malware of virus?Search Results

elsebels · 7 februari 2014

Hallo,ik heb onlangs iets gedownload en er is 'iets' meegekomen onder de naam :'search results'.Het is blijkbaar een zoekmachine die mijn computer helemaal verstoort en ik krijg het niet weg.Google doet het bijna niet meer en ook de internet explorer valt steeds weg.Ik heb al een herstel gedaan,er staat ook een Norton virusscanner op m'n PC,maar niets helpt.Ik heb VISTA en kan iemand mij zeggen wat ik moet doen of is het noodzakelijk om naar een expert te gaan.??

els

kape · 7 februari 2014

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

elsebels · 7 februari 2014

Hallo,

hier is het nodige log van RSIT

Logfile of random's system information tool 1.09 (written by random/random)

Run by Els at 2014-02-07 16:10:15

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 652 GB (71%) free of 923 GB

Total RAM: 3325 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:10:24, on 7/02/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe

C:\Program Files\YourFileDownloader\YourFileUpdater.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\rundll32.exe

C:\Users\Els\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files\Norton Utilities 14\nu.exe

C:\Program Files\Hewlett-Packard\SmartPrint\bootstrap.exe

C:\Users\Els\Desktop\RSIT.exe

C:\Program Files\trend micro\Els.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll

O1 - Hosts: ::1 localhost

O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll

O2 - BHO: QpBHO Class - {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Els\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: QueblesEngine.QueblesHelper - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - mscoree.dll (file missing)

O2 - BHO: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll

O2 - BHO: WiseConvert - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll

O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll

O3 - Toolbar: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files\WiseConvert\prxtbWise.dll

O3 - Toolbar: Quebles Toolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - mscoree.dll (file missing)

O3 - Toolbar: VMN Toolbar Astro Gemini - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Els\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\RMTray.exe /H

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3575866603-3116684763-1735328397-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - Startup: Dropbox.lnk = Els\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Els\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (file missing)

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Quebles Updater - Techno Design IP - C:\Program Files\Techno Design IP\Quebles Toolbar\QueblesAutoUpdate.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe

--

End of file - 12305 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HP Photo Creations Communicator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]

Shopping Assistant Plugin - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll [2012-03-18 413568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1658D3A1-9E13-4196-A82A-D70D70880F36}]

HP Smart Print BHO - C:\Program Files\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll [2012-10-31 644000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL [2012-08-10 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Els\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2014-01-28 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{86a3cdaa-9b25-480e-b73f-c2d359b87966}]

QueblesEngine.QueblesHelper - C:\Windows\system32\mscoree.dll [2009-11-08 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]

Softonic Helper Object - C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll [2012-08-02 248936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]

WiseConvert Toolbar - C:\Program Files\WiseConvert\prxtbWise.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}]

PricePeep - C:\Program Files\PricePeep\pricepeep.dll [2012-10-24 497008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - WiseConvert Toolbar - C:\Program Files\WiseConvert\prxtbWise.dll [2011-05-09 176936]

{691ca8ec-7205-4aa9-bdd6-15493d16f835} - Quebles Toolbar - C:\Windows\system32\mscoree.dll [2009-11-08 297808]

{A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar Astro Gemini - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2009-04-15 1950656]

{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - Softonic Toolbar - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll [2012-08-02 274536]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]

"NBAgent"=C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2009-09-01 1086760]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

"AdobeCS5.5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-03-27 10967656]

"NPSStartup"= []

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]

"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-07-26 311152]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-05-25 39408]

"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]

"AdobeBridge"=C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe [2011-03-02 12008296]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-07-26 1564016]

""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-07-26 844656]

"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-07-02 248208]

"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"NextLive"=C:\Users\Els\AppData\Roaming\newnext.me\nengine.dll [2013-11-14 1283584]

"NortonUtilities"=C:\Program Files\Norton Utilities 14\RMTray.exe [2009-09-14 279912]

C:\Users\Els\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Els\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"vidc.ptev"=PteVideo.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-07 16:10:16 ----D---- C:\Program Files\trend micro

