48:23 90DEA8FB8E2BFEA1480C79570E2D8993 150811 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\firefox.bat

2013-12-20 01:48:23 90DEA8FB8E2BFEA1480C79570E2D8993 150811 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\firefox.bat

2013-12-20 01:48:23 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\ev_clear.bat

2013-12-20 01:48:23 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\ev_clear.bat

2013-12-20 01:48:23 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\delorphans.bat

2013-12-20 01:48:23 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\delorphans.bat

2013-12-20 01:48:23 603595734D290C73FA40EDA1ACADF265 14973 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\chrome.bat

2013-12-20 01:48:23 603595734D290C73FA40EDA1ACADF265 14973 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\chrome.bat

2013-12-20 01:48:23 5E667097850E3974639654261B38BD6A 145199 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\misc.bat

2013-12-20 01:48:23 5E667097850E3974639654261B38BD6A 145199 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\misc.bat

2013-12-20 01:48:23 43A419C981AE28DE5AEC202BBA2A5CF1 37079 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\prelim.bat

2013-12-20 01:48:23 43A419C981AE28DE5AEC202BBA2A5CF1 37079 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\prelim.bat

2013-12-20 01:48:23 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\TDL4.bat

2013-12-20 01:48:23 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\TDL4.bat

2013-12-20 01:48:23 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\medfos.bat

2013-12-20 01:48:23 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\medfos.bat

2013-12-20 01:48:23 1277E771E8BF193B4C64BA5BAE6A424E 8398 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\runvalues.bat

2013-12-20 01:48:23 1277E771E8BF193B4C64BA5BAE6A424E 8398 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\runvalues.bat

2013-12-20 01:48:23 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\delfolders.bat

2013-12-20 01:48:23 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\delfolders.bat

2013-12-20 01:48:23 05B282816F9DB49C325A5D88ECF0D9A1 29932 ----a-w- C:\Documents and Settings\Optiplex\Local Settings\Temp\jrt\iexplore.bat

2013-12-20 01:48:23 05B282816F9DB49C325A5D88ECF0D9A1 29932 ----a-w- C:\Documents and Settings\Optiplex\AppData\Local\Temp\jrt\iexplore.bat

2013-12-19 13:05:47 A352CDB69AF6E18D60C0001D540D8478 69152 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Drivers\64\lbd.sys

2013-12-19 13:05:47 713CD5267ABFB86FE90A72E384E82A38 64288 ----a-w- C:\Documents and Settings\Public\Lavasoft\Ad-Aware\Drivers\32\lbd.sys

2013-12-16 22:08:18 8FFFDDEE573D63A575D303BB9127F5A3 1402477 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3914006647-1630085638-4196342802-1000\$RJEJB05.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3914006647-1630085638-4196342802-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"CGFLoader"="C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe"

"CalibrizeResume"="C:\Program Files (x86)\Calibrize\CalibrizeResume.exe"

"MCW Startup"="C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe /s /p"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Ditto"="C:\Program Files (x86)\Ditto\Ditto.exe"

"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"snp2uvc"="C:\Windows\vsnp2uvc.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CGFLoader"="C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe"

"CalibrizeResume"="C:\Program Files (x86)\Calibrize\CalibrizeResume.exe"

"MCW Startup"="C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe /s /p"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Ditto"="C:\Program Files (x86)\Ditto\Ditto.exe"

"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"snp2uvc"="C:\Windows\vsnp2uvc.exe"

"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

"PrintDisp"="C:\Windows\system32\PrintDisp.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Media Finder"

"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaners]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PC Cleaners"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\PC Cleaners\\PCCleaners.exe\" /minimize"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlusService]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PlusService"

"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\POP Peeper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="POP Peeper"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\POP Peeper\\POPPeeper.exe\" -min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpybotSD TeaTimer"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stealer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Stealer"

"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tsnp2uvc]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="tsnp2uvc"

"hkey"="HKLM"

"command"="C:\\Windows\\tsnp2uvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Web Freer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Web Freer"

"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YahooMessenger.exe]

"command"="\"C:\\Program Files (x86)\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

"item"="YahooMessenger.exe"

"hkey"="HKCU"

"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TurboNote.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TurboNote.lnk"

