Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Kan ik hier een vraagje stellen?

Ik gebruik al enkele jaren Windows Vista.

Nu is mijn Lay-out van het beginscherm volledig veranderd.

In plaats van een ronde startknop is er nu een rechthoekje gekomen.

Ik kan ook geen updates meer binnenhalen.

Als ik afsluit komt er een venster met de keuze afsluiten, afmelden of opn. opstarten.

Graag iemand die me wil helpen aub.

dank u

gr Linda

Geplaatst:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Geplaatst:

Dit is de log?

Logfile of random's system information tool 1.10 (written by random/random)

Run by Danny at 2014-09-24 18:35:56

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 24 GB (39%) free of 60 GB

Total RAM: 3326 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:36:01, on 24/09/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19019)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Danny\Desktop\RSIT.exe

C:\Program Files\trend micro\Danny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: 0

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: NBService - NAVMAN - (no file)

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 5914 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{66D42D9C-BEA1-4991-B367-859DCAF884ED}.exe --uninstall=1

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\SpyHunter4.job - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe -scan

C:\Windows\tasks\User_Feed_Synchronization-{A2AD474C-31C8-4C8A-84F9-E6B0009008C7}.job - C:\Windows\system32\msfeedssync.exe sync

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-03 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-03 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2012-01-28 2077536]

"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-10-24 12017368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid]

C:\Program Files\Belgium Identity Card\beid35gui.exe [2011-07-06 2068480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=msh263.drv

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-09-24 18:35:56 ----D---- C:\rsit

2014-09-24 18:35:56 ----D---- C:\Program Files\trend micro

2014-09-22 22:31:48 ----D---- C:\ProgramData\NVIDIA

2014-09-22 22:31:10 ----ASH---- C:\hiberfil.sys

2014-09-22 22:18:10 ----A---- C:\Windows\system32\nvhdap32.dll

2014-09-22 22:18:10 ----A---- C:\Windows\system32\nvhdagenco3220103.dll

2014-09-22 22:18:10 ----A---- C:\Windows\system32\drivers\nvhda32v.sys

2014-09-22 22:16:44 ----A---- C:\Windows\system32\nvdispco3231422.dll

2014-09-22 22:16:43 ----A---- C:\Windows\system32\nvdispgenco3231422.dll

2014-09-22 22:16:31 ----A---- C:\Windows\system32\nvwgf2um.dll

2014-09-22 22:16:31 ----A---- C:\Windows\system32\nvopencl.dll

2014-09-22 22:16:30 ----A---- C:\Windows\system32\nvoglv32.dll

2014-09-22 22:16:29 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2014-09-22 22:16:27 ----A---- C:\Windows\system32\nvd3dum.dll