2014-02-07 16:10:15 ----D---- C:\rsit

2014-01-30 20:39:30 ----D---- C:\Users\Els\AppData\Roaming\Norton Utilities 14

2014-01-30 20:27:57 ----D---- C:\ProgramData\Norton Installer

2014-01-30 20:27:36 ----AD---- C:\ProgramData\TEMP

2014-01-30 20:27:21 ----A---- C:\Windows\system32\msxml.dll

2014-01-30 20:27:20 ----D---- C:\Program Files\Norton Utilities 14

2014-01-30 17:17:58 ----D---- C:\Users\Els\AppData\Roaming\Nico Mak Computing

2014-01-30 17:17:48 ----D---- C:\ProgramData\Nico Mak Computing

2014-01-30 17:17:47 ----D---- C:\Program Files\WinZip Malware Protector

2014-01-30 17:17:47 ----A---- C:\Windows\system32\wsusnative32.exe

2014-01-29 19:24:27 ----D---- C:\Windows\Migration

2014-01-28 21:08:51 ----D---- C:\Users\Els\AppData\Roaming\defaulttab

2014-01-28 21:08:50 ----D---- C:\Users\Els\AppData\Roaming\newnext.me

2014-01-28 21:08:11 ----D---- C:\Program Files\Mobogenie

2014-01-28 21:08:06 ----D---- C:\Program Files\Gmail Notifier

2014-01-18 11:23:14 ----D---- C:\Windows\Sun

2014-01-18 11:23:00 ----D---- C:\ProgramData\Oracle

2014-01-18 11:22:05 ----A---- C:\Windows\system32\javaws.exe

2014-01-18 11:21:28 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-01-18 11:21:28 ----A---- C:\Windows\system32\javaw.exe

2014-01-18 11:21:28 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2014-02-07 16:10:16 ----RD---- C:\Program Files

2014-02-07 16:10:16 ----D---- C:\Windows\Temp

2014-02-07 16:10:05 ----D---- C:\Windows\Prefetch

2014-02-07 14:20:07 ----D---- C:\Windows\System32

2014-02-07 14:20:07 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-07 14:20:06 ----D---- C:\Windows\inf

2014-02-07 14:18:55 ----D---- C:\Users\Els\AppData\Roaming\Dropbox

2014-02-07 14:17:39 ----D---- C:\Windows\system32\Tasks

2014-02-07 14:17:27 ----SHD---- C:\System Volume Information

2014-02-07 14:14:00 ----D---- C:\ProgramData\NVIDIA

2014-02-06 18:47:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-02-06 18:31:07 ----SHD---- C:\Windows\Installer

2014-02-06 18:31:07 ----HD---- C:\Config.Msi

2014-02-06 18:31:07 ----D---- C:\Windows\system32\drivers

2014-02-06 18:30:46 ----HD---- C:\ProgramData

2014-02-06 17:26:41 ----RD---- C:\Users

2014-01-30 20:45:03 ----D---- C:\Windows

2014-01-30 20:38:05 ----SD---- C:\Windows\Downloaded Program Files

2014-01-30 20:37:43 ----SD---- C:\Users\Els\AppData\Roaming\Microsoft

2014-01-30 16:12:11 ----D---- C:\Windows\Microsoft.NET

2014-01-29 20:06:40 ----D---- C:\Users\Els\AppData\Roaming\Winamp

2014-01-29 20:06:29 ----D---- C:\Windows\Debug

2014-01-29 19:24:47 ----D---- C:\Windows\system32\en-US

2014-01-29 19:24:27 ----SD---- C:\ProgramData\Microsoft

2014-01-29 19:12:44 ----D---- C:\Windows\system32\wbem

2014-01-29 19:11:47 ----D---- C:\Windows\Tasks

2014-01-29 19:11:47 ----D---- C:\Windows\system32\spool

2014-01-29 19:11:47 ----D---- C:\Windows\system32\catroot2

2014-01-29 19:11:46 ----D---- C:\Windows\registration

2014-01-28 21:08:54 ----HD---- C:\Windows\system32\GroupPolicy

2014-01-18 11:22:15 ----D---- C:\Program Files\Common Files\Java

2014-01-15 19:36:08 ----D---- C:\Windows\system32\MRT

2014-01-15 19:34:01 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1404000.028\SYMDS.SYS [2013-05-20 367704]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1404000.028\SYMEFA.SYS [2013-05-22 934488]