"backup"="C:\\Windows\\pss\\TurboNote.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~2\\TURBON~1\\tbnote.exe "

"item"="TurboNote"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Optiplex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Socialbox.lnk]

"path"="C:\\Users\\Optiplex\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Socialbox.lnk"

"backup"="C:\\Windows\\pss\\Socialbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~2\\SOCIAL~1\\SOCIAL~1.EXE "

"item"="Socialbox"

==== Startup Folders ======================

2013-09-09 20:37:02 1128 ----a-w- C:\Users\Optiplex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Clipboard Magic.lnk

2013-10-23 02:30:54 1234 ----a-w- C:\Users\Optiplex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office XP component.lnk

2013-12-10 21:52:29 1365 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FreeFileViewerUpdateChecker.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/06/2011 18:30]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/06/2011 18:30]

C:\Windows\tasks\{49031333-5454-49C4-B404-2ACA988422B3}.job --a------ C:\Program Files (x86)\internet explorer\iexplore.exe [21/11/2010 04:25]

C:\Windows\tasks\{B6A6F1A5-C3B3-47B1-A5CC-E57F256A3ECC}.job --a------ C:\Program Files (x86)\internet explorer\iexplore.exe [21/11/2010 04:25]

C:\Windows\tasks\{D89C8ECC-7C9D-4A5E-AD5F-766E79A678B2}.job --a------ C:\Program Files (x86)\internet explorer\iexplore.exe [21/11/2010 04:25]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\106a6420" [C:\Users\Optiplex\AppData\Local\Temp\\setup3736708528.exe]

"C:\Windows\SysNative\tasks\114b9100" [C:\Users\Optiplex\AppData\Local\Temp\\setup3751465616.exe]

"C:\Windows\SysNative\tasks\2cfbd1d0" [C:\Users\Optiplex\AppData\Local\Temp\\setup3799172048.exe]

"C:\Windows\SysNative\tasks\30787060" [C:\Users\Optiplex\AppData\Local\Temp\\setup3857668080.exe]

"C:\Windows\SysNative\tasks\34f05c40" [C:\Users\Optiplex\AppData\Local\Temp\\setup54503488.exe]

"C:\Windows\SysNative\tasks\5034" [wscript.exe C:\Users\Optiplex\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\SysNative\tasks\80dabf0" [C:\Users\Optiplex\AppData\Local\Temp\\setup3179582336.exe]

"C:\Windows\SysNative\tasks\923116e0" [C:\Users\Optiplex\AppData\Local\Temp\\setup1202191984.exe]

"C:\Windows\SysNative\tasks\93017260" [C:\Users\Optiplex\AppData\Local\Temp\\setup382180224.exe]

"C:\Windows\SysNative\tasks\9bb437f0" [C:\Users\Optiplex\AppData\Local\Temp\\setup1361780608.exe]

"C:\Windows\SysNative\tasks\a2e9dfc0" [C:\Users\Optiplex\AppData\Local\Temp\\setup1899572160.exe]

"C:\Windows\SysNative\tasks\a3974980" [C:\Users\Optiplex\AppData\Local\Temp\\setup1910934288.exe]

"C:\Windows\SysNative\tasks\b29e9470" [C:\Users\Optiplex\AppData\Local\Temp\\setup2163070464.exe]

"C:\Windows\SysNative\tasks\d5e3ee60" [C:\Users\Optiplex\AppData\Local\Temp\\setup1214129312.exe]

"C:\Windows\SysNative\tasks\ddbe4df0" [C:\Users\Optiplex\AppData\Local\Temp\\setup2886569856.exe]

"C:\Windows\SysNative\tasks\e8111890" [C:\Users\Optiplex\AppData\Local\Temp\\setup2226103840.exe]

"C:\Windows\SysNative\tasks\Express Files Updater" [C:\Program Files (x86)\ExpressFiles\EFupdater.exe]

"C:\Windows\SysNative\tasks\fe56c7c0" [C:\Users\Optiplex\AppData\Local\Temp\\setup3016601424.exe]

"C:\Windows\SysNative\tasks\FreeFileViewerUpdateChecker" [C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\iolo Process Governor" [C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe]