2014-09-22 22:16:26 ----A---- C:\Windows\system32\nvcuvid.dll

2014-09-22 22:16:26 ----A---- C:\Windows\system32\nvcuvenc.dll

2014-09-22 22:16:26 ----A---- C:\Windows\system32\nvcuda.dll

2014-09-22 22:16:14 ----A---- C:\Windows\system32\nvcompiler.dll

2014-09-22 22:16:14 ----A---- C:\Windows\system32\nvapi.dll

2014-09-22 22:00:09 ----D---- C:\Intel

2014-09-22 19:47:54 ----SHD---- C:\Config.Msi

2014-09-22 19:47:12 ----D---- C:\Windows\865537E164904193A4B6669C62711852.TMP

2014-09-22 18:42:23 ----D---- C:\AdwCleaner

2014-09-22 17:52:34 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys

2014-09-22 17:52:24 ----D---- C:\Program Files\Malwarebytes Anti-Malware

2014-09-22 17:52:24 ----A---- C:\Windows\system32\drivers\mwac.sys

2014-09-22 17:52:24 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys

======List of files/folders modified in the last 1 month======

2014-09-24 18:36:01 ----D---- C:\Windows\Prefetch

2014-09-24 18:35:56 ----RD---- C:\Program Files

2014-09-24 18:35:52 ----D---- C:\Windows\temp

2014-09-24 18:25:33 ----D---- C:\Windows

2014-09-24 16:33:47 ----D---- C:\Windows\system32\drivers\Avg

2014-09-24 15:56:03 ----SHD---- C:\Windows\Installer

2014-09-24 15:56:02 ----D---- C:\ProgramData\Microsoft Help

2014-09-24 15:56:02 ----A---- C:\Windows\win.ini

2014-09-24 15:42:19 ----D---- C:\Windows\ShellNew

2014-09-24 15:42:01 ----D---- C:\Program Files\Common Files\microsoft shared

2014-09-24 15:41:32 ----RSD---- C:\Windows\assembly

2014-09-24 15:35:09 ----SHD---- C:\System Volume Information

2014-09-24 15:29:22 ----D---- C:\Windows\System32

2014-09-24 15:23:47 ----D---- C:\Windows\inf

2014-09-24 15:17:35 ----D---- C:\Windows\system32\catroot2

2014-09-24 15:14:15 ----RSD---- C:\Windows\Fonts

2014-09-24 15:14:14 ----D---- C:\Program Files\Common Files\DESIGNER

2014-09-24 15:10:42 ----D---- C:\Windows\Tasks

2014-09-24 14:48:16 ----D---- C:\ProgramData\Spybot - Search & Destroy

2014-09-24 14:48:02 ----D---- C:\Program Files\Spybot - Search & Destroy

2014-09-24 14:39:43 ----D---- C:\Windows\Debug

2014-09-24 14:38:56 ----RD---- C:\Beveiliging

2014-09-24 13:41:05 ----D---- C:\temp

2014-09-24 12:56:14 ----D---- C:\Program Files\Google

2014-09-24 12:50:52 ----D---- C:\Windows\system32\WDI

2014-09-24 11:44:22 ----D---- C:\Users\Danny\AppData\Roaming\Skype

2014-09-23 07:41:14 ----D---- C:\Windows\AppPatch

2014-09-22 22:31:48 ----D---- C:\ProgramData

2014-09-22 22:18:59 ----D---- C:\Windows\system32\catroot

2014-09-22 22:18:29 ----D---- C:\Windows\system32\drivers

2014-09-22 22:14:54 ----D---- C:\Program Files\NVIDIA Corporation

2014-09-22 22:10:31 ----D---- C:\ProgramData\NVIDIA Corporation

2014-09-22 18:56:15 ----D---- C:\Windows\SoftwareDistribution

2014-09-22 18:51:58 ----D---- C:\Users\Danny\AppData\Roaming\Uniblue

2014-09-22 18:51:58 ----D---- C:\ProgramData\Uniblue

2014-09-22 18:30:39 ----D---- C:\ProgramData\Apple Computer

2014-09-22 18:27:14 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-09-22 17:52:28 ----D---- C:\Users\Danny\AppData\Roaming\Malwarebytes

2014-09-22 17:52:24 ----D---- C:\ProgramData\Malwarebytes

2014-09-22 17:40:46 ----D---- C:\Windows\pss

2014-09-22 17:34:08 ----D---- C:\Program Files\CCleaner

2014-09-22 17:29:22 ----D---- C:\Program Files\Common Files\Adobe

2014-09-22 17:28:47 ----D---- C:\Users\Danny\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2014-09-22 17:28:46 ----D---- C:\Program Files\Adobe

2014-09-22 17:27:18 ----D---- C:\Users\Danny\AppData\Roaming\EssentialPIM

2014-09-22 17:23:35 ----D---- C:\Windows\system32\Adobe

2014-09-22 17:09:36 ----HD---- C:\Program Files\InstallShield Installation Information

2014-09-22 17:09:36 ----D---- C:\Program Files\CyberLink

2014-09-22 17:01:00 ----D---- C:\Program Files\Winamp

2014-09-22 16:52:48 ----D---- C:\ProgramData\Nero

2014-09-22 16:10:23 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-09-22 15:45:51 ----D---- C:\Windows\ehome

2014-09-22 15:45:03 ----D---- C:\Users\Danny\AppData\Roaming\Ahead

2014-09-22 15:34:15 ----D---- C:\Users\Danny\AppData\Roaming\Mozilla

2014-09-22 15:32:09 ----D---- C:\Program Files\HP

2014-09-22 15:26:27 ----D---- C:\ProgramData\HP Product Assistant

2014-09-22 15:11:18 ----D---- C:\Program Files\Common Files

2014-09-22 15:06:14 ----D---- C:\Users\Danny\AppData\Roaming\Corel

2014-09-22 14:57:34 ----D---- C:\Program Files\Common Files\Common Toolkit Suite

2014-09-22 14:53:08 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2011-05-30 8704]