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20140121.001\BHDrvx86.sys [2013-12-18 1098968]

R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [2013-04-15 134744]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2013-11-21 376920]

R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20140206.001\IDSvix86.sys [2014-01-23 394456]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [2013-03-04 32344]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [2012-07-27 175264]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\system32\drivers\NIS\1404000.028\SYMTDIV.SYS [2013-04-24 352344]

R3 e1express;Stuurprogramma voor Intel® PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 108120]

R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-03-27 3204200]

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20140206.024\NAVENG.SYS [2013-12-09 93272]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20140206.024\NAVEX15.SYS [2013-12-09 1612376]

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 8939296]

R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\drivers\NIS\1404000.028\SRTSP.SYS [2013-05-15 603224]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2013-10-03 142496]

R3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-11 16240]

R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2010-10-11 11312]

R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2010-10-11 14120]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]

S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912]

S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 30208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]

R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]

R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2009-09-01 87344]

R2 Quebles Updater;Quebles Updater; C:\Program Files\Techno Design IP\Quebles Toolbar\QueblesAutoUpdate.exe [2012-08-16 23232]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]

R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 4869488]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]

R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 416112]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Els\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe []

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-25 136176]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-25 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

kape · 7 februari 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1};c
 C:\Program Files\WiseConvert\prxtbWise.dll;f
 {1631550F-191D-4826-B069-D9439253D926};c
 C:\Program Files\PriceGong;fs
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Els\AppData\Roaming\DefaultTab;fs
 {86a3cdaa-9b25-480e-b73f-c2d359b87966};c
 {A057A204-BACC-4D26-8287-79A187E26987};c
 {E87806B5-E908-45FD-AF5E-957D83E58E68};c
 C:\Program Files\Softonic;fs
 {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007};c
 C:\Program Files\PricePeep;fs
 {691ca8ec-7205-4aa9-bdd6-15493d16f835};c
 {5018CFD2-804D-4C99-9F81-25EAEA2769DE};c
 NextLive;s
 C:\Users\Els\AppData\Roaming\newnext.me;fs
 DefaultTabUpdate;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}];r
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
 "NextLive"=-;r
 C:\Users\Els\AppData\Roaming\defaulttab;fs
 C:\Program Files\Mobogenie;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
Do a Quick Scan
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

elsebels · 7 februari 2014

dit is het volgende logje

Zoek.exe v5.0.0.0 Updated 07-February-2014

Tool run by Els on vr 07/02/2014 at 20:38:00,10.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Els\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

7/02/2014 20:43:46 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Bamboo Dock deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\TomTom DesktopSuite deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Computer Updater deleted successfully

C:\ProgramData\DriverGenius deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Els\AppData\Roaming\Advanced System Protector deleted successfully

C:\Users\Els\AppData\Roaming\DGFects deleted successfully

C:\Users\Els\AppData\Roaming\Systweak deleted successfully

C:\Users\Els\AppData\Roaming\YourFileDownloader deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86a3cdaa-9b25-480e-b73f-c2d359b87966} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{86a3cdaa-9b25-480e-b73f-c2d359b87966} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{691ca8ec-7205-4aa9-bdd6-15493d16f835} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{691ca8ec-7205-4aa9-bdd6-15493d16f835} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{03A06E83-5AB4-4B8E-8E22-181A99666F06} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0A77292D-32D5-456F-82BC-D1F4FFD605E4} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{1631550F-191D-4826-B069-D9439253D926} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{86a3cdaa-9b25-480e-b73f-c2d359b87966} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{86a3cdaa-9b25-480e-b73f-c2d359b87966} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{691ca8ec-7205-4aa9-bdd6-15493d16f835} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{691ca8ec-7205-4aa9-bdd6-15493d16f835} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\DefaultTabUpdate deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "aa44f455000000000000002243114c55");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15817");

