Ga naar inhoud

Verschillende iconen op mijn desktop werken niet meer.‏


Aanbevolen berichten

Beste dames en heren,

 

Bijvoorbeeld kan ik niet meer op hotmail via mijn desktop, ik krijg een blanke pagina met links onderaan "DONE", op Ebay krijg ik enkel een cirkeltje die draait (oplaad?) ipv een afbeelding van het object, op Google zijn er bepaalde sites die niet reageren op mijn klikken, ook wanneer ik in mijn mail ben is er ineens een groot deel van de pagina niet meer zichtbaar, ik moet dan mijn mail sluiten en heropenen en dan is het goed voor een bepaalde tijd en daarna terug on zichtbaar. 
Ik heb dit sinds een week ongeveer.

 

De miserie is in feite begonnen met mijn printer HP5280C, ik heb die verwijdert voor ik weet niet meer welke duistere reden en heb hem nooit op een correcte manier kunnen herinstalleren, na ontelbare pogingen had ik telkens hetzelfde het solutioncenter mankeerde telkens op mijn desktop en dit heb ik nodig om documenten te kunnen scannen, het afprinten van documenten via mijn pc ging wel. Ik had hetzelfde gedaan een tweetal jaren terug, de link gedownload van de photosmart C5280 en herinstalleren zonder problemen. (ik heb geen installatie-CD).

 

Ik weet nu niet of de problemen die ik met mijn pc heb gelinkt zijn of niet.

 

Vandaag heb ik ook gemerkt dat als ik mijn pc opstart een kleine venster krijg van "Windows Installer" met de tekst "Preparing to install..." en een knop "Cancel"

 

Mijn PC draait onder XP sp 3.
Ik voeg hierbij een Hijack-bestand, misschien is dit wel nuttig.unknown.gif  hijackthis.log   6,86KB   1 Number of downloads

 

Hopelijk kunt u mij helpen want ik zit serieus in de penarie.
Met dank en vriendelijke groeten,

Link naar reactie
Delen op andere sites

  • Reacties 128
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Je kan al beginnen met Advanced SystemCare 8 te verwijderen.

Het nut van dergelijke programma's is zeer twijfelachtig en regelmatig veroorzaken ze meer problemen dan ze oplossen.

 

Ruim na de verwijderen ook het register op met CCleaner.

 

 

Doe daarna he volgende.

 

Download 51a5f5d096dae-icon_RSIT.png RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je 
hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een 

.
Link naar reactie
Delen op andere sites

Ik heb nu gedaan wat je vroeg, hierbij de gevraagde "log".

 

 

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-08-15 11:19:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 91 GB (60%) free of 153 GB
Total RAM: 1015 MB (30% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:32, on 15/08/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\admin\Desktop\RSIT.exe
C:\Program Files\trend micro\admin.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gfe_rd=cr&ei=grGCVYe5JIKEVObRgOgM&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms}
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [spybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359655492015
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.200.0.cab
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O20 - AppInit_DLLs:  
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
 
--
End of file - 6183 bytes
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\AXEFTRRE.job - C:\WINDOWS\system32\rundll32.exe   "C:\WINDOWS\system32\DirectXS.dll",guzx 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe  -c 
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe  
C:\WINDOWS\tasks\ParetoLogic Registration3.job - C:\WINDOWS\system32\rundll32.exe  "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns 
C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe  -StartupTask 
C:\WINDOWS\tasks\ParetoLogic Update Version3.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe  
C:\WINDOWS\tasks\User_Feed_Synchronization-{D9A43893-FAB6-468E-8F60-847CC8571533}.job - C:\WINDOWS\system32\msfeedssync.exe  sync 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-31 460384]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-31 172640]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-03-10 166424]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"beidsccertprop"=C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\PROGRA~1\MESSEN~1\msmsgs.exe [2008-04-14 1695232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-07-17 6453528]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 []
 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-03-10 208896]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\Bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\Bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\Bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\Bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=serwvdrv.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
 
======List of files/folders created in the last 1 month======
 
2015-08-15 11:07:50 ----D---- C:\Program Files\trend micro
2015-08-15 11:07:49 ----D---- C:\rsit
2015-08-14 16:46:14 ----D---- C:\Documents and Settings\admin\Application Data\DriverCure
2015-08-14 16:46:13 ----D---- C:\Documents and Settings\admin\Application Data\ParetoLogic
2015-08-14 16:46:05 ----D---- C:\Program Files\Common Files\ParetoLogic
2015-08-14 16:46:00 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2015-08-14 10:59:06 ----D---- C:\Documents and Settings\admin\Application Data\Solvusoft
2015-08-14 10:58:59 ----A---- C:\WINDOWS\system32\roboot.exe
2015-08-13 17:51:18 ----A---- C:\WINDOWS\system32\drivers\bdfsfltr.sys
2015-08-12 15:06:08 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-11 20:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2015-08-11 19:41:02 ----A---- C:\WINDOWS\wininit.ini
2015-08-11 18:31:49 ----D---- C:\Program Files\Common Files\AV
2015-08-11 18:25:19 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2015-08-11 18:25:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-08-08 10:31:14 ----D---- C:\AdwCleaner
2015-08-04 20:18:28 ----D---- C:\Program Files\AVAST Software
2015-08-01 09:44:03 ----D---- C:\Program Files\Belgium Identity Card
2015-07-31 15:00:12 ----D---- C:\Program Files\Common Files\Java
2015-07-29 13:03:11 ----D---- C:\Program Files\CCleaner
2015-07-21 14:37:21 ----D---- C:\Documents and Settings\All Users\Application Data\{D76294E6-03B8-4971-AF2E-3F846161A690}
2015-07-21 14:37:20 ----D---- C:\Documents and Settings\All Users\Application Data\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2015-07-21 12:30:38 ----HD---- C:\Documents and Settings\All Users\Application Data\{31BD6CA4-2E71-4B80-94A6-E927A32594A9}
 