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2013-01-28 226016]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2011-09-16 29712]

R1 AvgTdiX;AVG Free8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2011-05-12 243152]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HBtnKey;ThinkPad Tablet Keyboard and Buttons HID Driver; C:\Windows\system32\DRIVERS\tkbtnpn.sys [2007-10-30 7463]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-11-05 2888536]

R3 KeyMaestro;KeyMaestro Keyboard Filter Driver; C:\Windows\system32\DRIVERS\Maestro1.sys [2011-05-30 7952]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-03-15 8952608]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-09 208600]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2011-05-30 320288]

S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2009-05-14 35712]

S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2011-05-30 14336]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 Navcar;Navman In-car Navigator USB Driver Service; C:\Windows\system32\DRIVERS\Navcar.sys [2003-10-29 30329]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-12-19 154040]

S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-04-08 64000]

S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-19 27888]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG PC TuneUp 2014\TuneUpUtilitiesDriver32.sys []

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]

S3 USBCCID;USB Smart Card reader; C:\Windows\system32\DRIVERS\usbccid.sys [2009-05-14 29184]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\Windows\system32\DRIVERS\whfltr2k.sys [2007-01-26 6784]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]

R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-04 308136]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 915784]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 634144]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-27 135664]

S2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-22 267440]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-27 135664]

S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]

S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2008-09-03 68096]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S4 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-22 611664]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

-----------------EOF-----------------

Geplaatst:

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.

Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.

(hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken" als je zip- of rar-download hebt gebruikt.
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkwaardig probleem.
    
    
    emptyclsid;
    emptyfolderscheck;
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm;  
    startupall;
    
    
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage[/url].

Geplaatst:

Aan Juisterr

Zoek.exe v5.0.0.0 Updated 26-09-2014

Tool run by Danny on vr 26/09/2014 at 8:56:50,86.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Danny\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

26/09/2014 8:57:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Common Files\Common Toolkit Suite

C:\PROGRA~2\CanonIJScan

C:\PROGRA~2\DriverScanner

C:\PROGRA~2\HP Product Assistant

C:\PROGRA~2\HPSSUPPLY

C:\PROGRA~2\Nero

C:\PROGRA~2\Oracle

C:\PROGRA~2\PhotoStitch

C:\PROGRA~2\Uniblue

C:\PROGRA~2\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}

C:\Users\Danny\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

C:\Users\Danny\AppData\Roaming\EssentialPIM

C:\Users\Danny\AppData\Roaming\HpUpdate

C:\Users\Danny\AppData\Roaming\Malwarebytes

C:\Users\Danny\AppData\Roaming\SumatraPDF

C:\Users\Danny\AppData\Roaming\ZoomBrowser EX

C:\Users\Danny\AppData\Local\Popajar

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\Explorer Bars\{FF059E31-CC5A-4E2E-BF3B-96E929D65503} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF059E31-CC5A-4E2E-BF3B-96E929D65503} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF059E31-CC5A-4E2E-BF3B-96E929D65503} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} deleted

C:\Program Files\GUTEE50.tmp deleted

C:\Program Files\GUMEE4F.tmp deleted

C:\extensions deleted

C:\crashreporter.exe deleted

C:\plugin-container.exe deleted

C:\updater.exe deleted

C:\Users\Danny\AppData\Roaming\Uniblue deleted

C:\Users\Danny\AppData\Roaming\ZoomBrowser EX deleted

C:\Users\Danny\AppData\Roaming\LimeWirePlus deleted

C:\PROGRA~2\Uniblue deleted

C:\PROGRA~2\InstallMate deleted

C:\Users\Danny\AppData\Local\BearShare deleted

C:\Users\Public\PrinterProDesktopSetup-1_3_3.exe deleted

C:\Users\Public\SpyHunter-Installer.exe deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted

C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted

C:\components deleted

C:\Windows\System32\REN12A1.tmp deleted

C:\Windows\System32\REN12C1.tmp deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-09-25 06:48:11 964771A8E668CE64708ABE8B95BF5FD2 1191936 ----a-w- C:\Windows\RtlUpd.exe

2014-09-25 06:48:11 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ----a-w- C:\Windows\SkyTel.exe

2014-09-25 06:48:10 A360F8AA95A086CB7F9D361B5485858F 4702208 ----a-w- C:\Windows\RtHDVCpl.exe