user_pref("extensions.delta.vrsn", "1.8.16.16");

user_pref("extensions.delta.vrsni", "1.8.16.16");

user_pref("extensions.delta.vrsnTs", "1.8.16.1620:25:42");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- FireFox user.js and prefs.js backups ----

user_20140702_2053_.backup

prefs_20140702_2053_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

==== Deleting Files \ Folders ======================

C:\Program Files\PriceGong deleted

C:\Users\Els\AppData\Roaming\DefaultTab deleted

C:\Program Files\Softonic deleted

C:\Program Files\PricePeep deleted

C:\Users\Els\AppData\Roaming\newnext.me deleted

C:\Program Files\Mobogenie deleted

C:\Users\Els\appdata\locallow\Softonic deleted

C:\Users\Public\Desktop\WinZip Malware Protector.lnk deleted

C:\Program Files\WiseConvert deleted

C:\Users\Els\appdata\locallow\WiseConvert deleted

C:\ProgramData\EmailNotifier deleted

C:\Users\Els\AppData\Local\genienext deleted

C:\Users\Els\daemonprocess.txt deleted

C:\Users\Els\.android deleted

C:\Program Files\GUTDB33.tmp deleted

C:\Program Files\GUMDB32.tmp deleted

C:\Program Files\Conduit deleted

C:\Program Files\Babylon deleted

C:\Program Files\Free Offers from Freeze.com deleted

C:\Program Files\vmntoolbar deleted

C:\Program Files\MyFree Codec deleted

C:\extensions deleted

C:\Users\Els\AppData\Roaming\Babylon deleted

C:\ProgramData\Uniblue\DriverScanner deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\Premium deleted

C:\Users\Els\AppData\Local\Systweak deleted

C:\Users\Els\AppData\Local\Mobogenie deleted

C:\Users\Els\AppData\Local\cache deleted

C:\Users\Els\AppData\Local\Conduit deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenSavers deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong deleted

C:\Users\Els\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk deleted

C:\Users\Els\AppData\LocalLow\store-pp.jbs deleted

C:\Users\Els\AppData\LocalLow\searchresultstb deleted

C:\Users\Els\AppData\LocalLow\Delta deleted

C:\Users\Els\AppData\LocalLow\DataMngr deleted

C:\Users\Els\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted

C:\Users\Els\AppData\LocalLow\PriceGong deleted

C:\Users\Els\AppData\LocalLow\Conduit deleted

C:\Windows\system32\tasks\YourFile Update deleted

C:\user.js deleted

C:\Windows\system32\roboot.exe deleted

C:\Windows\System32\AI_RecycleBin deleted

C:\Windows\system32\SafeAppRichList.ocx deleted

C:\Windows\system32\CUUpdateComponent.ocx deleted

C:\Windows\system32\ComputerUpdaterLM.ocx deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

C:\Users\Els\Documents\Mobogenie deleted

C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default\searchplugins\babylon.xml deleted

C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default\ilividtoolbargaw deleted

"C:\Windows\Installer\1dd03f.msi" deleted

"C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default\searchplugins\delta.xml" deleted

"C:\Program Files\WinZip Malware Protector\aspsys.dll" deleted

"C:\Program Files\WinZip Malware Protector\Microsoft.Win32.TaskScheduler.DLL" deleted

"C:\Program Files\WinZip Malware Protector\System.Data.SQLite.dll" deleted

"C:\Program Files\WinZip Malware Protector\unrar.dll" deleted

"C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe" deleted

"C:\Program Files\WinZip Malware Protector\Xceed.Compression.dll" deleted

"C:\Program Files\WinZip Malware Protector\Xceed.FileSystem.dll" deleted

"C:\Program Files\WinZip Malware Protector\Xceed.Zip.dll" deleted

"C:\Program Files\YourFileDownloader\htmlayout.dll" deleted

"C:\Program Files\YourFileDownloader\YourFileUpdater.exe" deleted

"C:\Program Files\WinZip Malware Protector" not deleted

"C:\Program Files\YourFileDownloader" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Els\AppData\Local\Temp ====