======List of files/folders modified in the last 1 month======
 
2015-08-15 11:16:32 ----D---- C:\WINDOWS\Prefetch
2015-08-15 11:07:50 ----RD---- C:\Program Files
2015-08-15 11:03:53 ----SHD---- C:\WINDOWS\Installer
2015-08-15 11:03:53 ----HD---- C:\Config.Msi
2015-08-15 11:02:53 ----D---- C:\WINDOWS\Temp
2015-08-15 11:01:02 ----D---- C:\Program Files\IObit
2015-08-15 11:00:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-08-15 10:58:55 ----D---- C:\WINDOWS\system32\drivers
2015-08-15 10:58:49 ----SD---- C:\WINDOWS\Tasks
2015-08-14 19:39:41 ----D---- C:\WINDOWS\system32\CatRoot2
2015-08-14 19:08:07 ----D---- C:\Documents and Settings\admin\Application Data\vlc
2015-08-14 16:46:05 ----D---- C:\Program Files\Common Files
2015-08-14 16:34:20 ----D---- C:\WINDOWS
2015-08-14 11:13:13 ----RSD---- C:\WINDOWS\assembly
2015-08-14 11:13:11 ----D---- C:\Program Files\Hewlett-Packard
2015-08-14 10:58:59 ----D---- C:\WINDOWS\system32
2015-08-13 21:05:48 ----D---- C:\WINDOWS\SoftwareDistribution
2015-08-13 21:04:10 ----D---- C:\WINDOWS\Debug
2015-08-12 19:04:31 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-12 15:06:13 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-12 12:19:10 ----HD---- C:\WINDOWS\inf
2015-08-12 12:19:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2015-08-12 12:16:09 ----D---- C:\WINDOWS\twain_32
2015-08-12 12:13:23 ----D---- C:\Documents and Settings\admin\Application Data\IObit
2015-08-12 12:08:27 ----D---- C:\Documents and Settings\All Users\Application Data\ProductData
2015-08-11 23:13:04 ----A---- C:\WINDOWS\win.ini
2015-08-11 23:11:34 ----D---- C:\Drivers
2015-08-11 20:12:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2015-08-11 20:12:18 ----D---- C:\WINDOWS\system32\mui
2015-08-11 18:25:53 ----D---- C:\WINDOWS\system32\config
2015-08-11 18:18:18 ----D---- C:\WINDOWS\system32\NtmsData
2015-08-11 18:17:42 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2015-08-11 14:05:56 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2015
2015-08-11 14:05:55 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData
2015-08-11 11:45:27 ----D---- C:\Documents and Settings\admin\Application Data\Skype
2015-08-08 12:49:38 ----D---- C:\WINDOWS\system32\CatRoot
2015-08-04 20:18:25 ----ASH---- C:\boot.ini
2015-08-04 13:20:45 ----D---- C:\WINDOWS\security
2015-08-04 13:13:52 ----SD---- C:\Documents and Settings\admin\Application Data\Microsoft
2015-08-04 13:13:52 ----HD---- C:\WINDOWS\system32\GroupPolicy
2015-08-04 12:17:23 ----D---- C:\Program Files\Google
2015-08-04 11:37:40 ----RD---- C:\Program Files\Skype
2015-08-04 11:36:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2015-08-04 10:52:12 ----SHD---- C:\RECYCLER
2015-08-04 10:49:24 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2015-08-04 09:59:08 ----D---- C:\Documents and Settings\All Users\Application Data\HitmanPro
2015-07-31 15:00:41 ----D---- C:\Program Files\Java
2015-07-31 14:58:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-05-28 48896]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-07-12 8832]
R1 FD;FD; C:\WINDOWS\system32\drivers\FD.sys [2012-02-01 22403]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 bdfsfltr;bdfsfltr; \??\C:\WINDOWS\system32\Drivers\bdfsfltr.sys []
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-02-28 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-02-28 55936]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2014-03-10 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-03-10 5630168]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2014-04-05 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2014-03-10 40936]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2015-03-05 441048]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2014-10-04 33536]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-03-10 1691480]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz134;cpuz134; \??\C:\DOCUME~1\admin\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []
S3 cxbu0wdm;CardMan 1021; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2013-07-11 97792]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2014-04-01 56352]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2014-04-01 22928]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2014-04-01 28000]
S3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2003-05-27 1086261]
S3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2003-05-27 480649]
S3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2003-05-27 51301]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2003-05-27 31440]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-03-10 1395800]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-26 107848]
S2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-26 107848]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
 
-----------------EOF-----------------
Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
     
  • Do a Deep Scan
  • Installed Programs
  • Symlink Check
  • Shortcut Fix
  • Auto Clean
     
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites


Het lukt mij niet, ik versta het niet goed.
Ik kan zoek.exe niet naar mijn bureaublad downloaden, ik weet ook niet wat het script is of betekent.
 