2014-09-25 06:47:57 950F61ED7C6DBFAD41059F754AF35469 319488 ----a-w- C:\Windows\HideWin.exe

====== C:\Users\Danny\AppData\Local\Temp ====

2014-09-25 07:40:56 95314C3A08589471983C2C8173F23CDA 16376 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\x64\TVMonitor.sys

2014-09-25 07:40:56 8453D2FF5A5A93C888B374429EAFBFBA 52520 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_x64.dll

2014-09-25 07:40:56 12B928BC9B7882FE19E25CA9D5FE175A 49448 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_w32.dll

2014-09-25 07:40:56 111A023266532C621EE69AE96E47081E 13304 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\x86\TVMonitor.sys

2014-09-25 07:40:55 4F932DF1F3DFADDAFFC269BF83DD9816 99624 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_w32.exe

2014-09-25 07:40:55 435289FB689E6952C96AE351E004B64A 130344 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_x64.exe

2014-09-25 07:37:52 2ECF113513C3CB60B447C9B93FC583C4 1000784 ----a-w- C:\Users\Danny\AppData\Local\Temp\install_reader11_nl.exe

2014-09-24 13:12:01 0AF58D7C0A7E89D23433885F431F04CC 221056 ----a-w- C:\Users\Danny\AppData\Local\Temp\Setup00000c8c\OSETUPUI.DLL

2014-09-24 13:12:00 6E67AF4D240E1280391E1544CD0878AF 6540120 ----a-w- C:\Users\Danny\AppData\Local\Temp\Setup00000c8c\OSETUP.DLL

2014-09-24 12:26:46 0AF58D7C0A7E89D23433885F431F04CC 221056 ----a-w- C:\Users\Danny\AppData\Local\Temp\Setup00001704\OSETUPUI.DLL

2014-09-24 12:26:45 6E67AF4D240E1280391E1544CD0878AF 6540120 ----a-w- C:\Users\Danny\AppData\Local\Temp\Setup00001704\OSETUP.DLL

====== Java Cache =====

====== C:\Windows\system32 =====

2014-09-25 08:10:01 6E098A827A6439DDA1EE4C59A1BFA39D 3675824 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe

2014-09-25 06:48:11 E5639080A7FFA5F03642F4D4CDB1E9CE 339968 ----a-w- C:\Windows\System32\SRSTSXT.dll

2014-09-25 06:48:11 E067361E60FCAE24790B88135895F3C8 135168 ----a-w- C:\Windows\System32\SRSWOW.dll

2014-09-25 06:48:11 BF2CCD6E3EC884D165120BDF8A8C6CB2 23552 ----a-w- C:\Windows\System32\RtkCoInst.dll

2014-09-25 06:48:11 BA21C4B843B4B1DD787A660E17589F4D 185776 ----a-w- C:\Windows\System32\SRSTSHD.dll

2014-09-25 06:48:11 81FCABDF9A8610393F3585BA051841C4 266240 ----a-w- C:\Windows\System32\RtkApoApi.dll

2014-09-25 06:48:11 397640C9A2680AE580F6C46BF1491CD0 584704 ----a-w- C:\Windows\System32\RtkPgExt.dll

2014-09-25 06:48:11 1B8ADDE7421C12DBDF8AF58E2014CE62 167936 ----a-w- C:\Windows\System32\SRSHP360.dll

2014-09-25 06:48:11 1B74FD054246E56AA086A851329E8F4C 532480 ----a-w- C:\Windows\System32\RTSndMgr.cpl

2014-09-25 06:48:10 26AE7FE6953D584D349A91A72849A771 126976 ----a-w- C:\Windows\System32\maxxaudioapo.dll

====== C:\Windows\system32\drivers =====

2014-09-25 06:48:11 34B8B4A442046E3D5FDD0B17926CF3F1 1967576 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2014-09-22 15:52:34 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-09-22 15:52:24 799613BA73D25641402AA81B6403EFF8 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-09-22 15:52:24 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-09-25 08:43:53 -------- d-----w- C:\Program Files\TeamViewer

