Ga naar inhoud

Trage computer


YaraS

Aanbevolen berichten

Dag YaraS,

:welkom:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Beheerder at 2014-01-15 13:24:02

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 256 GB (84%) free of 305 GB

Total RAM: 2814 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:26:01, on 15/01/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\SweetIM\Messenger\SweetIM.exe

C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\CyberLink\YouCam\YouCamService.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\spotify.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Beheerder\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\ehome\ehmsas.exe

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\Windows\System32\jmdp\stij.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Beheerder\Downloads\RSIT (1).exe

C:\Program Files\trend micro\Beheerder.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_12B37127E2CA8880166A4101AE41485D] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [spotify] "C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Beheerder\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 10890 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}]

Speed Analysis 2 - C:\Program Files\Speed Analysis 2\ScriptHost.dll [2013-05-30 382272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-27 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-12-15 471160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]

Related Searches - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-15 398968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-27 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]

{96A25A24-2E87-4374-8A50-CC6F943FCE4D} - Related Searches - C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll [2013-12-15 398968]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128]

{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-20 6265376]

"Skytel"=C:\Windows\Skytel.exe [2008-08-20 1833504]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-15 13543968]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-15 92704]

"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-11-16 3117384]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]

"Sweetpacks Communicator"=C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392]

"YouCam Service"=C:\Program Files\CyberLink\YouCam\YouCamService.exe [2013-03-05 263128]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"Spotify Web Helper"=C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-14 1171968]

"GoogleChromeAutoLaunch_12B37127E2CA8880166A4101AE41485D"=C:\Program Files\Google\Chrome\Application\chrome.exe [2013-12-04 863184]

"Facebook Update"=C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-10 138096]

"Spotify"=C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe [2014-01-14 6118400]

"AdobeBridge"= []

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Beheerder\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-15 13:24:03 ----D---- C:\Program Files\trend micro

2014-01-15 13:24:02 ----D---- C:\rsit

2014-01-07 07:29:09 ----D---- C:\Program Files\SkypeWebPlugin

2014-01-06 19:39:03 ----D---- C:\Program Files\SearchProtect

2014-01-06 19:36:41 ----D---- C:\Users\Beheerder\AppData\Roaming\uTorrent

2013-12-30 18:08:30 ----D---- C:\Windows\system32\jmdp

2013-12-28 07:40:42 ----D---- C:\Program Files\MSN Toolbar

2013-12-27 15:49:26 ----D---- C:\Windows\nl

2013-12-27 15:48:36 ----A---- C:\Windows\system32\drivers\fssfltr.sys

2013-12-27 15:38:53 ----D---- C:\Program Files\Bing Bar Installer

2013-12-27 15:38:45 ----A---- C:\Windows\system32\XAudio2_5.dll

2013-12-27 15:38:45 ----A---- C:\Windows\system32\XAPOFX1_3.dll

2013-12-27 15:38:45 ----A---- C:\Windows\system32\d3dx10_42.dll

2013-12-27 15:35:25 ----A---- C:\Windows\system32\webservices.dll

2013-12-27 15:28:57 ----D---- C:\ProgramData\Oracle

2013-12-27 15:28:54 ----D---- C:\Program Files\Common Files\Java

2013-12-27 15:28:42 ----A---- C:\Windows\system32\javaws.exe

2013-12-27 15:27:27 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2013-12-27 15:27:26 ----A---- C:\Windows\system32\javaw.exe

2013-12-27 15:27:26 ----A---- C:\Windows\system32\java.exe

2013-12-27 12:52:37 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2014-01-15 13:24:19 ----D---- C:\Windows\Prefetch