Misschien is dit hulpzaam?
 
 
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by admin on sam. 15/08/2015 at 13:01:47,46.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\admin\My Documents\Downloads\zoek (17).exe [scan all users] [script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2015-08-15-104501.log 1288 bytes
 
==== Empty Folders Check ======================
 
C:\Program Files\AVAST Software deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\SegmentBuilder deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\412301046 deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Documents and Settings\admin\Application Data\Dossier de t‚l‚chargement Share-to-Web deleted successfully
C:\Documents and Settings\admin\Application Data\ShieldApps deleted successfully
C:\Documents and Settings\admin\Application Data\Solvusoft deleted successfully
C:\Documents and Settings\admin\Application Data\Vso deleted successfully
C:\Documents and Settings\admin\Local Settings\Application Data\Logitech-LS deleted successfully
 
==== Files Recently Created / Modified ======================
 
====== C:\WINDOWS ====
2015-08-15 10:31:43 F8606F42E517E3EEA53D75AC88F78029 21228814 ----a-w- C:\WINDOWS\repository.backup
2015-08-11 17:41:02 339E871A04ED90C40507C9389B3138D2 229 ----a-w- C:\WINDOWS\wininit.ini
====== C:\DOCUME~1\admin\LOCALS~1\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2015-08-14 08:58:59 4682E9D5F19ED7F117949F2C1BFE5FF8 17840 ----a-w- C:\WINDOWS\System32\roboot.exe
2015-08-12 13:06:08 A586F958031376903AC5BBF973832DA4 8710344 ----a-w- C:\WINDOWS\System32\FlashPlayerInstaller.exe
====== C:\WINDOWS\system32\drivers =====
2015-08-13 15:51:18 D6D8C68D4A7DE9577807277C1764A2BE 356368 ----a-w- C:\WINDOWS\System32\drivers\bdfsfltr.sys
====== C:\WINDOWS\Tasks ======
2015-08-14 14:46:30 FD5FCCEF4AC758A1230CE8B9178AFF96 444 ----a-w- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-08-14 14:46:07 86B030A3BD0756CA985F691CA0700154 470 ----a-w- C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-08-14 14:46:07 145DCFEED47B427783B8F6430D712021 418 ----a-w- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-08-15 09:07:50 -------- d-----w- C:\Program Files\trend micro
2015-08-14 14:46:05 -------- d-----w- C:\Program Files\Common Files\ParetoLogic
2015-08-11 16:31:49 -------- d-----w- C:\Program Files\Common Files\AV
2015-08-01 07:44:03 -------- d-----w- C:\Program Files\Belgium Identity Card
2015-07-31 13:00:12 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Documents and Settings\admin\Application Data ======
2015-08-14 14:46:14 -------- d-----w- C:\Documents and Settings\admin\Application Data\DriverCure
2015-08-14 14:46:13 -------- d-----w- C:\Documents and Settings\admin\Application Data\ParetoLogic
2015-08-12 14:54:05 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Western Digital
2015-08-11 16:30:53 -------- d-----w- C:\Documents and Settings\LocalService\Start Menu\Programs
====== C:\Documents and Settings\admin ======
2015-08-15 09:06:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\admin\desktop\RSIT.exe
2015-08-14 10:36:22 -------- d--h--r- C:\Documents and Settings\admin\Recent
2015-08-11 16:30:53 -------- d-----w- C:\Documents and Settings\LocalService\Start Menu
 
====== C: exe-files ==
2015-08-15 09:07:50 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\admin.exe
2015-08-15 09:06:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\admin\desktop\RSIT.exe
2015-08-14 14:45:19 CF00425E513C37112353CA530AADE740 5817064 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc2.exe
2015-08-14 09:05:40 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc3.exe
2015-08-14 08:58:59 4682E9D5F19ED7F117949F2C1BFE5FF8 17840 ----a-w- C:\WINDOWS\system32\roboot.exe
2015-08-14 08:58:37 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc4.exe
2015-08-13 15:49:00 32B80417D0FFBD0392AD07F161F580C7 83143032 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\ASC8\Advanced SystemCare Ultimate.exe
2015-08-12 13:06:08 A586F958031376903AC5BBF973832DA4 8710344 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-08-11 19:42:29 0A74BFAD2F4F5EFA439FEA821BDB41CC 206018008 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\100_235_PS_AIO_02_Full_NonNet_fra_NB (1).exe
2015-08-11 19:03:46 0A74BFAD2F4F5EFA439FEA821BDB41CC 206018008 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\100_235_PS_AIO_02_Full_NonNet_fra_NB.exe
2015-08-11 17:32:05 C7B8503492B6F4B318DA68F0CC45628E 2821200 ----a-w- C:\Program Files\Google\Update\Install\{9049BE90-D868-45B9-9D8A-BEB7B852A4AB}\44.0.2403.155_44.0.2403.130_chrome_updater.exe
2015-08-11 17:32:05 C7B8503492B6F4B318DA68F0CC45628E 2821200 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.155\44.0.2403.155_44.0.2403.130_chrome_updater.exe
2015-08-10 07:51:47 D150F34597E3B72F6F3125953CABD649 11792408 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\ASC8\Driver Booster 2.exe
=== C: other files ==
2015-08-15 10:31:40 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Documents and Settings\admin\Local Settings\Temp\scripttest.vbs
2015-08-13 15:51:18 D6D8C68D4A7DE9577807277C1764A2BE 356368 ----a-w- C:\WINDOWS\system32\drivers\bdfsfltr.sys
2015-08-13 15:02:52 9B16AD15C50FE86248981C0BC44ADF2C 11767 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Delivery Status Notification (Failure).zip
2015-08-12 15:49:49 193DF5FB77A12148A865A0E741788B49 1132396 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Outlook.com (1).zip
2015-08-12 15:48:57 B00E1BCC091C40A551DA7612AB33DA6B 1132396 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Outlook.com.zip
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
 