"C:\Windows\SysNative\tasks\ProgramUpdateCheck" [C:\Program Files (x86)\File Type Assistant\TSAssist.exe]

"C:\Windows\SysNative\tasks\RDReminder" [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe]

"C:\Windows\SysNative\tasks\RealCreateProcessScheduledTask93881S-1-5-21-3914006647-1630085638-4196342802-1000" [c:\program files (x86)\real\realplayer\update\realsched.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SlimCleaner Run" ["C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe"]

"C:\Windows\SysNative\tasks\Start Registry Reviver" [C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{EC030972-ABE8-42FC-B585-A204FBF9D9ED}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\{093469B8-7F0F-4700-964F-4658F61CC4E3}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.5.0.107/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{0CD1613C-03F5-426C-92A8-11DC7F75C1C1}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{10CA0168-9504-4579-8ED7-EAD5CCCBD4FE}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

"C:\Windows\SysNative\tasks\{2776610A-9A5B-4D22-8CEF-08BD42B6169D}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/en/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{296F2B5B-A427-41B2-A891-B46C9054E024}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Skype - Free internet calls and online cheap calls to phones and mobiles

"C:\Windows\SysNative\tasks\{2BA4A570-38A4-48F3-9752-1F6CD8922D72}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.5.0.107/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{32A721C2-0526-472A-A0F9-073F09E3DA05}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{371FAB42-D9F0-459A-881B-E99A54053F3A}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

"C:\Windows\SysNative\tasks\{3BD09982-892E-4C48-BC0A-F52FCAB73DAA}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Skype - Free internet calls and online cheap calls to phones and mobiles

"C:\Windows\SysNative\tasks\{404B4D83-4813-48C1-97A8-D3F5B1D2777F}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{432E1657-5922-4F5A-AFDE-B668889E0593}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{54482750-EC56-4B59-A4A8-7964EC3FA91B}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{5DBD13EF-A1AD-4D05-8EF8-395C6AECC7D6}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{6422A2BA-3725-488B-83E4-260AFB5331DF}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Skype - Free internet calls and online cheap calls to phones and mobiles

"C:\Windows\SysNative\tasks\{7E70E258-E5CA-4119-B2A1-499910163C15}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Skype - Free internet calls and online cheap calls to phones and mobiles

"C:\Windows\SysNative\tasks\{84CF4EF5-1960-47C4-8693-BFDDE9213EF1}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{89233F27-DBDA-489E-B2BC-6E7D6FD015F4}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux*?*Skype

"C:\Windows\SysNative\tasks\{896D1103-3E94-46D9-97ED-F3DF8D6E4699}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.5.0.107/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{A1312115-EB68-4FE3-8B14-0E7571C43C77}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{A1FE9B45-47FE-4650-A59D-46E544F1B02E}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{A23C143C-1E4D-4F87-98F5-EDA027D5C257}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{A66036C1-A57A-4301-94BE-1F6DCB4C61D1}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.5.0.107/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{AAC57A11-217E-484A-A8F3-5F99AF854B65}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.6.0.110/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{AC21BEE4-82ED-4356-A391-E3E42BC0DB64}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{B5561EDC-6B98-4F67-8C9A-891BA7BE4915}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{C04CA0F8-3FFE-4A5A-AAEA-1B8A4CA31AAA}" ["c:\program files (x86)\internet explorer\iexplore.exe" ]Skype - Free internet calls and online cheap calls to phones and mobiles

"C:\Windows\SysNative\tasks\{C1D09BEF-AB12-4CD8-86AF-62B9822521D0}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

"C:\Windows\SysNative\tasks\{C3C5DA2C-73B4-4F4F-916A-FF309C750284}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?source=lightinstaller&LastError=1603]

"C:\Windows\SysNative\tasks\{C7CE16C3-672B-4E1B-B014-EE6330101DDF}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{CB9A1ECC-C47E-4456-A6F2-AD5E1E8770CC}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.6.0.110/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{D5C85A7B-2EBE-4F9A-AEED-7F56D9EDDDAC}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{E4AAC0BC-0199-48AB-AC1F-C9D463338791}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{F017F10F-A25C-46B8-BDEC-E58DE3F168E8}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\{F8D257FA-1E45-4C40-89C3-FC98C0E9DAE3}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.456/nl/go/help.faq.installer?LastError=1603]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [17/07/2011 23:13]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default

- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

- IE Tab - %ProfilePath%\extensions\coralietab@mozdev.org

- NetVideoHunter - %ProfilePath%\extensions\netvideohunter@netvideohunter.com

- IE Tab - %ProfilePath%\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}

- PlainOldFavorites - %ProfilePath%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}

- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

- Add Bookmark Here - %ProfilePath%\extensions\abhere2@moztw.org.xpi

- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi

- Social Fixer - %ProfilePath%\extensions\betterfacebook@mattkruse.com.xpi

- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi

- YouTube mp3 - %ProfilePath%\extensions\info@youtube-mp3.org.xpi

- Easy YouTube to MP3 Converter - %ProfilePath%\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi

- Youtube Downloader - Media Downloader - %ProfilePath%\extensions\paulsaintuzb@gmail.com.xpi

- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

- YouTube to MP3 - %ProfilePath%\extensions\youtube2mp3@mondayx.de.xpi

- Undetermined - %ProfilePath%\extensions\{76cd4188-5046-11dc-8314-0800200c9a66}.xpi

- Header Spy - %ProfilePath%\extensions\{9efe12fc-8e7b-41dc-917e-b9341daa31e0}.xpi

- Bookmark All - %ProfilePath%\extensions\{a76cd07b-f0d7-4ef9-9566-8faef6e290e4}.xpi

- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

- Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi

- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- ImageTweak - %ProfilePath%\extensions\{DB2EA31C-58F5-48b7-8D60-CB0739257904}.xpi

- Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- DesktopSync - %AppDir%\extensions\{C8FEEBE8-43E8-11E0-AA39-0786DFD72085}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default

F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash

215BBC07AAD6CB4772D2A1CA5E048C37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit)

8F323545429C457FE6F8CED13E62AB3D - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

99F97C9FE748C37528C338A423577FCB - C:\Users\Optiplex\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aacbndibbcpajfgnkdkaakeiojmmgmnk - No path found[]

icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[17/07/2011 23:13]

jpihmmhdcobmllpcnpfbhnipmhamldje - No path found[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Optiplex\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[26/10/2012 21:36]

siurf aAand uKeep - Optiplex - Default\Extensions\pggnmggacfaajmolbakcidokgbnkhalh

==== Chrome Fix ======================

C:\Users\Optiplex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pggnmggacfaajmolbakcidokgbnkhalh deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.facebook.com/emilie.mertens.92"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.facebook.com/emilie.mertens.92"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1D753528-2EDE-4626-A70F-42C81CDEC52C} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{B4256A29-DF52-40B2-8E52-C94BCFCAFEA3} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Finder deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Cleaners deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stealer deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Freer deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YahooMessenger.exe deleted successfully

==== HijackThis Entries ======================

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/emilie.mertens.92

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe

O4 - HKCU\..\Run: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe

O4 - HKCU\..\Run: [MCW Startup] "C:\Program Files (x86)\Monitor Calibration Wizard\MCW.exe" /s /p

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Ditto] C:\Program Files (x86)\Ditto\Ditto.exe

O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min

O4 - HKLM\..\Policies\Explorer\Run: [60194] C:\PROGRA~3\LOCALS~1\Temp\mszxveu.com

O4 - Startup: Clipboard Magic.lnk = C:\Program Files (x86)\Clipboard Magic\ClipboardMagic.exe

O4 - Startup: Microsoft Office XP component.lnk = C:\Program Files (x86)\Microsoft Office\Office10\MSOFFICE.EXE

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Optiplex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Optiplex\Local Settings\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Optiplex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Optiplex\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Optiplex\AppData\Local\Mozilla\Firefox\Profiles\nqo2byq0.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\magic\AppData\Local\Temp emptied successfully

C:\Users\Public\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Optiplex\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Optiplex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Optiplex\AppData\Roaming\Ditto\Ditto.db" not found

"C:\Users\Optiplex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Optiplex\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Optiplex\AppData\Roaming\Ditto" not found

