wie helpt mij van al die reclame af?

sjefjansen · 8 januari 2015

Ik zit met mijn handen in het haar. Krijg regelmatig allerlei AVG meldingen over bedreigingen die AVG dan zegt opgelost te hebben. Tegelijkertijd flitsen de reclameboodschappen onophoudelijk over mijn scherm waardoor werken onmogelijk wordt. Heb een laptop HP met 8.1 windows.

Moet ik ergens een bestandje wissen om hier een einde aan te maken of is er iets anders aan de hand?

WIE HELPT ME?????

iEscape · 8 januari 2015

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

22 januari 2015 aangepast door iEscape
Bericht opgeschoond: < /br> code verwijderd

sjefjansen · 11 januari 2015

hopelijk is het bijvoegen kladblok-bijlage zo goed gedaan?

ik zie bij al die reclames dikwijle de volgende toevoeging staan wie de ads plaatst:

Ads by CinemaP-1.4c

groet

aaaabijlage bij bericht.txt

kweezie wabbit · 11 januari 2015

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{b608cc98-54de-4775-96c9-097de398500c};c
C:\Users\JP\AppData\Local\PriceFountain;fs
C:\Program Files (x86)\globalUpdate;fs
C:\Program Files (x86)\CinPlus-2.4cV03.01;fs
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-1.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-2.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-3.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5_user.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-6.job;f
C:\WINDOWS\tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-7.job;f
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job;f
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job;f
C:\WINDOWS\tasks\Price Fountain.job;f
C:\Users\JP\AppData\Roaming\PriceFountain;fs
C:\WINDOWS\tasks\VBZI.job;f
C:\Users\JP\AppData\Roaming\VBZI.exe;f
C:\Program Files (x86)\Registry Helper;fs
C:\ProgramData\Registry Helper;fs
C:\WINDOWS\system32\WPRO_41_2001woem.tmp;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b608cc98-54de-4775-96c9-097de398500c}];r64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"pricefountainw.exe"=-;r
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
"pricefountainw.exe"=-;r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"Registry Helper"=-;r64
globalUpdate;s
globalUpdatem;s
emptyclsid;
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;

Klik op de knop "More options" en vink nu de onderstaande opties aan.
Do a Deep Scan
Installed Programs
IE Defaults
Reset Chrome
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

sjefjansen · 12 januari 2015

Dit was de tekst van het logbestand:

Zoek.exe v5.0.0.0 Updated 09-January-2015

Tool run by JP on ma 12-01-2015 at 12:39:33,96.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\JP\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 12:41:20,75 =====

--- Create Environment Variables 12:41:25,53

--- Create System Restore Point 12:41:53,16

--- Checking Input 12:42:49,64

--- AU AppData Check 12:43:06,98

--- Remove From Windows Installer 12:43:19,05

en hoe nu verder?

groet

Sjef

sjefjansen · 12 januari 2015

sorry. geloof iets te vroeg gekopieerd te hebben.

Onderstaande tekst is completer denk ik:

Zoek.exe v5.0.0.0 Updated 09-January-2015

Tool run by JP on ma 12-01-2015 at 12:39:33,96.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\JP\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 12:41:20,75 =====

--- Create Environment Variables 12:41:25,53

--- Create System Restore Point 12:41:53,16

--- Checking Input 12:42:49,64

--- AU AppData Check 12:43:06,98

--- Remove From Windows Installer 12:43:19,05

--- Empty Folders Check 12:46:48,12

--- Registry HKLM Software Check 12:46:48,20

--- Quick Launch Shortcut Check 12:47:21,65

--- IE Startpage Check 12:47:30,48

--- Program Files DB Check 12:48:36,57

sjefjansen · 12 januari 2015

even de voorgaande twee reacties vergeten. programma is nog steeds bezet te screenen. plaats straks het (hopelijk nu wel) complete bestand.

sj.

sjefjansen · 12 januari 2015

Beste Kweezie Wabbit,

hierbij het goede bestand:

Zoek.exe v5.0.0.0 Updated 09-January-2015

Tool run by JP on ma 12-01-2015 at 12:39:33,96.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\JP\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

12-1-2015 12:42:44 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Program Files\office.tmp deleted successfully