====== Java Cache =====

2014-01-18 10:23:17 C9A18C91DBA1F4B1A0341986D84571E7 99 ----a-w- C:\Users\Els\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2014-01-18 10:23:18 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Els\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-69a66c53

2014-01-27 09:40:05 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Els\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-59659718

====== C:\Windows\system32 =====

2014-01-30 19:28:08 ECC0B4DC8D1B15DA901EBA5F09CA5037 880640 ----a-w- C:\Windows\System32\UniBox10.ocx

2014-01-30 19:28:08 AD0EAC85ABC25B2E3C81C3AD41C10C42 1101824 ----a-w- C:\Windows\System32\UniBox210.ocx

2014-01-30 19:28:08 5D2A12A554889B7378977B229B11130E 212992 ----a-w- C:\Windows\System32\UniBoxVB12.ocx

2014-01-30 19:27:21 41919DDFE4B63E280B9626979660609F 506368 ----a-w- C:\Windows\System32\msxml.dll

2014-01-30 16:17:47 6CB684788C8903F75B06BEDD88C00E8B 16384 ----a-w- C:\Windows\System32\wsusnative32.exe

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

2014-01-30 16:18:21 96A45FB1DA059F0A68D9A49F50FA6EB0 3100 ----a-w- C:\Windows\system32\Tasks\WinZip Malware Protector_startup

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-07 15:10:16 -------- d-----w- C:\Program Files\trend micro

2014-01-30 16:17:47 -------- d-----w- C:\Program Files\WinZip Malware Protector

2014-01-28 20:08:06 -------- d-----w- C:\Program Files\Gmail Notifier

======= C: =====

====== C:\Users\Els\AppData\Roaming ======

2014-02-06 16:10:37 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe

2014-01-30 16:17:58 -------- d-----w- C:\Users\Els\AppData\Roaming\Nico Mak Computing

2014-01-09 21:49:07 CFFEAEFCD8A09106684662AEEEECB6A5 132 ----a-w- C:\Users\Els\AppData\Roaming\Adobe GIF Format CS5 Prefs

====== C:\Users\Els ======

2014-02-07 15:05:40 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Els\Desktop\RSIT.exe

2014-01-30 19:27:36 -------- d---a-w- C:\ProgramData\TEMP

2014-01-30 16:17:48 -------- d-----w- C:\ProgramData\Nico Mak Computing

2014-01-30 16:17:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

2014-01-28 20:08:55 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Els\ntuser.pol

2014-01-18 10:21:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-02-07 15:10:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Els.exe

2014-02-07 15:05:40 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Windows.old\Documents and Settings\Els\Desktop\RSIT.exe

2014-02-07 15:05:40 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Els\Desktop\RSIT.exe

=== C: other files ==

2014-02-07 13:17:40 C5D8555A05363EE8A17933523F731209 16150014 ----a-w- C:\Windows.old\ProgramData\Application Data\Nico Mak Computing\WinZip Malware Protector\updates\1671mupdate.zip

2014-02-07 13:17:40 C5D8555A05363EE8A17933523F731209 16150014 ----a-w- C:\Windows.old\Documents and Settings\All Users\Nico Mak Computing\WinZip Malware Protector\updates\1671mupdate.zip

2014-02-07 13:17:40 C5D8555A05363EE8A17933523F731209 16150014 ----a-w- C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\updates\1671mupdate.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"AdobeBridge"="C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe -stealth"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"NortonUtilities"="C:\Program Files\Norton Utilities 14\RMTray.exe /H"

[HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

"NBAgent"="C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe /WinStart"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"SwitchBoard"="C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

"AdobeCS5.5ServiceManager"="C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"WinampAgent"="C:\Program Files\Winamp\winampa.exe"