2014-09-24 16:35:56 -------- d-----w- C:\Program Files\trend micro

======= C: =====

2014-09-25 10:28:19 52FDA566A28ABE882648E0C61E82C380 2824 ----a-w- C:\DelFix.txt

====== C:\Users\Danny\AppData\Roaming ======

2014-09-25 06:46:52 -------- d-----w- C:\Users\Danny\AppData\Roaming\TMP

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft Help

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft

2014-09-23 05:40:23 -------- d-----w- C:\Users\Danny\AppData\Local\ElevatedDiagnostics

2014-09-22 12:55:25 -------- d-----w- C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

====== C:\Users\Danny ======

2014-09-25 09:36:46 -------- d-----r- C:\Windows\system32\config\systemprofile\Desktop

2014-09-25 08:18:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

2014-09-25 06:40:53 CD3B49A7419859F1A7D879F3C238482A 107531 ----a-w- C:\ProgramData\nvModes.001

2014-09-24 21:52:57 847C7FB7433A47EF9361DFEE49327F72 107529 ----a-w- C:\ProgramData\nvModes.dat

2014-09-24 20:08:26 -------- d-----w- C:\Users\UpdatusUser\Searches

2014-09-24 20:08:26 -------- d-----w- C:\Users\UpdatusUser\Contacts

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\Saved Games

2014-09-24 20:08:24 -------- d-----w- C:\Users\UpdatusUser\AppData

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Videos

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Pictures

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Music

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Links

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Favorites

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Downloads

2014-09-24 20:08:24 -------- d-----r- C:\Users\UpdatusUser\Desktop

2014-09-24 18:28:28 -------- d-----w- C:\ProgramData\NVIDIA

2014-09-24 18:25:37 -------- d-----w- C:\ProgramData\NVIDIA Corporation(106)

2014-09-24 10:56:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-22 12:16:22 -------- d-----r- C:\Users\Danny\Pictures

====== C: exe-files ==

2014-09-25 08:43:53 DE8E8FA274122C38CE0A7ED291177759 4812048 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe

2014-09-25 08:43:53 8C8E7948B3940BC2987D06D633DF4AEA 264464 ----a-w- C:\Program Files\TeamViewer\Version9\tv_x64.exe

2014-09-25 08:43:53 83DE0CC30F2E7F7108F550AEBDDCE4C7 229648 ----a-w- C:\Program Files\TeamViewer\Version9\tv_w32.exe

2014-09-25 08:43:53 58B1D57D7522D1656F4FC815A060439C 585240 ----a-w- C:\Program Files\TeamViewer\Version9\uninstall.exe

2014-09-25 08:43:53 4ACFC5853A3F0C6C2F54E537C23EE90F 4799760 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

2014-09-25 08:43:53 12220BA871C6D7BAE08FFDD137BAB697 13559056 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer.exe

2014-09-25 08:18:15 5A416D83F6BF8BA68B409A9A69FB96C5 17385800 ---ha-w- C:\Program Files\Google\Picasa3\setup.exe

2014-09-25 08:18:04 6DE5B13C5BFCD14DFA33BF5CBB73FEE2 171419 ----a-w- C:\Program Files\Google\Picasa3\Uninstall.exe

2014-09-25 08:18:01 C1B577B2169900F4CF7190C39F085794 136120 ----a-w- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

2014-09-25 08:10:01 6E098A827A6439DDA1EE4C59A1BFA39D 3675824 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe

2014-09-25 07:40:55 4F932DF1F3DFADDAFFC269BF83DD9816 99624 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_w32.exe

2014-09-25 07:40:55 435289FB689E6952C96AE351E004B64A 130344 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\tv_x64.exe

2014-09-25 07:39:27 91E3D9DBBC7B0EFD8CFA2A8BB785FE2D 96768 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe

2014-09-25 07:39:27 4E083C6EDB31DF79EBDE9806CCB55169 59392 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe

2014-09-25 07:39:27 3E655A006C76BBDAF8171B2A437006B9 54432 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe

2014-09-25 07:39:27 3E655A006C76BBDAF8171B2A437006B9 54432 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe

2014-09-25 07:39:27 26568E393E30CC4D648D5F68B4D6273D 130208 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe

2014-09-25 07:38:02 DAC46B2304E7B1434C6531BCA1CC3559 78482 ----a-w- C:\Windows\System32\Adobe\uninstaller.exe

2014-09-25 07:37:52 2ECF113513C3CB60B447C9B93FC583C4 1000784 ----a-w- C:\Users\Danny\AppData\Local\Temp\install_reader11_nl.exe