C:\PROGRA~3\C5A3BB37E7764FD69BB3D8A75A7BB3E1 deleted successfully

C:\PROGRA~3\PicColor Utility deleted successfully

C:\Users\JP\AppData\Local\CrashDumps deleted successfully

C:\Users\JP\AppData\Local\HP Quick Start deleted successfully

C:\Users\JP\AppData\Local\PackageStaging deleted successfully

C:\Users\JP\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b608cc98-54de-4775-96c9-097de398500c} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b608cc98-54de-4775-96c9-097de398500c} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{03C05F2C-680D-455E-A744-E6C39D541BE4} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{175DF8AA-D63F-420E-8A84-4D805C28B7C3} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77EC69CE-5731-4B4E-A6BB-341230A85C} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BC01523-85A0-4845-95A7-CBD2D408415} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{af8343a6-fe93-48bf-9490-892e40b0d674} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b4a77b55-3a39-4ebb-bbec-71dfef393018} deleted successfully

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE2621DF-7FC9-4EF5-8747-1A5891D94180} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{b608cc98-54de-4775-96c9-097de398500c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b608cc98-54de-4775-96c9-097de398500c} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611571181} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{af8343a6-fe93-48bf-9490-892e40b0d674} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b4a77b55-3a39-4ebb-bbec-71dfef393018} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

==== Installed Programs ======================

7-Zip 9.20 (x64 edition)

Aangifte inkomstenbelasting 2013

Absolute Reminder

Adobe Digital Editions 2.0

Adobe Reader XI (11.0.09) - Nederlands

ALPS Touch Pad Driver

AMD Catalyst Install Manager

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AVG 2015

Bonjour

Catalyst Control Center - Branding

Catalyst Control Center

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

CyberLink LabelPrint

CyberLink Media Suite 10

Cyberlink PhotoDirector

CyberLink Power2Go 8

CyberLink PowerDirector 10

CyberLink PowerDVD 12

CyberLink YouCam

D3DX10

DisableMSDefender

Dropbox

Energy Star

Epson Connect Printer Setup

Epson E-Web Print

Epson Event Manager

Epson Gebruikershandleiding XP-600 Series

Epson Netwerkhandleiding XP-600 Series

EPSON Printer Finder

EPSON Scan

EPSON XP-600 Series Printer Uninstall

EpsonNet Print

Google Chrome

Google Earth

Google Update Helper

Handleiding Epson Connect

Hewlett-Packard ACLM.NET v1.2.2.3

HP 3D DriveGuard

HP Connected Music (Meridian - installer)

HP Connected Music (Meridian - player)

HP CoolSense

HP Customer Experience Enhancements

HP Documentation

HP PC Hardware Diagnostics UEFI

HP Postscript Converter

HP Quick Start

HP Recovery Manager

HP Registration Service

HP Support Assistant

HP System Event Utility

HP Utility Center

HP Wireless Button Driver

iCloud

Intel Anti-Theft Discovery App

Intel Experience Center - Configuration

Intel® Experience Center Desktop Software

Intel® Experience Center Driver

Intel® Management Engine Components

Intel® PRO/Wireless Driver

Intel® Processor Graphics

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.1)

Intel® Rapid Start Technology

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® Smart Connect Technology 4.1 x64

Intel® Update Manager

Intel® WiDi

Intel© PROSet/Wireless Software

Intel© PROSet/Wireless WiFi Software

Intel© Trusted Connect Service Client

iTunes

Microsoft Application Error Reporting

Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl

Microsoft OneDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Movie Maker

MSVCRT

MSVCRT110

MSVCRT110_amd64

MyDriveConnect 3.3.0.1502

OEM Application Profile

Office 15 Click-to-Run Extensibility Component

Office 15 Click-to-Run Licensing Component

Office 15 Click-to-Run Localization Component

Photo Common

Photo Gallery

PX Profile Update

QuickTime 7

Realtek Card Reader

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Software Updater

swMSM

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

Visual Studio C++ 10.0 Runtime

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Windows\SysWOW64\irstrtsv.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe

C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\WINDOWS\SysWOW64\ctfmon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe

c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE

C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\Users\JP\Downloads\zoek.exe

C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"pricefountainw.exe"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