2014-01-15 13:24:11 ----D---- C:\Windows\Temp

2014-01-15 13:24:03 ----RD---- C:\Program Files

2014-01-15 13:21:04 ----D---- C:\Users\Beheerder\AppData\Roaming\Spotify

2014-01-15 08:31:42 ----D---- C:\Users\Beheerder\AppData\Roaming\Dropbox

2014-01-14 20:48:08 ----D---- C:\Windows\system32\Tasks

2014-01-14 17:04:38 ----D---- C:\Windows\System32

2014-01-14 17:04:37 ----D---- C:\Windows\inf

2014-01-14 17:04:37 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-13 21:55:00 ----D---- C:\Users\Beheerder\AppData\Roaming\vlc

2014-01-13 11:48:08 ----D---- C:\Windows\system32\catroot2

2014-01-12 20:53:41 ----SHD---- C:\System Volume Information

2014-01-08 22:00:04 ----D---- C:\Users\Beheerder\AppData\Roaming\Skype

2014-01-07 07:29:13 ----SHD---- C:\Windows\Installer

2013-12-30 17:33:12 ----D---- C:\Windows\system32\WNLT

2013-12-30 17:33:12 ----D---- C:\Windows\system32\ARFC

2013-12-29 11:12:40 ----A---- C:\Windows\system32\dmwu.exe

2013-12-29 11:08:00 ----A---- C:\Windows\system32\ImHttpComm.dll

2013-12-28 07:39:51 ----D---- C:\Program Files\Microsoft

2013-12-28 07:39:36 ----SD---- C:\ProgramData\Microsoft

2013-12-27 16:52:07 ----D---- C:\Windows\Microsoft.NET

2013-12-27 16:50:27 ----RSD---- C:\Windows\assembly

2013-12-27 15:49:34 ----D---- C:\Program Files\Windows Live

2013-12-27 15:49:26 ----D---- C:\Windows

2013-12-27 15:48:36 ----DC---- C:\Windows\system32\DRVSTORE

2013-12-27 15:48:36 ----D---- C:\Windows\system32\drivers

2013-12-27 15:41:31 ----RSD---- C:\Windows\Fonts

2013-12-27 15:41:24 ----D---- C:\Windows\winsxs

2013-12-27 15:40:18 ----D---- C:\Program Files\Common Files\microsoft shared

2013-12-27 15:38:14 ----D---- C:\Windows\Logs

2013-12-27 15:35:48 ----D---- C:\Windows\system32\nl-NL

2013-12-27 15:35:41 ----D---- C:\Windows\system32\catroot

2013-12-27 15:35:19 ----D---- C:\Program Files\Microsoft Office

2013-12-27 15:28:57 ----HD---- C:\ProgramData

2013-12-27 15:28:54 ----D---- C:\Program Files\Common Files

2013-12-27 15:10:36 ----D---- C:\Windows\system32\MRT

2013-12-27 13:59:43 ----SD---- C:\Windows\Downloaded Program Files

2013-12-27 12:52:34 ----D---- C:\Windows\system32\wbem

2013-12-27 12:51:51 ----D---- C:\Windows\system32\config

2013-12-27 12:51:44 ----D---- C:\Windows\Tasks

2013-12-27 12:51:44 ----D---- C:\Windows\system32\spool

2013-12-27 12:51:44 ----D---- C:\Windows\system32\Msdtc

2013-12-27 12:51:44 ----D---- C:\Windows\system32\CodeIntegrity

2013-12-27 12:51:41 ----D---- C:\Windows\registration

2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcr80.dll

2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcr100.dll

2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcp80.dll

2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcp100.dll

2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcm80.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-06-07 145440]

R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-11-16 169120]

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 103112]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 30272]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-20 2160792]

R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-15 7545824]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-01 14848]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-11-10 135680]

R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2013-12-16 2251552]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-06-13 107520]