2014-09-25 07:30:28 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe

2014-09-25 06:48:11 964771A8E668CE64708ABE8B95BF5FD2 1191936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_8a60cd0a\RtlUpd.exe

2014-09-25 06:48:11 964771A8E668CE64708ABE8B95BF5FD2 1191936 ----a-w- C:\Windows\RtlUpd.exe

2014-09-25 06:48:11 964771A8E668CE64708ABE8B95BF5FD2 1191936 ------w- C:\Program Files\Realtek\Audio\InstallShield\RtlUpd.exe

2014-09-25 06:48:11 43C3571EADA5BC1EDEAD7CA22AD66F30 49152 ------w- C:\Program Files\Realtek\Audio\InstallShield\ChCfg.exe

2014-09-25 06:48:11 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_8a60cd0a\SkyTel.exe

2014-09-25 06:48:11 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ----a-w- C:\Windows\SkyTel.exe

2014-09-25 06:48:11 1AFA1CBBB859A9F335FEC2F8CF3D5D0B 1826816 ------w- C:\Program Files\Realtek\Audio\InstallShield\SkyTel.exe

2014-09-25 06:48:10 A360F8AA95A086CB7F9D361B5485858F 4702208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_8a60cd0a\RtHDVCpl.exe

2014-09-25 06:48:10 A360F8AA95A086CB7F9D361B5485858F 4702208 ----a-w- C:\Windows\RtHDVCpl.exe

2014-09-25 06:48:10 A360F8AA95A086CB7F9D361B5485858F 4702208 ------w- C:\Program Files\Realtek\Audio\InstallShield\RtHDVCpl.exe

2014-09-25 06:47:57 950F61ED7C6DBFAD41059F754AF35469 319488 ----a-w- C:\Windows\HideWin.exe

2014-09-24 16:35:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Danny.exe

2014-09-22 17:47:12 7BE0F6203CDF7E986EDC66525DDA4424 180930 ----a-w- C:\Windows\865537E164904193A4B6669C62711852.TMP\WiseCustomCalla22.exe

2014-09-22 17:47:12 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\865537E164904193A4B6669C62711852.TMP\WiseCustomCalla18.exe

2014-09-22 13:15:18 959D935ECA4113CA0C0CC0BFC5739C0A 534528 ------w- C:\ProgramData\HP\Installer\Temp\dpinst_x32\dpinst.exe

2014-09-22 13:13:54 BB2CEC3E89E39A8571980059561D63BE 472664 ------w- C:\ProgramData\HP\Installer\Temp\hpzmsi01.exe

2014-09-22 13:13:54 B97A81FCFA74E0E88FDA4C0659F9E9BE 771672 ------w- C:\ProgramData\HP\Installer\Temp\hpzscr01.exe

2014-09-22 12:25:18 B0C76F86093C010F9A1EADD99726454F 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE

2014-09-22 12:24:31 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe

2014-09-22 12:24:29 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateBroker.exe

2014-09-22 12:24:25 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateSetup.exe

2014-09-22 12:19:59 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe

2014-09-22 12:19:56 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

2014-09-22 12:19:36 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe

2014-09-22 12:18:10 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.24.15\GoogleUpdate.exe

2014-09-22 12:18:02 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe

=== C: other files ==

2014-09-25 09:44:31 EC1C84401D188731C2448A4C1DEDBCBE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2190923577-2945664398-3154023777-1000\$IJV1PHC.zip

2014-09-25 09:40:41 567583C41349312F61578E0D61324562 168507814 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2190923577-2945664398-3154023777-1000\$RJV1PHC.zip

2014-09-25 07:40:56 95314C3A08589471983C2C8173F23CDA 16376 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\x64\TVMonitor.sys

2014-09-25 07:40:56 111A023266532C621EE69AE96E47081E 13304 ----a-w- C:\Users\Danny\AppData\Local\Temp\TeamViewer\Version6\x86\TVMonitor.sys

2014-09-25 06:48:11 34B8B4A442046E3D5FDD0B17926CF3F1 1967576 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdart.inf_8a60cd0a\RTKVHDA.sys

2014-09-25 06:48:11 34B8B4A442046E3D5FDD0B17926CF3F1 1967576 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2014-09-25 06:48:11 34B8B4A442046E3D5FDD0B17926CF3F1 1967576 ------w- C:\Program Files\Realtek\Audio\InstallShield\RTKVHDA.sys