[HKEY_USERS\S-1-5-21-343818398-1563985344-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
 
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"LWS"="C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide"
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
 
==== Startup Registry Disabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechSoftwareUpdate]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
 
 
==== Task Scheduler Jobs ======================
 
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 15:06]
C:\WINDOWS\tasks\AXEFTRRE.job --a------ C:\WINDOWS\system32\rundll32C:\WINDOWS\system32\DirectXS.dll []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/05/2015 11:14]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/05/2015 11:14]
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 03:59]
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 03:59]
C:\WINDOWS\tasks\ParetoLogic Registration3.job --a------ C:\WINDOWS\system32\rundll32AC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll []
C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job --a------ C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [08/12/2014 20:55]
C:\WINDOWS\tasks\ParetoLogic Update Version3.job --a------ [undetermined Task]
C:\WINDOWS\tasks\User_Feed_Synchronization-{D9A43893-FAB6-468E-8F60-847CC8571533}.job --ah----- [undetermined Task]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [11/08/2015 18:06]
 
==== Chromium Look ======================
 
Google Chrome Version: 44.0.2403.155
 
 
Google Slides - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Chrome Hotword Shared Module - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Chrome Web Store Payments - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== Chromium Startpages ======================
 
C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
465E274575EA5","username":"D31C6E3D042300A2ACF9900138AA4407012E23CFC86C97E5239EDD94804D6E5E"}},"homepage":"9A27EE9D9A76C537956D0B22210B86B5A9FAA15597CBD7BFBC5B77A8C5DD742B","homepage_is_newtabpage":"E9F8AF03D56B13AC5FA5613D7E3F4BF6EA9D566C32CFE7A4F0A9FF1325CAF634","pinned_tabs":"0ACC29505C472EFB92B7F72D344AF09C4DF932D6B665EF680EBB791DACBB4287","prefs":{"preference_reset_time":"7F9E975726EAB4DE46BC6A521E95D7D2763C51E344209A54D1DC83EDF5779CC5"},"profile":{"reset_prompt_memento":"5109C1852031F3A308C1A730400CCBA2A2518281EA7ED49B5EA60496F81696AF"},"safebrowsing":{"incidents_sent":"15BD30CE634FB47CD754834B2A7F74EA7CD86E493A07F2B8B36F83DC02714F3F"},"search_provider_overrides":"4BA6BC6FFA6BC068CF69A540422219E6252832197704C4D659EA011DA69C85C0","session":{"restore_on_startup":"A8FA02BA4FBFD40C8A501EA88684F1F63BC95386EA87BD263A2C7B056964BFDB","startup_urls":"817C16BA637A5F5F41E490E0EF912B65BCDD1082EDA7DD8FEAB129CFFCFD85D3"},"software_reporter":{"prompt_reason":"765F1D6D7CCBE9BC60C4BBE3415FE627245E64CAD00F77BCADEC916EF7F71094","prompt_seed":"3431A1134C87C7E1FCEAAD755A9A53EDB989F5114343CF34EA155C594E049CE4","prompt_version":"A17D3AB0F02E877CB8783EAC003966717C6D9C4D5B33201F9EF5790B18F0A394"},"sync":{"remaining_rollback_tries":"21CF2D64B90365D2E2868A76519C62D1834FAF8B63391C5F2ED62129E156DFCE"}},"super_mac":"67E887FC3DB37E16D1B52B3F474C17E3D4BC2462BE085A12A077513C6B7B12CA"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/]},"sync":{"remaining_rollback_tries":0}}
 
 
==== C:\zoek_backup content ======================
 
 
==== EOF on sam. 15/08/2015 at 13:07:31,00 ======================
Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
     
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;
installedprogs;
symlinksfix;
shortcutfix;
standardsearch;
autoclean;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.
Link naar reactie
Delen op andere sites

 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by admin on sam. 15/08/2015 at 13:32:50,07.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\admin\My Documents\Downloads\zoek (18).exe [scan all users] [script inserted] 

 

==== Older Logs ======================

 

C:\zoek-results2015-08-15-104501.log 1288 bytes

C:\zoek-results2015-08-15-110731.log 14411 bytes

 

==== Empty Folders Check ======================

 

C:\Documents and Settings\admin\Application Data\Dossier de t‚l‚chargement Share-to-Web 

 

==== Checking Systemdrive for Symlinks ======================

 

 Volume in drive C has no label.