==== EOF on za 21/12/2013 at 2:13:09,75 ======================

21 december 2013 aangepast door kape
dubbellog verwijderd

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder];r64
 C:\Windows\tasks\FreeFileViewerUpdateChecker.job;f
 C:\Windows\SysNative\tasks\0;fs
 C:\Windows\SysNative\tasks\114b9100;fs 
 C:\Windows\SysNative\tasks\2cfbd1d0;fs 
 C:\Windows\SysNative\tasks\30787060;fs 
 C:\Windows\SysNative\tasks\34f05c40;fs 
 C:\Windows\SysNative\tasks\5034;
 C:\Windows\SysNative\tasks\80dabf0;fs
 C:\Windows\SysNative\tasks\923116e0;fs 
 C:\Windows\SysNative\tasks\93017260;fs 
 C:\Windows\SysNative\tasks\9bb437f0;fs 
 C:\Windows\SysNative\tasks\a2e9dfc0;fs 
 C:\Windows\SysNative\tasks\a3974980;fs 
 C:\Windows\SysNative\tasks\b29e9470;fs 
 C:\Windows\SysNative\tasks\d5e3ee60;fs 
 C:\Windows\SysNative\tasks\ddbe4df0;fs 
 C:\Windows\SysNative\tasks\e8111890;fs 
 C:\Windows\SysNative\tasks\fe56c7c0;fs 
 C:\Windows\SysNative\tasks\FreeFileViewerUpdateChecker;fs
 C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi;f
 Aacbndibbcpajfgnkdkaakeiojmmgmnk;s
 Jpihmmhdcobmllpcnpfbhnipmhamldje;s
 Lifbcibllhkdhoafpjfnlhfpfgnpldfl;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaners];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlusService];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stealer];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Web Freer];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YahooMessenger.exe];r64
 {91774881-D725-4E58-B298-07617B9B86A8};c
 autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[hobbyfotograaf]

Zoek.exe v5.0.0.0 Updated 18-December-2013

Tool run by Optiplex on za 21/12/2013 at 14:48:15,80.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Optiplex\AppData\Local\Temp\wzed5a\zoek.com [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-21-011309.log 70410 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Cleaners]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlusService]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stealer]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Web Freer]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YahooMessenger.exe]

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Yahoo not found

C:\Users\Optiplex\AppData\Roaming\Yahoo not found

C:\ProgramData\Yahoo not found

C:\Windows\SysNative\tasks\0 deleted

C:\Windows\SysNative\tasks\114b9100 deleted

C:\Windows\SysNative\tasks\2cfbd1d0 deleted

C:\Windows\SysNative\tasks\30787060 deleted

C:\Windows\SysNative\tasks\34f05c40 deleted

C:\Windows\SysNative\tasks\80dabf0 deleted

C:\Windows\SysNative\tasks\923116e0 deleted

C:\Windows\SysNative\tasks\93017260 deleted

C:\Windows\SysNative\tasks\9bb437f0 deleted

C:\Windows\SysNative\tasks\a2e9dfc0 deleted

C:\Windows\SysNative\tasks\a3974980 deleted

C:\Windows\SysNative\tasks\b29e9470 deleted

C:\Windows\SysNative\tasks\d5e3ee60 deleted

C:\Windows\SysNative\tasks\ddbe4df0 deleted

C:\Windows\SysNative\tasks\e8111890 deleted

C:\Windows\SysNative\tasks\fe56c7c0 deleted

C:\Windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted

"C:\Windows\tasks\FreeFileViewerUpdateChecker.job" deleted

"C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [17/07/2011 23:13]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default

- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

- IE Tab - %ProfilePath%\extensions\coralietab@mozdev.org

- NetVideoHunter - %ProfilePath%\extensions\netvideohunter@netvideohunter.com

- IE Tab - %ProfilePath%\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}

- PlainOldFavorites - %ProfilePath%\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}

- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

- Add Bookmark Here - %ProfilePath%\extensions\abhere2@moztw.org.xpi

- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi

- Social Fixer - %ProfilePath%\extensions\betterfacebook@mattkruse.com.xpi

- anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi

- Downloads in Tab - %ProfilePath%\extensions\downintab@max.max.xpi

- YouTube mp3 - %ProfilePath%\extensions\info@youtube-mp3.org.xpi

- Easy YouTube to MP3 Converter - %ProfilePath%\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi

- Youtube Downloader - Media Downloader - %ProfilePath%\extensions\paulsaintuzb@gmail.com.xpi

- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

- YouTube to MP3 - %ProfilePath%\extensions\youtube2mp3@mondayx.de.xpi

- Undetermined - %ProfilePath%\extensions\{76cd4188-5046-11dc-8314-0800200c9a66}.xpi

- Header Spy - %ProfilePath%\extensions\{9efe12fc-8e7b-41dc-917e-b9341daa31e0}.xpi

- Bookmark All - %ProfilePath%\extensions\{a76cd07b-f0d7-4ef9-9566-8faef6e290e4}.xpi

- Abduction - %ProfilePath%\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi

- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- ImageTweak - %ProfilePath%\extensions\{DB2EA31C-58F5-48b7-8D60-CB0739257904}.xpi

- Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- DesktopSync - %AppDir%\extensions\{C8FEEBE8-43E8-11E0-AA39-0786DFD72085}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Optiplex\AppData\Roaming\Mozilla\Firefox\Profiles\nqo2byq0.default

F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash

215BBC07AAD6CB4772D2A1CA5E048C37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit)

8F323545429C457FE6F8CED13E62AB3D - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

99F97C9FE748C37528C338A423577FCB - C:\Users\Optiplex\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[17/07/2011 23:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Optiplex\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[26/10/2012 21:36]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.facebook.com/emilie.mertens.92"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.facebook.com/emilie.mertens.92"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1D753528-2EDE-4626-A70F-42C81CDEC52C} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{B4256A29-DF52-40B2-8E52-C94BCFCAFEA3} Bing Url="http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Optiplex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Optiplex\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Optiplex\AppData\Local\Mozilla\Firefox\Profiles\nqo2byq0.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\magic\AppData\Local\Temp emptied successfully

C:\Users\Public\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Optiplex\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Optiplex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Optiplex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Optiplex\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on za 21/12/2013 at 15:29:59,36 ======================

Als ik een internet pagania of een map ofzo dan scrolt hij automatich naar beneden (dit is sinds vandaag)

Bestanden openen nog heel traag (zodra ze open zijn werken ze naar behoren)

enkele programmas zo als snipper tool enzo moet ik opnieuw instaleren

Als ik iets wil verslepen van map nar map is dit traag en slaat pc soms enkele seconden vast

windows update gaat niet (zie onderstaan screen)

als ik op apparaat beheer klik krijg ik volgende fout melding (zie screen onderaan)

silverlight kan ik niet instaleren af en toe vraagt een pagina dit te doen (zie screen onderaan)

af en toe valt alles enkele seconden uit dus alle bureau mappen en onderstaande balk, dit komt vanzelf weer, maar alle openprogrammas zijn gestopt

al deze problemen zijn sinds drie dagen, daarvoor werkte alles perfect

het is begonnen met ik starte op en kreeg scherm pc is verkeerd afgesloten hij scande starte opnieuw op en gaf weer die melding, na drie keer starte hij dan toch op

en toen begon het, ook kreeg ik erna bij opstarten blouw scherm, ik heb toen een pc controle laten uitvoeren, en dit was verholpen.

Toen liet ik malware draaien en pc stond vol malware en van die rommel, malware kuiste dit op. maar sindsdien heb ik al deze probelem

[kape]

3 dagen geleden is het begonnen ... heb je misschien nog een herstelpunt dat ouder is dan 3 dagen ???

[hobbyfotograaf]

neen das juist het probleem en ook geen windows cd (zat niet bij de aankoop)

21 december 2013 aangepast door hobbyfotograaf

[hobbyfotograaf]

ik heb msdrm.dll file gezocht op internet en vervangen en tool wiz care laten draaien, alles werkt weer beter (ale hout vasthouden)

en tool wiz care laten draaien

enkel internet update nog niet en mmc module

[yordi4]

Even proberen om weer Cccleaner te downloaden. En anders moet je even Windows Firewall inschakelen en het daarmee te proberen.

22 december 2013 aangepast door kape
NIS-kopen verwijderd