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2012-11-16 913184]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-12-29 1488176]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-15 196608]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20 257416]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-06-26 655624]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-01-15 194032]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {18DBB6CE-3148-4FEC-B481-103CB3290427};c
 C:\Program Files\Speed Analysis 2;fs
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Beheerder\AppData\Roaming\DefaultTab;fs
 {96A25A24-2E87-4374-8A50-CC6F943FCE4D};c
 {EEE6C35C-6118-11DC-9C72-001320C79847};c
 C:\Program Files\SweetIM;fs
 {96A25A24-2E87-4374-8A50-CC6F943FCE4D};c
 SweetIM;s
 Sweetpacks Communicator;s
 CltMngSvc;s
 DefaultTabUpdate;s
 IBUpdaterService;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 "SweetIM"=-;r
 "Sweetpacks Communicator"=-;r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\SearchProtect;fs
 C:\Program Files\Bing Bar Installer;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 15-Januari-2014

Tool run by Beheerder on do 16/01/2014 at 8:32:30,27.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Beheerder\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

16/01/2014 8:34:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Beheerder\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\Beheerder\AppData\Roaming\PerformerSoft deleted successfully

C:\Users\Beheerder\AppData\Roaming\YourFileDownloader deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IBUpdaterService deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SweetIM"=-

"Sweetpacks Communicator"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files\Speed Analysis 2 deleted

C:\Users\Beheerder\AppData\Roaming\DefaultTab deleted

C:\Program Files\SearchProtect deleted

C:\Program Files\Bing Bar Installer deleted

"C:\Program Files\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files\SweetIM\Messenger\msvcr71.dll" deleted

"C:\Program Files\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Program Files\SweetIM" not deleted

"C:\Program Files\SweetIM\Communicator" not deleted

"C:\Program Files\SweetIM\Messenger" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\BEHEER~1\AppData\Local\Temp ====

2014-01-06 18:38:28 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Beheerder\AppData\Local\Temp\utt5267.tmp.exe

====== Java Cache =====

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

2013-12-27 14:48:36 D909075FA72C090F27AA926C32CB4612 39272 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

====== C:\Windows\Tasks ======

2014-01-12 19:48:04 7BA7C4A5FB7B1E8CEF4E8492C9850198 3804 ----a-w- C:\Windows\system32\Tasks\DTReg

2013-12-27 11:52:59 83C0C5F18F76CFDE0A92F9874FDBBFC0 3336 ----a-w- C:\Windows\system32\Tasks\BitGuard

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-15 12:24:03 -------- d-----w- C:\Program Files\trend micro

2014-01-07 06:29:09 -------- d-----w- C:\Program Files\SkypeWebPlugin

2013-12-28 06:40:42 -------- d-----w- C:\Program Files\MSN Toolbar

2013-12-27 14:28:54 -------- d-----w- C:\Program Files\Common Files\Java

======= C: =====

====== C:\Users\Beheerder\AppData\Roaming ======

2014-01-06 18:39:03 -------- d-----w- C:\Users\Beheerder\AppData\Local\SearchProtect

2014-01-06 18:36:41 -------- d-----w- C:\Users\Beheerder\AppData\Roaming\uTorrent

2014-01-06 16:19:49 -------- d-----w- C:\Users\Beheerder\AppData\Local\SkypeWebPlugin

2013-12-27 14:36:15 -------- d-----w- C:\Users\Beheerder\AppData\Local\Windows Live

====== C:\Users\Beheerder ======

2014-01-15 12:23:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Beheerder\Downloads\RSIT (1).exe

2014-01-15 12:21:53 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Beheerder\Downloads\RSIT.exe

2014-01-09 18:40:36 3DEBA32AA17CB79B864B09934E5A1650 67026 ------w- C:\Users\Beheerder\ESCAPE PLAN 2013 HDTV 1080p-KingStoner.srt

2014-01-06 18:36:19 C82A6D1E1CEB24A963C5CA20B574B78F 1340496 ----a-w- C:\Users\Beheerder\Downloads\utorrent.exe

2013-12-27 14:47:38 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2013-12-27 14:27:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-01-15 12:24:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Beheerder.exe

2014-01-15 12:23:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Beheerder\Downloads\RSIT (1).exe