 Volume Serial Number is 34AD-B793

 

 Directory of C:\Documents and Settings\All Users\Application Data\Oracle\Java

 

31/07/2015  15:00    <JUNCTION>     javapath

               0 File(s)              0 bytes

 

 Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices

 

13/02/2014  19:34    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a

               0 File(s)              0 bytes

 

 Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote

 

13/02/2014  19:34    <JUNCTION>     2.0.0.0__b03f5f7f11d50a3a

               0 File(s)              0 bytes

 

 Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices

 

24/05/2015  15:59    <JUNCTION>     v4.0_4.0.0.0__b03f5f7f11d50a3a

               0 File(s)              0 bytes

 

     Total Files Listed:

               0 File(s)              0 bytes

               4 Dir(s)  95.457.902.592 bytes free

 

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer  

Adobe Flash Player 18 ActiveX  

Adobe Reader XI (11.0.08) - Fran‡ais  

Belgium e-ID middleware 4.0.7 (build 7466)  

BufferChm  

CameraHelperMsi  

Cards_Calendar_OrderGift_DoMorePlugout  

CCleaner  

Coffret de pilotes Logitech Webcam Software  

Copy  

CustomerResearchQFolder  

Destination Component  

DeviceDiscovery  

DeviceManagementQFolder  

Disney Interactive European and Nordic Demo Compatiblity Update  

DocProc  

Electronic Arts Product Registration  

erLT  

eSupportQFolder  

Google Chrome  

Google Update Helper  

GPBaseService  

Harry Potter II  

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  

Hotfix for Windows XP (KB942288-v3)  

HP Photosmart Essential 2.5  

HP Precisionscan Pro 3.1  

HPDiagnosticAlert  

HPPhotoSmartDiscLabel_PaperLabel  

HPPhotoSmartDiscLabel_PrintOnDisc  

HPPhotoSmartDiscLabelContent1  

hpphotosmartdisclabelplugin  

HPPhotoSmartPhotobookWebPack1  

HPProductAssistant  

HPSSupply  

Intel® 537EP Modem  

Intel® Graphics Media Accelerator Driver  

Internet Explorer  

Java 8 Update 40  

Java 8 Update 51  

Java Auto Updater  

Java Platform SE Download Packages  

Labography  

Logiciel QuickCam de Logitech  

LWS Facebook  

LWS Gallery  

LWS Help_main  

LWS Launcher  

LWS Motion Detection  

LWS Pictures And Video  

LWS Twitter  

LWS Video Mask Maker  

LWS VideoEffects  

LWS Webcam Software  

LWS WLM Plugin  

LWS YouTube Plugin  

MarketResearch  

Microsoft .NET Framework 2.0 Service Pack 2  

Microsoft .NET Framework 3.0 Service Pack 2  

Microsoft .NET Framework 3.5 SP1  

Microsoft .NET Framework 4 Client Profile  

Microsoft Age of Empires  

Microsoft Base Smart Card Cryptographic Service Provider Package  

Microsoft Compression Client Pack 1.0 for Windows XP  

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5  

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9  

Microsoft Silverlight  

Microsoft User-Mode Driver Framework Feature Pack 1.0  

Microsoft Visual C++ 2005 Redistributable  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  

MSXML 4.0 SP2 (KB954430)  

MSXML 4.0 SP2 (KB973688)  

OpenOffice 4.1.1  

PanoStandAlone  

PhotoFiltre  

Programme de gestion Camera de Logitech©  

PSSWCORE  

REALTEK GbE & FE Ethernet PCI-E NIC Driver  

Realtek High Definition Audio Driver  

Security Update for CAPICOM (KB931906)  

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)  

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)  

Security Update for Windows Internet Explorer 8 (KB2510531)  

Security Update for Windows Internet Explorer 8 (KB2544521)  

Security Update for Windows Internet Explorer 8 (KB2618444)  

Security Update for Windows Internet Explorer 8 (KB2647516)  

Security Update for Windows Internet Explorer 8 (KB2675157)  

Security Update for Windows Internet Explorer 8 (KB2699988)  

Security Update for Windows Internet Explorer 8 (KB2722913)  

Security Update for Windows Internet Explorer 8 (KB2744842)  

Security Update for Windows Internet Explorer 8 (KB2761465)  

Security Update for Windows Internet Explorer 8 (KB2792100)  

Security Update for Windows Internet Explorer 8 (KB2797052)  

Security Update for Windows Internet Explorer 8 (KB2799329)  

Security Update for Windows Internet Explorer 8 (KB2809289)  

Security Update for Windows Internet Explorer 8 (KB2817183)  

Security Update for Windows Internet Explorer 8 (KB2829530)  

Security Update for Windows Internet Explorer 8 (KB2838727)  

Security Update for Windows Internet Explorer 8 (KB2846071)  

Security Update for Windows Internet Explorer 8 (KB2847204)  

Security Update for Windows Internet Explorer 8 (KB2862772)  

Security Update for Windows Internet Explorer 8 (KB2870699)  

Security Update for Windows Internet Explorer 8 (KB2879017)  

Security Update for Windows Internet Explorer 8 (KB2888505)  

Security Update for Windows Internet Explorer 8 (KB2898785)  

Security Update for Windows Internet Explorer 8 (KB2909210)  

Security Update for Windows Internet Explorer 8 (KB2909921)  

Security Update for Windows Internet Explorer 8 (KB2925418)  

Security Update for Windows Internet Explorer 8 (KB2936068)  

Security Update for Windows Internet Explorer 8 (KB2964358)  

Security Update for Windows Internet Explorer 8 (KB982381)  

Security Update for Windows XP (KB923789)  

SES Driver  

Skype Click to Call  

Skype Download Packages  

SkypeT 7.7  

SolutionCenter  

Status  

TrayApp  

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)  

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)  

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)  