2014-09-22 20:10:36 867A62A049B3F88614EDDC7018508C69 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{4F71CA60-F2E8-426E-A38E-CA5C15B07E49}\NVI2SystemService64.sys

2014-09-22 20:10:36 313ECE1AC5FBC68B7A021172EF336D45 14664 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{4F71CA60-F2E8-426E-A38E-CA5C15B07E49}\NVI2SystemService32.sys

2014-09-22 15:52:34 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-09-22 15:52:24 799613BA73D25641402AA81B6403EFF8 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-09-22 15:52:24 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-09-22 12:25:18 867A62A049B3F88614EDDC7018508C69 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys

2014-09-22 12:25:18 313ECE1AC5FBC68B7A021172EF336D45 14664 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"KeyboardBat"=dword:00000000

"MouseBat"=dword:00000000

"F037"="j;keyboard and mouse battery low"

"L037"="Batterij toetsenbord en muis laag"

"F036"="i;mouse battery low"

"L036"="Batterij muis laag"

"F035"="h;keyboard battery low"

"L035"="Batterij toetsenbord laag"

"F034"="g;keyboard and mouse battery OK"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"RTHDVCPL"="RtHDVCpl.exe"

"Skytel"="Skytel.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Google Update"="C:\Users\Danny\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"KeyboardBat"=dword:00000000

"MouseBat"=dword:00000000

"F037"="j;keyboard and mouse battery low"

"L037"="Batterij toetsenbord en muis laag"

"F036"="i;mouse battery low"

"L036"="Batterij muis laag"

"F035"="h;keyboard battery low"

"L035"="Batterij toetsenbord laag"

"F034"="g;keyboard and mouse battery OK"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG9_TRAY]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AVG9_TRAY"

"hkey"="HKLM"

"command"="C:\\PROGRA~1\\AVG\\AVG9\\avgtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="beid"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Belgium Identity Card\\beid35gui.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Sidebar"

"hkey"="HKCU"

"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\aawservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TabletInputService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TapiSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wlidsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [25/09/2014 10:10]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27/01/2010 06:43]

C:\Windows\tasks\SpyHunter4.job --a------ C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe []

C:\Windows\tasks\User_Feed_Synchronization-{A2AD474C-31C8-4C8A-84F9-E6B0009008C7}.job --ah----- [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\SpyHunter4" [C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe]

"C:\Windows\system32\tasks\Start Registry Reviver" [C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe]

"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG PC TuneUp 2014\OneClick.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{A2AD474C-31C8-4C8A-84F9-E6B0009008C7}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{53FF83B7-9716-4CBC-84CB-6914C7E65C35}" ["c:\program files\safari\safari.exe"]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla(72)\Firefox\Profiles\f1t7y4nz.default

- OptimizeGoogle - %ProfilePath%\extensions\optimizegoogle@optimizegoogle.com.xpi

==== Firefox Plugins ======================

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dbkmgcaobfhilannncmdlkaloijhneja - C:\ProgramData\SaveAs\dbkmgcaobfhilannncmdlkaloijhneja.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45]

Google Drive - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbkmgcaobfhilannncmdlkaloijhneja_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}"

{6F4E4166-4AD9-4014-8392-372CF0292D59} Unknown Url="Not_Found"

{7D694875-84B3-487D-A67D-6327A2BEC0EF} Unknown Url="Not_Found"

{FE2F30EE-CE88-4D77-BE33-985B6C393E4C} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6F4E4166-4AD9-4014-8392-372CF0292D59} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7D694875-84B3-487D-A67D-6327A2BEC0EF} deleted successfully

HKEY_USERS\S-1-5-21-2190923577-2945664398-3154023777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FE2F30EE-CE88-4D77-BE33-985B6C393E4C} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbkmgcaobfhilannncmdlkaloijhneja deleted successfully

==== Empty IE Cache ======================

C:\Users\Danny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Danny\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Danny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=316 folders=34 144774957 bytes)

==== Empty Temp Folders ======================

C:\Users\Danny\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Danny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Danny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on vr 26/09/2014 at 9:27:58,67 ======================

Geplaatst:

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.

Logbestand plaatsen

  • Voeg het logbestand met de naam ComboFix.txt als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\ComboFix.txt")
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.