2014-01-15 12:21:53 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Beheerder\Downloads\RSIT.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Spotify Web Helper"="C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"GoogleChromeAutoLaunch_12B37127E2CA8880166A4101AE41485D"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"

"Facebook Update"="C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Spotify"="C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe"

"Skytel"="Skytel.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"YouCam Service"="C:\Program Files\CyberLink\YouCam\YouCamService.exe /s"

"AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Spotify Web Helper"="C:\Users\Beheerder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"GoogleChromeAutoLaunch_12B37127E2CA8880166A4101AE41485D"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"

"Facebook Update"="C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Spotify"="C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

==== Startup Folders ======================

2013-07-07 18:19:06 955 ----a-w- C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [20/08/2013 20:46]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000Core.job --a------ [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000UA.job --a------ C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/02/2013 22:27]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15/01/2013 15:12]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [15/01/2013 15:12]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\BitGuard" [C:\Windows\system32\sc.exe start BitGuard]

"C:\Windows\system32\tasks\BrowserProtect" [C:\Windows\system32\sc.exe start BrowserProtect]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\DTReg" [C:\Users\Beheerder\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe]

"C:\Windows\system32\tasks\EPUpdater" [C:\Users\BEHEER~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000Core" [C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3458912042-936064933-937572561-1000UA" [C:\Users\Beheerder\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{1616425E-CAA0-45CA-8A15-4E37AC5AE54E}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\YourFile DownloaderUpdate" [C:\Program Files\YourFileDownloader\YourFileUpdater.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Beheerder\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [22/05/2013 21:22]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Beheerder\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [22/05/2013 21:22]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dgjkhjdcljddbedokogakmmdjgnbeanf - C:\Users\Beheerder\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx[11/06/2013 17:53]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\jmdp\SweetNT.crx[25/12/2013 09:03]

Weather - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc

YouTube - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Speed Analysis 2 - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf

AdBlock - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Lone Tree - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip

DefaultTab - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Google Wallet - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=304 folders=47 55709003 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files\SweetIM" not found

==== EOF on do 16/01/2014 at 8:44:07,30 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Windows\system32\Tasks\BitGuard;fs
 C:\Users\Beheerder\AppData\Local\Temp\utt5267.tmp.exe;f
 C:\Users\Beheerder\Downloads\RSIT.exe;f
 C:\Windows\system32\tasks\BrowserProtect;ds
 C:\Windows\system32\tasks\DTReg;fs
 C:\Windows\system32\tasks\EPUpdater;fs
 C:\Windows\system32\tasks\YourFile DownloaderUpdate;fs
 autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 15-Januari-2014

Tool run by Beheerder on do 16/01/2014 at 10:26:32,13.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Beheerder\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-16-074407.log 16554 bytes

==== Creating Sample_20141601_1041.zip ======================

Process rundll32.exe killed

Copied file C:\Users\Beheerder\ERWsetup.exe to sample\ERWsetup.exe

Copied file C:\Users\Beheerder\Install_MSN_Messenger.EXE to sample\Install_MSN_Messenger.EXE

Copied file C:\Users\Beheerder\smplayer-0.8.3-ps-win32.exe to sample\smplayer-0.8.3-ps-win32.exe

sample\ERWsetup.exe renamed to 9776E8EB47BC94AB05C30D530FAB7126

sample\Install_MSN_Messenger.EXE renamed to 1534E29809C5C602692D71D47A29C63E

sample\smplayer-0.8.3-ps-win32.exe renamed to 41F9FC140327D2BCFC15EB336388A478

C:\Users\Public\Desktop\sample_20141601_1041.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Internet Explorer\SearchScopes\{49161F4A-8716-4DA2-8ED0-67270369775D} deleted successfully