Update for Windows Internet Explorer 8 (KB2598845)  

Update for Windows Internet Explorer 8 (KB2632503)  

VideoToolkit01  

Visionneuse Microsoft PowerPoint  

Visual Studio 2012 x86 Redistributables  

VLC media player  

WebFldrs XP  

Windows Installer Clean Up  

Windows Internet Explorer 8  

Windows Management Framework Core  

Windows Media Format 11 runtime  

Windows Media Player 11  

 

==== Running Processes ======================

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\MESSEN~1\msmsgs.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\admin\My Documents\Downloads\zoek (18).exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

 

==== Deleting Services ======================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\WtuSystemSupport deleted successfully

 

==== Deleting Files \ Folders ======================

 

C:\Program Files\ComPlus Applications deleted

C:\Program Files\InoReader Notifier News and RSS Reader deleted

C:\Program Files\Common Files\ParetoLogic deleted

C:\HPHmon03.exe deleted

C:\Documents and Settings\admin\Application Data\appdataFr3.bin deleted

C:\Documents and Settings\admin\Application Data\temp.ini deleted

C:\Documents and Settings\admin\Application Data\pcouffin.log deleted

C:\Documents and Settings\admin\Application Data\ProductData deleted

C:\Documents and Settings\admin\Application Data\ParetoLogic deleted

C:\Documents and Settings\admin\Application Data\DriverCure deleted

C:\DOCUME~1\ALLUSE~1\APPLIC~1\ParetoLogic deleted

C:\DOCUME~1\ALLUSE~1\APPLIC~1\ProductData deleted

C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG January 2013 Campaign deleted

C:\Documents and Settings\admin\Local Settings\Application Data\CrashRpt deleted

C:\Documents and Settings\NetworkService\Local Settings\Application Data\FileTypeAssistant deleted

C:\WINDOWS\wininit.ini deleted

C:\WINDOWS\tasks\ParetoLogic Registration3.job deleted

C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job deleted

C:\WINDOWS\tasks\ParetoLogic Update Version3.job deleted

C:\WINDOWS\system32\roboot.exe deleted

C:\WINDOWS\system32\GroupPolicy\Adm deleted

C:\WINDOWS\system32\GroupPolicy\Machine deleted

C:\WINDOWS\system32\GroupPolicy\User deleted

C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted

C:\WINDOWS\System32\SET122.tmp deleted

C:\WINDOWS\System32\SETBB.tmp deleted

C:\WINDOWS\System32\SETBF.tmp deleted

C:\WINDOWS\System32\SETC0.tmp deleted

C:\WINDOWS\System32\SETC7.tmp deleted

C:\WINDOWS\System32\searchplugins deleted

C:\WINDOWS\System32\Extensions deleted

 

==== System Specs ======================

 

Windows: Windows XP Professional Service Pack 3 (Build 2600)

Memory (RAM): 1016 MB

CPU Info: Intel® Core2 Duo CPU     E6550  @ 2.33GHz

CPU Speed: 2324,0 MHz

Sound Card: Realtek HD Audio output | 

Modem #0 Line Playback | 

Display Adapters: Intel® 82945G Express Chipset Family | NetMeeting driver | RDPDD Chained DD

Monitors: 1x; Plug and Play Monitor | 

Screen Resolution: 1280 X 720 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport

CD / DVD Drives: 1x (H: | ) H: Optiarc DVD RW AD-5170A

Ports: COM1 LPT1

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C:  149,0GB | K:  465,7GB

Hard Disks - Free: C:  88,8GB | K:  292,9GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 06/28/07 | A_M_I  - 6000728

Time Zone: Romance Standard Time

Motherboard *: ConRoe1333-D667

Country: Belgium 

Language: FRB 

 

==== System Specs (Software) ======================

 

Default Browser: Windows® Internet Explorer 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

Internet Explorer version: 8.0.6001.18702 

Google Chrome version: 44.0.2403.155

Adobe Reader version: 11.0.8.4

 

==== Files Recently Created / Modified ======================

 

====== C:\WINDOWS ====

2015-08-15 10:31:43 F8606F42E517E3EEA53D75AC88F78029 21228814 ----a-w- C:\WINDOWS\repository.backup

====== C:\DOCUME~1\admin\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

2015-08-12 13:06:08 A586F958031376903AC5BBF973832DA4 8710344 ----a-w- C:\WINDOWS\System32\FlashPlayerInstaller.exe

====== C:\WINDOWS\system32\drivers =====

2015-08-13 15:51:18 D6D8C68D4A7DE9577807277C1764A2BE 356368 ----a-w- C:\WINDOWS\System32\drivers\bdfsfltr.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2015-08-15 09:07:50 -------- d-----w- C:\Program Files\trend micro

2015-08-11 16:31:49 -------- d-----w- C:\Program Files\Common Files\AV

2015-08-01 07:44:03 -------- d-----w- C:\Program Files\Belgium Identity Card

2015-07-31 13:00:12 -------- d-----w- C:\Program Files\Common Files\Java

======= C: =====

====== C:\Documents and Settings\admin\Application Data ======

2015-08-12 14:54:05 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Western Digital

2015-08-11 16:30:53 -------- d-----w- C:\Documents and Settings\LocalService\Start Menu\Programs

====== C:\Documents and Settings\admin ======

2015-08-15 09:06:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\admin\desktop\RSIT.exe