Objects\{b608cc98-54de-4775-96c9-097de398500c}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"pricefountainw.exe"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"Registry Helper"=-

==== Deleting Files \ Folders ======================

C:\Users\JP\AppData\Local\PriceFountain not found

C:\Program Files (x86)\Registry Helper not found

C:\PROGRA~3\C5A3BB37E7764FD69BB3D8A75A7BB3E1 not found

"C:\Users\JP\AppData\Roaming\VBZI.exe" not found

C:\Program Files (x86)\globalUpdate deleted

C:\Users\JP\AppData\Roaming\PriceFountain deleted

C:\ProgramData\Registry Helper deleted

C:\PROGRA~2\MyPC Backup deleted

C:\found.001 deleted

C:\Users\JP\AppData\Roaming\WB.CFG deleted

C:\Users\JP\AppData\Roaming\systweak deleted

C:\PROGRA~3\PicColorData deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\JP\AppData\Local\globalUpdate deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-1.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-2.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-3.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5_user.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-6.job deleted

C:\WINDOWS\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-7.job deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-1 deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-2 deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-3 deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5 deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-5_user deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-6 deleted

C:\windows\SysNative\Tasks\124fe3ac-968b-402c-a36d-a5f8561c5dec-7 deleted

C:\windows\SysNative\ColorMediaOff.ini deleted

C:\windows\SysNative\tasks\Price Fountain deleted

C:\WINDOWS\tasks\Price Fountain.job deleted

C:\windows\SysNative\tasks\1114avUpdateInfo deleted

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job deleted

C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted

C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted

C:\WINDOWS\SysWOW64\ColorMedia.ini deleted

C:\WINDOWS\SysWOW64\ColorMediaOff.ini deleted

"C:\WINDOWS\tasks\VBZI.job" deleted

"C:\windows\SysNative\WPRO_41_2001woem.tmp" deleted

"C:\WINDOWS\Installer\87c20.msi" deleted

"C:\Users\JP\AppData\Roaming\VBZI" deleted

"C:\WINDOWS\tasks\VBZI.job" deleted

"C:\WINDOWS\SysNative\tasks\VBZI" deleted

"C:\found.000" deleted

"C:\found.002" not deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 5915 MB

CPU Info: Intel® Core i7-4500U CPU @ 1.80GHz

CPU Speed: 2431,8 MHz

Sound Card: luidspreker/Hoofdtelefoon (Real |

Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | Intel® HD Graphics Family

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Bluetooth-apparaat (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Intel® Wireless-N 7260 | Realtek PCIe FE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp CDDVDW SU-208FB

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 2 Button Wheel Mouse Present

Hard Disks: C: 445,1GB | D: 19,5GB

Hard Disks - Free: C: 327,9GB | D: 1,9GB

Manufacturer *: Insyde

BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Hewlett-Packard 2162

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated)

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated)

Default Browser: Google Chrome 39.0.2171.95

Internet Explorer Version: 11.0.9600.16663

Google Chrome version: 39.0.2171.95

Adobe Reader version: 11.0.9.29

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2015-01-10 08:46:11 21308E6D6891102BA1DBB76E8C20651F 1033103003 ----a-w- C:\WINDOWS\MEMORY.DMP

====== C:\Users\JP\AppData\Local\Temp ====

2015-01-08 11:28:35 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\JP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1ibkx7.dll

2015-01-08 11:27:44 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\JP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc4mfoe.dll

2015-01-07 10:32:09 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\JP\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2015-01-12 11:26:26 8265CD5C67D0A35DFC40F3D1A8AC994C 94656 ----a-w- C:\WINDOWS\Sysnative\WPRO_41_2001woem.tmpsearch

2015-01-08 14:32:48 FC273E6B811F678EA5518A27D57E0879 298120 ------w- C:\WINDOWS\Sysnative\MpSigStub.exe

====== C:\WINDOWS\Sysnative\drivers =====

====== C:\WINDOWS\Tasks ======

2015-01-03 13:13:36 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\C5A

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2015-01-11 09:32:33 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

======= C: =====

2015-01-03 13:12:54 883B452BF11F82B77FD0E9BA3A8CECE0 3966 ----a-w- C:\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi

====== C:\Users\JP\AppData\Roaming ======

2015-01-08 14:38:39 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft

2015-01-07 10:36:33 -------- d-----w- C:\Users\JP\AppData\Roaming\vlc

2015-01-07 10:28:39 -------- d-----w- C:\Users\JP\AppData\Local\Diagnostics

2015-01-03 13:19:30 -------- d-----w- C:\Users\JP\AppData\Locallow\Oracle

2015-01-03 13:13:31 -------- d-----w- C:\Users\JP\AppData\Locallow\Sun

====== C:\Users\JP ======

2015-01-11 09:42:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64 (2).exe

2015-01-11 09:31:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64 (1).exe

2015-01-11 09:31:12 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64.exe

2015-01-11 09:10:52 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp

2015-01-08 13:06:01 -------- d-----w- C:\ProgramData\AVG

2015-01-03 13:19:33 -------- d-----w- C:\ProgramData\Sun

2015-01-03 13:18:43 -------- d-----w- C:\ProgramData\Oracle

====== C: exe-files ==

2015-01-12 11:30:40 EA2ED5D61F1BBBABAF78EC93CD873352 6134048 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

2015-01-12 11:30:40 5E079E70C9C64583C5B4A329D86CA44E 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe

2015-01-12 11:30:40 5C8D8F0B17EDBD8E2945BE17C5132643 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe

2015-01-12 11:30:40 0C64EECF88C5818A0F6DE724876B3812 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe

2015-01-11 09:42:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64 (2).exe

2015-01-11 09:32:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\JP.exe

2015-01-11 09:31:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64 (1).exe

2015-01-11 09:31:12 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JP\Downloads\RSITx64.exe

2015-01-08 13:35:12 D3063344931031F4A28699909DEA25FF 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$ISZIMYK.exe

2015-01-08 13:35:05 43AE5E9FCBC3DBC1988B18600381CBCA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$IJ90K1V.exe

2015-01-08 13:33:15 859F6FAC51947771F7D92B58F9A7A632 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I4BQU5E.exe

2015-01-08 13:05:15 134B1FEDF73FC52E736425FB11E56023 90844984 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$RJ90K1V.exe

2015-01-08 13:03:57 134B1FEDF73FC52E736425FB11E56023 90844984 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$RSZIMYK.exe

2015-01-07 22:34:09 AA95D278EC9A7D49375FC0F0B4783E51 36904648 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$R4BQU5E.exe

2015-01-07 22:09:10 B209F4333F7F4D1A23CD446AC7AC374D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$IB2H9OZ.exe

2015-01-07 22:08:02 25E19240D8AFF3A62661974A37758482 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I17DQPI.exe

2015-01-07 22:07:57 070401146D79CB0DA50E3EBBFBF1124E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I9ASFI4.exe

2015-01-07 22:07:30 87B2B84D044C6F8EEE1347B339C45C74 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I2ZG2G8.exe

2015-01-07 10:38:12 0B50C927256969AFCEBE41D929FC16A5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I4NNZ8J.exe

2015-01-07 10:38:02 AAAF5DA97B0FA3FDDC60B50AAAF71E00 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$IXGL12V.exe

2015-01-07 10:37:51 AD93D119A837E01EC7189872EA24D025 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$IQYA456.exe

2015-01-07 10:32:09 81452C3E1D8C672C5B89E23B85E0A057 4579176 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$RB2H9OZ.exe

2015-01-07 10:32:09 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\JP\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe

2015-01-07 10:32:09 0D5F3E3FF517F1DF693CA90659287DC9 32845784 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$R9ASFI4.exe

2015-01-07 10:32:09 0D5F3E3FF517F1DF693CA90659287DC9 32845784 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$R17DQPI.exe

2015-01-07 10:30:17 112ABB03EA24AA786844E3335B78B5CD 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$IILPQI4.exe

=== C: other files ==

2015-01-08 13:34:17 A524F8D529AFA25C79EE077FF8091D30 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3686717776-3369322895-3351042067-1001\$I8S2F90.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3686717776-3369322895-3351042067-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="C:\Users\JP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

"EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE /EPT EPLTarget\P0000000000000001 /M XP-600 Series /EF HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe"

"HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"