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

C:\Windows\system32\Tasks\BitGuard deleted

C:\Windows\system32\tasks\DTReg deleted

C:\Windows\system32\tasks\EPUpdater deleted

C:\Windows\system32\tasks\YourFile DownloaderUpdate deleted

C:\Program Files\sweetpacks bundle uninstaller deleted

C:\found.000 deleted

C:\Users\Beheerder\AppData\Roaming\speedanalysis.ico deleted

C:\Users\Beheerder\AppData\Roaming\SpeedAnalysis2 deleted

C:\Users\Beheerder\AppData\Roaming\Babylon deleted

C:\Users\Beheerder\AppData\Roaming\File Scout deleted

C:\ProgramData\SweetIM deleted

C:\ProgramData\IBUpdaterService deleted

C:\Users\Beheerder\AppData\Local\SearchProtect deleted

C:\Users\Beheerder\AppData\Local\avgchrome deleted

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted

C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted

C:\Windows\System32\dmwu.exe deleted

C:\Users\Beheerder\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted

C:\Windows\system32\Tasks\BrowserProtect deleted

C:\Windows\system32\roboot.exe deleted

C:\Windows\system32\ImHttpComm.dll deleted

C:\Windows\System32\SearchProtect deleted

C:\Windows\System32\jmdp deleted

C:\Windows\System32\ARFC deleted

C:\Windows\System32\WNLT deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted

C:\Users\Beheerder\ERWsetup.exe deleted

C:\Users\Beheerder\Install_MSN_Messenger.EXE deleted

C:\Users\Beheerder\smplayer-0.8.3-ps-win32.exe deleted

C:\Users\Beheerder\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com deleted

"C:\Users\Beheerder\AppData\Local\Temp\utt5267.tmp.exe" deleted

"C:\Users\Beheerder\Downloads\RSIT.exe" deleted

"C:\Windows\Installer\95323d.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Beheerder\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Beheerder\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dgjkhjdcljddbedokogakmmdjgnbeanf - C:\Users\Beheerder\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx[]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\jmdp\SweetNT.crx[]

Speed Analysis 2 - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf

AdBlock - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Lone Tree - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip

DefaultTab - Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf deleted successfully

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgjkhjdcljddbedokogakmmdjgnbeanf_0.localstorage deleted successfully

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgjkhjdcljddbedokogakmmdjgnbeanf_0.localstorage-journal deleted successfully

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPEFD07BEF-9DD7-499D-BF58-3ED6C1AB5653&SSPV="

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{3F4B8032-3900-40A3-87A9-B1DA477EC884} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz="

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3458912042-936064933-937572561-1000\Software\Mozilla\Firefox\Extensions\speedanalysis02@SpeedAnalysis.com deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\speedanalysis02@SpeedAnalysis.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

==== Empty IE Cache ======================

C:\Users\Beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Beheerder\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Beheerder\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=755 folders=143 114834821 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Beheerder\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\BEHEER~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on do 16/01/2014 at 10:48:35,20 ======================

Link naar reactie
Delen op andere sites

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

# AdwCleaner v3.017 - Report created 16/01/2014 at 12:43:09

# Updated 12/01/2014 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : Beheerder - PC_VAN_BEHEERDE

# Running from : C:\Users\Beheerder\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FF4BD4E-3E1F-4BF9-9423-1C3774789433}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FF4BD4E-3E1F-4BF9-9423-1C3774789433}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1

Key Deleted : HKLM\SOFTWARE\Classes\sim-packages

Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject

Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Key Deleted : HKCU\Software\fe8d8ab23fb849

Key Deleted : HKLM\SOFTWARE\fe8d8ab23fb849

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Default Tab

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\filescout

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\performersoft llc

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\wnlt

Key Deleted : HKCU\Software\YourFileDownloader

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\wnlt

Key Deleted : HKLM\Software\YourFileDownloader

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Speed Analysis 2

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B

Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B

Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B

Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [19827 octets] - [16/01/2014 12:41:42]

AdwCleaner[s0].txt - [20101 octets] - [16/01/2014 12:43:09]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [20162 octets] ##########

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.