2015-08-14 10:36:22 -------- d--h--r- C:\Documents and Settings\admin\Recent

2015-08-11 16:30:53 -------- d-----w- C:\Documents and Settings\LocalService\Start Menu

 

====== C: exe-files ==

2015-08-15 09:07:50 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\admin.exe

2015-08-15 09:06:55 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\admin\desktop\RSIT.exe

2015-08-14 14:45:19 CF00425E513C37112353CA530AADE740 5817064 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc2.exe

2015-08-14 09:05:40 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc3.exe

2015-08-14 08:58:37 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\RECYCLER\S-1-5-21-343818398-1563985344-725345543-1003\Dc4.exe

2015-08-13 15:49:00 32B80417D0FFBD0392AD07F161F580C7 83143032 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\ASC8\Advanced SystemCare Ultimate.exe

2015-08-12 13:06:08 A586F958031376903AC5BBF973832DA4 8710344 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe

2015-08-11 19:42:29 0A74BFAD2F4F5EFA439FEA821BDB41CC 206018008 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\100_235_PS_AIO_02_Full_NonNet_fra_NB (1).exe

2015-08-11 19:03:46 0A74BFAD2F4F5EFA439FEA821BDB41CC 206018008 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\100_235_PS_AIO_02_Full_NonNet_fra_NB.exe

2015-08-11 17:32:05 C7B8503492B6F4B318DA68F0CC45628E 2821200 ----a-w- C:\Program Files\Google\Update\Install\{9049BE90-D868-45B9-9D8A-BEB7B852A4AB}\44.0.2403.155_44.0.2403.130_chrome_updater.exe

2015-08-11 17:32:05 C7B8503492B6F4B318DA68F0CC45628E 2821200 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.155\44.0.2403.155_44.0.2403.130_chrome_updater.exe

2015-08-10 07:51:47 D150F34597E3B72F6F3125953CABD649 11792408 ----a-w- C:\Documents and Settings\All Users\Application Data\IObit\ASCDownloader\ASC8\Driver Booster 2.exe

=== C: other files ==

2015-08-15 10:31:40 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Documents and Settings\admin\Local Settings\Temp\scripttest.vbs

2015-08-13 15:51:18 D6D8C68D4A7DE9577807277C1764A2BE 356368 ----a-w- C:\WINDOWS\system32\drivers\bdfsfltr.sys

2015-08-13 15:02:52 9B16AD15C50FE86248981C0BC44ADF2C 11767 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Delivery Status Notification (Failure).zip

2015-08-12 15:49:49 193DF5FB77A12148A865A0E741788B49 1132396 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Outlook.com (1).zip

2015-08-12 15:48:57 B00E1BCC091C40A551DA7612AB33DA6B 1132396 ----a-w- C:\Documents and Settings\admin\My Documents\Downloads\Outlook.com.zip

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

 

[HKEY_USERS\S-1-5-21-343818398-1563985344-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe /background"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"LWS"="C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide"

"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"MSMSGS"="C:\PROGRA~1\MESSEN~1\msmsgs.exe /background"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

 

==== Startup Registry Disabled ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechSoftwareUpdate]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

 

 

==== Task Scheduler Jobs ======================

 

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 15:06]

C:\WINDOWS\tasks\AXEFTRRE.job --a------ C:\WINDOWS\system32\rundll32C:\WINDOWS\system32\DirectXS.dll []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/05/2015 11:14]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/05/2015 11:14]

C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 03:59]

C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ C:\WINDOWS\system32\xp_eos.exe [26/02/2014 03:59]

C:\WINDOWS\tasks\User_Feed_Synchronization-{D9A43893-FAB6-468E-8F60-847CC8571533}.job --ah----- [undetermined Task]

 

==== Firefox Extensions Registry ======================

 

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [11/08/2015 18:06]

 

==== Chromium Look ======================

 

Google Chrome Version: 44.0.2403.155

 

 

Google Slides - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

selector is not a valid CSS selector - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Sheets - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Chrome Hotword Shared Module - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

Chrome Web Store Payments - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Chromium Startpages ======================

 

C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

465E274575EA5","username":"D31C6E3D042300A2ACF9900138AA4407012E23CFC86C97E5239EDD94804D6E5E"}},"homepage":"9A27EE9D9A76C537956D0B22210B86B5A9FAA15597CBD7BFBC5B77A8C5DD742B","homepage_is_newtabpage":"E9F8AF03D56B13AC5FA5613D7E3F4BF6EA9D566C32CFE7A4F0A9FF1325CAF634","pinned_tabs":"0ACC29505C472EFB92B7F72D344AF09C4DF932D6B665EF680EBB791DACBB4287","prefs":{"preference_reset_time":"7F9E975726EAB4DE46BC6A521E95D7D2763C51E344209A54D1DC83EDF5779CC5"},"profile":{"reset_prompt_memento":"5109C1852031F3A308C1A730400CCBA2A2518281EA7ED49B5EA60496F81696AF"},"safebrowsing":{"incidents_sent":"15BD30CE634FB47CD754834B2A7F74EA7CD86E493A07F2B8B36F83DC02714F3F"},"search_provider_overrides":"4BA6BC6FFA6BC068CF69A540422219E6252832197704C4D659EA011DA69C85C0","session":{"restore_on_startup":"A8FA02BA4FBFD40C8A501EA88684F1F63BC95386EA87BD263A2C7B056964BFDB","startup_urls":"817C16BA637A5F5F41E490E0EF912B65BCDD1082EDA7DD8FEAB129CFFCFD85D3"},"software_reporter":{"prompt_reason":"765F1D6D7CCBE9BC60C4BBE3415FE627245E64CAD00F77BCADEC916EF7F71094","prompt_seed":"3431A1134C87C7E1FCEAAD755A9A53EDB989F5114343CF34EA155C594E049CE4","prompt_version":"A17D3AB0F02E877CB8783EAC003966717C6D9C4D5B33201F9EF5790B18F0A394"},"sync":{"remaining_rollback_tries":"21CF2D64B90365D2E2868A76519C62D1834FAF8B63391C5F2ED62129E156DFCE"}},"super_mac":"67E887FC3DB37E16D1B52B3F474C17E3D4BC2462BE085A12A077513C6B7B12CA"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/]},"sync":{"remaining_rollback_tries":0}}

 

 

==== Chromium Fix ======================

 

C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]


"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]



[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"SearchAssistant"="http://www.google.com"

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]




"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="about:newtab"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]



[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]



 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{77D8A7B2-0CF5-4D32-9873-D0D36A4ABFC3}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.com/search?q={searchTerms}&rlz=1I7PRFB_enBE468"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"


{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Unknown  Url="Not_Found"

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-343818398-1563985344-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== shortcuts on Users Desktops ======================

 

C:\Documents and Settings\admin\desktop\I E 8.lnk -  

C:\Documents and Settings\admin\desktop\PhotoFiltre.lnk - C:\Program Files\PhotoFiltre\PhotoFiltre.exe 

C:\Documents and Settings\admin\desktop\Shortcut to Annonces textes fr-nl.lnk - C:\Documents and Settings\admin\My Documents\Annonces textes fr-nl.ods 

 

==== shortcuts on All Users Desktop ======================

 

C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe 

C:\Documents and Settings\All Users\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe 

C:\Documents and Settings\All Users\Desktop\eID Viewer.lnk - C:\Program Files\Belgium Identity Card\EidViewer\eID Viewer.exe 

C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Documents and Settings\All Users\Desktop\HP Precisionscan Pro 3.1 .lnk - C:\Program Files\Hewlett-Packard\Precisionscan Pro 3.1\HP Precisionscan Pro.exe 

C:\Documents and Settings\All Users\Desktop\OpenOffice 4.1.1.lnk - C:\Program Files\OpenOffice 4\program\soffice.exe 

 

==== shortcuts in Users Start Menu ======================

 

C:\Documents and Settings\admin\Start Menu\Programs\Windows Install Clean Up.lnk - C:\Documents and Settings\admin\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 

 

==== shortcuts in All Users Start Menu ======================

 

C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico 

C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Scanner and Camera Wizard.lnk - C:\WINDOWS\system32\wiaacmgr.exe -SelectDevice

C:\Documents and Settings\All Users\Start Menu\Programs\Belgium - eID\eID Viewer.lnk - C:\Program Files\Belgium Identity Card\EidViewer\eID Viewer.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\Belgium - eID\Utilities\MS Office 2010 XAdES XL signature configuration.lnk - C:\Program Files\Belgium Identity Card\beidoffice2010_XAdES_XL.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\Belgium - eID\Utilities\MS Outlook registry configuration.lnk - C:\Program Files\Belgium Identity Card\beidoutlooksnc.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\HP\HP Photosmart Essential 2.5\HP Photosmart Essential 2.5.lnk - C:\Program Files\HP\Digital Imaging\Bin\hpqpse.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\HP\Photosmart C5200 series\Help.lnk - C:\Program Files\HP\Digital Imaging\Help\aio35.chm 

C:\Documents and Settings\All Users\Start Menu\Programs\HP\Photosmart C5200 series\Readme.lnk - C:\Program Files\HP\Digital Imaging\Help\PS_AIO_02_readme\readme.html 

C:\Documents and Settings\All Users\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe -tab about

C:\Documents and Settings\All Users\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe -tab update

C:\Documents and Settings\All Users\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_51\bin\javacpl.exe 

C:\Documents and Settings\All Users\Start Menu\Programs\Java\Get Help.lnk -  

C:\Documents and Settings\All Users\Start Menu\Programs\Java\Visit Java.com.lnk -  

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe 

 

==== shortcuts in Quick Launch ======================

 

C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe 

C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

 

==== Deleting Registry Keys ======================

 

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully

 

==== HijackThis Entries ======================

 

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKCU\..\Run: [spybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\Bin\hpqtra08.exe

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359655492015

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.200.0.cab

O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)

O20 - AppInit_DLLs:  

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

 

==== Empty IE Cache ======================

 

C:\Documents and Settings\admin\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

 

==== Empty FireFox Cache ======================

 

No FireFox Profiles found

 

==== Empty Chrome Cache ======================

 

C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

 

==== Empty Temp Folders ======================

 

C:\Documents and Settings\admin\Local Settings\Temp will be emptied at reboot

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\admin\LOCALS~1\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\RECYCLER successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

 

==== EOF on sam. 15/08/2015 at 13:49:15,10 ======================
Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).
 
Als de link naar AdwCleaner niet werkt, probeer dan deze link.
De download start automatisch na enkele seconden.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Voeg dit logje toe aan je volgend bericht.
Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.
 
Meer informatie vind je in de handleiding.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.