"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"AdobeBridge"="C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe -stealth"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"NortonUtilities"="C:\Program Files\Norton Utilities 14\RMTray.exe /H"

==== Startup Folders ======================

2012-12-29 16:52:44 993 ----a-w- C:\Users\Els\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/02/2014 18:47]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25/05/2012 07:52]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25/05/2012 07:52]

C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PC_van_Els-Els" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\Els" [C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBCore.exe]

"C:\Windows\system32\tasks\Els2" [C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBCore.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 6510 series" ["C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe"]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{55836891-6FC8-45E3-BBA6-268238087060}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\WinZip Malware Protector_startup" [C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

"C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn" [07/02/2014 14:17]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}"="C:\Program Files\PriceGong\2.6.4\FF" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default

- Exif Viewer - %ProfilePath%\extensions\exif_viewer@mozilla.doslash.org.xpi

- Exif Quick Viewer Add-on for Firefox - %ProfilePath%\extensions\{5EB499FF-8030-4548-A7BA-B8656579E007}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default

86FD0445C7A92516FC0BA201C79B8E9E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

9FDABAD05A9623988750CCC10223BDB0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

5E1D0432C765884434A7CCD4DBDC80AA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

3B293C235A80E7A5369E6AA28FEA50B1 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

A80BCBED52F7DD5FDBF346A985A4E4D5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

C7794A997CEC29173A4401F3AE16C51F - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision

75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION

A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51

F00DA1A135FCA11D4426D9A5AB72CF0F - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect

9CB55B7CF03EE55E2E77AD5A8827148F - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer

2DB60449763CC2079588D2394AB32CA4 - C:\Program Files\TabletPlugins\npwacom.dll - Wacom Dynamic Link Library

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

41561B8AE9E551BD08304D48DAA900FA - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files\PriceGong\2.6.4\pricegong.crx[]

licjnkifamhpbaefhdpacpmihicfbomb - C:\Program Files\PricePeep\pricepeep.crx[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[30/01/2014 18:24]

Google Docs - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

PriceGong - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok

YouTube - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

PricePeep - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

Norton Identity Protection - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully

C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Search"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{DE30E4A9-7E5C-4707-9563-DBADE277B3B0} Google custom search Url="Zoeken?}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3575866603-3116684763-1735328397-1000\Software\Mozilla\Firefox\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E75EF330-CE64-201E-BEDD-5147DC2A9529} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\1458555922.portal.qtrax.com deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193 deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=760 folders=203 121144841 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Els\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Els\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files\WinZip Malware Protector" not found

==== EOF on vr 07/02/2014 at 21:05:22,27 ======================

kape · 7 februari 2014

Hiermee is behoorlijk wat rotzooi van de PC gehaald. Doe nog even dit:

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik vervolgens op de knop Scan.
Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
Plaats dit logbestand in het volgende bericht.

elsebels · 8 februari 2014

Hallo,

hier is het volgende logbestand.

kape · 8 februari 2014

Hallo,
hier is het volgende logbestand.

??? ... en dat bestandje ... waar kunnen we dat lezen

elsebels · 8 februari 2014

sorry,ik dacht dat ik het goed had gedaan.Nog een poging.....

# AdwCleaner v3.018 - Report created 08/02/2014 at 14:01:22

# Updated 28/01/2014 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : Els - PC_VAN_ELS

# Running from : C:\Users\Els\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

-\\ Mozilla Firefox v

[ File : C:\Users\Els\AppData\Roaming\Mozilla\Firefox\Profiles\u1wzl95q.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12123 octets] - [08/02/2014 12:09:03]

AdwCleaner[R1].txt - [991 octets] - [08/02/2014 14:00:25]

AdwCleaner[s0].txt - [0 octets] - [08/02/2014 12:10:41]

AdwCleaner[s1].txt - [913 octets] - [08/02/2014 14:01:22]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [972 octets] ##########

kape · 8 februari 2014

Dit is prima ... heb je nu nog ergens meldingen van "Search Result" of andere ongemakken ?

Inloggen

malware of virus?Search Results

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie