Ga naar inhoud

gravity space en its result hub

albada53
 Delen

Aanbevolen berichten

Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Ik zie nergens de aanwezigheid van een virusscanner op je systeem?

Indien je er inderdaad geen geïnstalleerd hebt staan, gaan we dat eerst doen alvorens verder te gaan. ;)

Op DEZE site, heb je een overzicht van de meest gebruikte gratis virusscanners, telkens met een woordje uitleg en een downloadlink.

Kies er eentje naar keuze en installeer hem.

 

 

Voer daarna het volgende uit:

 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.


GLogin;s
esgiguard;s
C:\Program Files\Enigma Software Group\SpyHunter;fs
autoclean;
emptyfolderscheck;delete
emptyclsid;
startupall;
filesrcm;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.


Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Ik heb Microsoft Security Essentials op mijn computer geïnstalleerd en deze is actief, dus ik heb verder geen virusscanner meer geïnstalleerd.

Bijgaand het logje van zoek.exe:

 

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Windows7 on zo 23-08-2015 at 11:36:12,35.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Windows7\Downloads\zoek.exe    [scan all users] [script inserted] 
 
==== System Restore Info ======================
 
23-8-2015 11:38:04 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\ZoomBrowser deleted successfully
C:\Users\Windows7\AppData\Roaming\ZoomBrowser EX deleted successfully
C:\Users\Windows7\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Windows7\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Windows7\AppData\Local\EmieSiteList deleted successfully
C:\Users\Windows7\AppData\Local\EmieUserList deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GLogin deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\GLogin deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\esgiguard deleted successfully
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Android Resource Navigator deleted
C:\Program Files\Enigma Software Group\SpyHunter deleted
C:\Logfile.txt deleted
C:\Users\Windows7\AppData\Roaming\appdataFr2.bin deleted
C:\Users\Windows7\AppData\Roaming\ARCompanion.log deleted
C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Avkwctl.log deleted
C:\Windows\SysNative\config\systemprofile\AppData\Roaming\gdfw.log deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\gdscan.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\wininit.ini deleted
"C:\Windows\Installer\11f0da.msi" deleted
"C:\Windows\Installer\12bb46.msi" deleted
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2015-08-20 19:06:14 BC949EA893A9384070C31F083CCEFD26 3 ----a-w- C:\Windows\7Loader.TAG
2015-08-16 19:44:48 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe
2015-08-09 11:18:24 C71EBB0B33A178A572647F6BB0C9EB9B 10449 ----a-w- C:\Windows\diagerr.xml
2015-08-09 11:18:24 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\Windows\diagwrn.xml
====== C:\Users\Windows7\AppData\Local\Temp ====
2015-08-14 12:29:20 5F09D271B8F4A62FC087E0D5452D2EC8 681097 ----a-w- C:\Users\Windows7\AppData\Local\Temp\sqlite3.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-08-21 08:19:35 A98799EBA5BAABF1AB2BAFCE488FC9F9 19871232 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-08-21 08:19:34 225DB7BABA68ED284693EAEE04E94EA1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-08-16 20:03:24 4FA66A573E9A45D05AD5A25B1E76A35D 103120 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 19:49:18 90E480789256D852FA3EADD39D56FDDA 6131200 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2015-08-16 19:49:17 AF0EC95144F76EA4B40A7ED1DD34616C 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-16 19:49:16 A27593907607A692D0DE105DE29BBC33 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll
2015-08-16 19:48:54 DC18FFFF3175376ABD38E6D48309F7F9 3934656 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-16 19:48:54 5792E7C663FAA39335D4F787B9499490 1311768 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2015-08-16 19:48:53 6C95D6264810F816E92780E7DB81F7B1 3989952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-16 19:48:52 A38E10B4143A19F32D64517B6A1FCB98 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2015-08-16 19:48:51 FC85BC746818EE9B5181EA0B1C882778 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-08-16 19:48:49 FE748FEAA8A5A7677DA1C2C6CE405ADE 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-08-16 19:48:49 15400F593C9023CDC1D144C30BBDA47A 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-08-16 19:48:48 650B603F5C040727788F19AD0B8D09BC 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-08-16 19:48:48 51C161D5638465251857B2207BD535CB 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-08-16 19:48:48 4C2D57F3DDBC07D3CC59160CDC400AC0 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-08-16 19:48:48 0A4CE9AAA18F9DE7414C1E7BE572F5FA 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2015-08-16 19:48:47 E70054ADA6AAB84659AB20D137747ACF 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-08-16 19:48:47 A2C5FAE51BC43B29525AAA5BF0B31259 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-08-16 19:48:47 086A1544FACAA91CD6F95FC4CDE16913 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2015-08-16 19:48:46 8A82C9C4A205266DC22BB1C8F2E1AB2D 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-08-16 19:48:46 75706C0F199BC7658A98BEE452964587 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll
2015-08-16 19:48:46 3982911B4C4F42B156D7347C1543CF9F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-08-16 19:48:46 37CE74C8094AD7D1D3B79A8D2849803E 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2015-08-16 19:48:46 2506A1507B7CBFE069BC0289349786ED 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2015-08-16 19:48:45 DD8BCBBC1C383F38F284E25CE39C136C 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-08-16 19:48:45 9E94CD7C6CBDC2C9B6A87AD9D5E4EF80 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2015-08-16 19:48:42 C899E7E3A4F42B802DA1E97F9908BD26 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-08-16 19:48:42 832494A551C2B2CCB616B2BE13A696A1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-08-16 19:48:41 1EA1328207A915C9EB10AA1D102C0B52 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-08-16 19:48:41 03A179385219FD37CDFB3E603F912CA7 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2015-08-16 19:48:40 D5F9C627C221A3B4B6944EDBE90D642C 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-08-16 19:48:40 008BDC16E15B3B6EFB6E8B6684022F36 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-08-16 19:46:09 C989240A97D4E0B4354679CCF7E66389 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-08-16 19:46:09 BDC048308B74B2146495BBB8D4CD4974 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-16 19:46:08 FCDCEB29CD1129C6C86AD9700A7E5BD1 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-08-16 19:46:08 A37FEDFC0BC9E96AD3DFFF41D5805F04 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-08-16 19:46:07 C929BFB3FD2460B570553AE7344640BC 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-16 19:46:07 BD3E3A13423C40E8CF4BE531EE68BAF0 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-08-16 19:46:07 67DA0EE95026FB2D3577F664F2187F98 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-08-16 19:46:07 358D91656E54B03B8FFE3CF4D535A6C8 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-08-16 19:46:06 C98AF04E9FC94DBF57B29A9891597664 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 19:46:06 32664FC06B115923C449DC22D47CD8A6 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 19:46:05 728188684708FEF4F18E2CAB46C54DBB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-08-16 19:46:05 0E9529DC8BA5AD3C06B99F115D0D804D 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-08-16 19:46:04 D1D3DB57C68A2A62E03DD973F53CEA18 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-08-16 19:46:03 FB1B7D2B2D500E067B96C56EE0B4DDAD 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-08-16 19:46:03 D7FDD5E8B88ADE9107772B4C879FDF94 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-08-16 19:46:03 8B6B89D3FEDB34CA38055B82A790545F 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-08-16 19:46:03 1CB9D50EE52BED7DEBF394CEA8A971A5 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-08-16 19:46:02 793F71F873D106A611DB79741327038C 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 19:46:02 3E168B5E5FEE3D09C2D4E97861B5F4B3 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-08-16 19:46:00 3C74EA1EC43A694060F09B7D754446C6 12856832 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-08-16 19:45:57 AB6A3699E478DEF677D48B126B223C54 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-08-16 19:45:57 53DE75BD2C7A3EA29770147EAC8A8D5A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-16 19:45:57 0AC8CD2138FD10C4A0E2FF08F892359C 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-08-16 19:45:56 ECF459774AE6A273F0F59D7C072DB3C4 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-16 19:45:56 4D036506C8359185FC52EB49DB891743 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-08-16 19:45:56 445DB8651F05684F8259D4054A15BC50 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-08-16 19:45:04 6B003E11CDBDA3B45A3D16E5A9D3F73B 82432 ----a-w- C:\Windows\SysWOW64\davclnt.dll
2015-08-16 19:45:04 55C70654420DBF429604FD567E6F3CD3 206848 ----a-w- C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 19:45:00 EA1BE72A8CD5CEA7B6E6649D1FD78BA1 1241088 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2015-08-16 19:45:00 121E2E789BE080EB86DA71F95B611DF2 1390592 ----a-w- C:\Windows\SysWOW64\msxml6.dll
2015-08-16 19:44:59 B6F9E4CDA3069B03F654B650A5379E60 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll
2015-08-16 19:44:59 127EE7F36CEA127ECCA55BECBC230398 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll
2015-08-16 19:44:56 CE21524C53E9671A7108B28FB9B4E474 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2015-08-16 19:44:55 680D463893C9846CC6A1DA6012DD0FE5 299520 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2015-08-16 19:44:52 9E2F12744DD9810961031C56FBB691F4 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2015-08-16 19:44:52 965CFC7687F0D188F215DC142FC8F6A1 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2015-08-16 19:44:52 7983F3481E89B96074FAE9AFCC24079C 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2015-08-16 19:44:52 520AEC6C64AF2CFD74B469DB98611D4A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2015-08-16 19:44:52 400C20D6967A83EA69D6953EBB8D3FA3 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2015-08-16 19:44:48 A4F6DF0E33E644E802C8798ED94D80EA 179712 ----a-w- C:\Windows\SysWOW64\notepad.exe
2015-08-16 19:44:44 4478348E3942AD9EED9AB263AFE7CD83 12875776 ----a-w- C:\Windows\SysWOW64\shell32.dll
2015-08-16 19:43:57 A02515B58D318F427FBA64437FB0EDDF 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll
2015-08-16 19:43:57 4447FD20A6B48D05E8392B6E18A194A8 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll
2015-08-16 19:43:56 FBECE2B32A3658AEB609DC5A1021100F 30208 ----a-w- C:\Windows\SysWOW64\wups.dll
2015-08-16 19:43:56 E96D0EEAAE0446F664EE15703BB32A34 93184 ----a-w- C:\Windows\SysWOW64\wudriver.dll
2015-08-16 19:43:56 742AC3EF3C7C30F0EBF628D6D03BB399 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-08-21 08:19:35 E5F2BB962F84A8F8D996FEA33F4C817B 25191936 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-08-21 08:19:35 4FD63532DBF78DC6B50078F769E7949F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-08-20 22:15:18 400E0B72AEB663360E1A3AB33DDD6A87 1116672 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-08-20 22:15:17 EEAFBC5A31C68438AF67531C52410A3D 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-08-20 22:15:17 EC9178A8037D3EF938F38B6793EAF990 774656 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-08-20 22:15:17 E99A30142A108B11381C47B0A30283B0 17344 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe
2015-08-20 22:15:17 DD91D9EAAA415B26EB30EC9CF768BF03 743424 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-08-20 22:15:17 A3D0A038A6C03E368E80CDDEFC473140 1148416 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-08-20 22:15:17 4FEB4397B066DEEDDDED0D1CEDA1C887 69120 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-08-20 22:15:17 36DA2E5BD218764CB48B8A13CF0B091F 437760 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-08-16 20:03:24 52ED64BF80D360B0EA2B6E5F1504CDFF 124624 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 19:49:19 C01DC60229F41D33AF2DF4162EDA0F44 7077376 ----a-w- C:\Windows\Sysnative\mstscax.dll
2015-08-16 19:49:17 35A97817FDA4C8F421D8478DCCF045B1 1057792 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll
2015-08-16 19:49:16 CDA122FCC691D14D3971A83AB035156D 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll
2015-08-16 19:49:16 2686F572B3CAF633C4A350A3671835F2 429568 ----a-w- C:\Windows\Sysnative\wksprt.exe
2015-08-16 19:48:55 B9A07A9807A4BAC067498CC8D77F3D4D 5568960 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-08-16 19:48:55 72585BDAF2EC5237EBD71D540657D6A2 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2015-08-16 19:48:55 3F63C62D9183235792A46C0B66EAAD04 1730496 ----a-w- C:\Windows\Sysnative\ntdll.dll
2015-08-16 19:48:54 2E730941CC5BF6200A4F56D1E9C24AAD 1743360 ----a-w- C:\Windows\Sysnative\sysmain.dll
2015-08-16 19:48:52 DAF50D708FF79AC4AE0A1C256A9BEE33 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2015-08-16 19:48:52 B892459EC8441FFB9E045CCE73862868 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2015-08-16 19:48:52 AF249D7461E228EBBD1C7E98D99B3B12 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-08-16 19:48:52 99D1FAA337A4EF3C33E256C79DC708F8 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-08-16 19:48:51 E80CA72FA43BF258E72C408CEF9839BE 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2015-08-16 19:48:51 A0502BF52867F00FD9C67D1C355F6C91 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2015-08-16 19:48:51 6DC249682EA708DA1C4B5CBD9C016F21 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-08-16 19:48:51 35766EDA62E3FA02B897182219EEDF8A 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-08-16 19:48:49 D6431591DEED9D47E9266890FB2BFBBC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-08-16 19:48:49 6518A42BE5B157EF3DC3ED4F8BE4CA46 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-08-16 19:48:49 53632BBEFB00BDA1DCFC9E155E0C6B53 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-08-16 19:48:49 46041293D887F4D89979874015F26B30 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-08-16 19:48:49 354D59027DE2BFB3A63E8E7DBAF081D8 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2015-08-16 19:48:48 E615E2FF68D64B52CEFDCD24332D61F5 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-08-16 19:48:48 7245C8C33397B90E376B9BB54E2A96C8 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-08-16 19:48:48 61024C6DE4EEBC6BCC92422F0AE3CE94 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-08-16 19:48:48 55C48343919A72B0C8F5C42E4C798FCA 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-08-16 19:48:48 0D48E93C6BE3143C0198CB252B992D16 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-08-16 19:48:47 EBB9C6638109A3486EBA51D28837495C 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-08-16 19:48:47 E6D24098FDB4A9C29007696B79389DB9 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2015-08-16 19:48:47 98AFEF63F857FA67FA1BDD3969F40366 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-08-16 19:48:47 98432481E11B9EDB54A2B069E465D1CB 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll
2015-08-16 19:48:46 7ADF0CB99051D1E0DB7F65DA1D8099F1 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll
2015-08-16 19:48:46 77E88D36E88FDC825DCCBF269F81ED3E 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2015-08-16 19:48:46 219DF0B319E46EA2601D90101C4C330A 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-08-16 19:48:46 1BE3823E3206785F2BA8F26B2FAD3FBE 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-08-16 19:48:46 0797A4FDBA2766B88FB563BBB7646FCE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-08-16 19:48:45 BD6BDB13F5D8FA13166CF8B3CBD6976A 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2015-08-16 19:48:42 BC48CD24D35FA0E18D66A97E502BFAE2 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-08-16 19:48:41 25AADF664F576D1C264F8AC27B4838DF 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-08-16 19:48:40 FFAD95FF2FE4B14F91E437E03D1F68BA 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-08-16 19:48:40 46CB68A774B67187B722FA1156672A23 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-08-16 19:47:20 168EA9CD9BD6056BB6F60B57D5304BBE 52736 ----a-w- C:\Windows\Sysnative\basesrv.dll
2015-08-16 19:46:09 92E60B0F2E864336737091554370E658 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-08-16 19:46:09 4E37600CED71FFCE7EEBB129A90B3431 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-08-16 19:46:08 890E3A6A6DB6D15EB242460D2353D39C 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-08-16 19:46:07 D0A52A4F631172E2AC35A84CCDF28FA4 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-08-16 19:46:07 ACE8BB2BECFEC66A738EE3DDDFF0CA07 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-08-16 19:46:06 B2ADFD1217625A68A484E9838C608F51 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-08-16 19:46:05 9CAC3401B481383936A9D66EF1B80307 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-08-16 19:46:04 B8322A1FCD5686F2D97B6BCA1862C9B8 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-08-16 19:46:04 158C1D034080B9DC0A9A2CD9E8DB0199 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-08-16 19:46:03 427D40AF9BCAE05125F3513E770706E1 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-08-16 19:46:02 857D9F533F7F9838B68C2CEF8AB68412 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-08-16 19:46:00 3E4568FFE110FE81CA1A75BF1149153B 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-08-16 19:45:59 F9C6645800D1EDE9033858C60903F00C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-08-16 19:45:59 C580215DE134617942FF1740A1235CE4 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-08-16 19:45:58 43AF91A40E44205272335E33B7BBA4C3 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-08-16 19:45:57 95C5B29740852D171CA03BAE61B670FE 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-08-16 19:45:57 62FC1CC7DFC11B5F6A25763375F765BF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-08-16 19:45:57 39E11AA344781CD5773BE9E2472C84E4 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-08-16 19:45:56 6E3D6B8844FF524D7B27EE7FFB3EF6F5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-08-16 19:45:55 E892688BB1C8B0B485C27436F2B963CF 615936 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-08-16 19:45:55 AD31A019C2195C75B26DF3337EE8F9FE 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-08-16 19:45:55 995797E4DE4215715CA2040BB81F4594 14451200 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-08-16 19:45:54 ECA4CCA74F61C6288734B786089765B0 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-08-16 19:45:54 C6960223A6BAB3CF83DB09565D191844 5923328 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-08-16 19:45:54 C555B5C8142844DED9E3BD94E6313000 2427904 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-08-16 19:45:54 9C7B3D3A9A945AED5CC97C6535C9D857 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-08-16 19:45:54 56E1A08F9CDF246CCAB75EA32B87B2DA 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-08-16 19:45:53 77A4FEE4031F90DBB5C16F6A8FC855BC 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-08-16 19:45:53 2D9A67695E80C889FAD5C92651D5E641 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-08-16 19:45:53 080E99BE131C2433FD7E6813F77F08FD 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-08-16 19:45:04 4E89FC53493704BF835F0300DC201C34 260096 ----a-w- C:\Windows\Sysnative\WebClnt.dll
2015-08-16 19:45:04 16FD9A0F6EDEF091A72D7D3B77574008 102912 ----a-w- C:\Windows\Sysnative\davclnt.dll
2015-08-16 19:45:01 32A74A5BC52EF569BC65252AF6F28578 1887232 ----a-w- C:\Windows\Sysnative\msxml3.dll
2015-08-16 19:45:00 40EA064E91C6A63FDBC83259FC5BD4F8 2004992 ----a-w- C:\Windows\Sysnative\msxml6.dll
2015-08-16 19:44:59 99119778A8E44F077E46B0870B8DD6A8 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll
2015-08-16 19:44:59 22DC6C17443DECC9EBE258220906DCAC 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll
2015-08-16 19:44:56 F97A0CFC495C92FF2F6A03933157D115 3208192 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-08-16 19:44:56 F8C0AF84AB602D395FFC89BC7CF3CE18 372736 ----a-w- C:\Windows\Sysnative\atmfd.dll
2015-08-16 19:44:56 DB94C47BD7F2AD9C58DEC46026D5FD08 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll
2015-08-16 19:44:56 D5A775990A7C202A037378FDBCDB6141 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll
2015-08-16 19:44:53 0365E7AED8A38CB5FFF1DFB4458C0593 41984 ----a-w- C:\Windows\Sysnative\lpk.dll
2015-08-16 19:44:52 D4FB2E00F49711C9DD3E2C2646D7C767 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2015-08-16 19:44:52 B45F7BC413F905ECA9DE679E3FF09472 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2015-08-16 19:44:52 52DE81006E192EAA09B3BDE763D80BC8 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2015-08-16 19:44:52 15113A4CD09E0F06894495FCE8BF2BF8 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2015-08-16 19:44:48 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\Sysnative\notepad.exe
2015-08-16 19:44:45 733BC760342A816D3B5A8CE2C7EF1D92 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll
2015-08-16 19:43:57 C980982C7F8ECB462C52CBEC759CBBDC 3154944 ----a-w- C:\Windows\Sysnative\wucltux.dll
2015-08-16 19:43:57 B0FBE5C8E18EB3BD677846DAB54037D5 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll
2015-08-16 19:43:57 6FDC1FAD277AEF0A89B0D28F5675679C 139776 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2015-08-16 19:43:57 499034D7F1F6AF49F9EE12F8822793CB 2606080 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2015-08-16 19:43:57 0F72B73EBE4F6F86EE569598D377165E 192000 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2015-08-16 19:43:56 DE1B5089D48291BD81F6A5CCFB832E53 36864 ----a-w- C:\Windows\Sysnative\wups.dll
2015-08-16 19:43:56 D1E38F98DDA581BF70B6A89882E6E6F6 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-08-16 19:43:56 C0DA341908CC3A0209A63FBD4B521C2A 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll
2015-08-16 19:43:56 A6848EF3860E81A835AA4982ADBA1884 37888 ----a-w- C:\Windows\Sysnative\wups2.dll
2015-08-16 19:43:56 7CFCC5210E226AA85F2A21098FA01F29 37376 ----a-w- C:\Windows\Sysnative\wuapp.exe
2015-08-16 19:43:56 1956D89C3E24A8388840489371B3A428 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-22 12:43:29 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-08-22 12:42:30 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-08-22 12:42:30 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2015-08-22 12:42:30 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2015-08-16 19:48:53 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys
2015-08-16 19:48:48 67A1743377EBB5D9A370A8C2086CFDCC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-08-16 19:48:48 522A1595D5701800DD41B2D472F5AAED 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-08-16 19:48:45 B2081803D510DCE174992BA880EDCA70 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-08-16 19:48:45 97687971F9CB30E2633DE0F1296B9F61 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-08-16 19:48:45 552FA62B0EFECD22D8D52499324BCA4F 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
====== C:\Windows\Tasks ======
2015-08-20 19:20:53 9A65CF43D5B10FFE35C419EEACE546A4 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1.job
2015-08-20 19:20:53 34BF7035991B9E189CF6F2C096444079 1060 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a.job
2015-08-20 19:20:53 2BEEDBCD8DC441FA0BFA74BF23A5D69C 4056 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a
2015-08-20 19:20:53 11F7F337F3C0B92AAD66D948D2245C6B 3804 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1
2015-08-08 08:45:33 DECB49BCFAC93245C85DEE8C521AF5A1 4166 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 08:45:33 B5AB8999F9B0B3DE40A6C8A401A49931 1060 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-08 08:45:32 BAD8830A47958DCA039D057F699AD0CC 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-08 08:45:32 9E388F1BD320BE8034052DFD11E7022F 3914 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-29 17:46:46 -------- d-----w- C:\Program Files\Common Files\AV
======= C:\PROGRA~2 =====
======= C: =====
2015-08-20 19:06:14 BC949EA893A9384070C31F083CCEFD26 3 --sha-r- C:\win7ldr
2015-08-20 19:06:14 8B3E35F943CBF4CC2DE64A6DF8076525 203316 --sha-r- C:\grldr
2015-08-09 11:27:07 93B885ADFE0DA089CDF634904FD59F71 1 --sha-w- C:\BOOTNXT
====== C:\Users\Windows7\AppData\Roaming ======
2015-08-08 09:18:49 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft
====== C:\Users\Windows7 ======
2015-08-22 23:58:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Windows7\Downloads\RSITx64 (1).exe
2015-08-22 12:40:50 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Windows7\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-22 10:50:00 7E584580AE57FA86520F59343BF9A270 1605632 ----a-w- C:\Users\Windows7\Downloads\adwcleaner_5.003.exe
2015-08-21 13:01:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Windows7\Downloads\RSITx64.exe
 
====== C: exe-files ==
2015-08-22 23:58:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Windows7\Downloads\RSITx64 (1).exe
2015-08-22 12:40:50 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Windows7\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-22 10:50:00 7E584580AE57FA86520F59343BF9A270 1605632 ----a-w- C:\Users\Windows7\Downloads\adwcleaner_5.003.exe
2015-08-21 13:01:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Windows7\Downloads\RSITx64.exe
2015-08-20 20:00:13 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\SwReporter\4.28.1\software_reporter_tool.exe
2015-08-20 19:21:41 B03D87D080E98A6D872D8BAF9441C84B 48876624 ----a-w- C:\Program Files (x86)\Google\Update\Install\{902DD2AE-7F57-4401-84CA-FB4FE4B8A060}\44.0.2403.157_chrome64_installer.exe
2015-08-20 19:21:39 B03D87D080E98A6D872D8BAF9441C84B 48876624 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.157\44.0.2403.157_chrome64_installer.exe
2015-08-20 19:20:52 E692507B6F9EE2E230B2557126983FA5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdateWebPlugin.exe
2015-08-20 19:20:52 5EF88BA7321C634D5E9A7CAB3965001E 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdateBroker.exe
2015-08-20 19:20:52 323B9908034B25B3227494F781697EA5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdateOnDemand.exe
2015-08-20 19:20:50 171E3EB5F07EA00E1F407897D0A6CCC6 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdateSetup.exe
2015-08-20 19:20:48 7814A8ED32D5186BA651008AFFB55080 144200 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2015-08-20 19:20:45 A560D240B9F64C9EC758510BDE008BE5 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler64.exe
2015-08-20 19:20:45 7814A8ED32D5186BA651008AFFB55080 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdate.exe
2015-08-20 19:20:45 673AD34FC250054DC780465662621669 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleUpdateComRegisterShell64.exe
2015-08-20 19:20:45 638E68043F19207226C6ABEB273D5FE7 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.5\GoogleCrashHandler.exe
2015-08-20 19:04:58 C5C9D23958596A941C5044B2B5919963 3541702 ----a-w- C:\Users\Windows7\Desktop\Nieuwe map\Windows 7 ULTIMATE activator by Lord Tidus.exe
2015-08-16 19:46:07 F666B5E4A99DAE8E243189C89E9AFA74 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-08-16 19:46:05 E595881896AA929A7FA8936DFCF8D3FE 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-08-16 19:46:05 2B1D4B6004AE4BE9EB19CAD4AB924944 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2015-08-16 19:46:04 C2A6A7E10E872F62F261637B67AFB248 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-08-16 19:45:58 AA12B1DD4C32F01995A07774D9A44C47 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2015-08-16 19:45:58 66CD0B90DA1E7219759821F9846A29CB 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2015-08-16 19:44:48 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe
=== C: other files ==
2015-08-22 12:43:29 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-08-22 12:42:30 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-08-22 12:42:30 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-08-22 12:42:30 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-08-20 19:14:59 602F0E7767955CED93A2B721A88120B5 958232 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507063.sys
2015-08-20 19:14:59 3D39601F01B131CE1B08CB32540F1EF0 554840 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507063.sys
2015-08-16 19:48:53 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2015-08-16 19:48:48 67A1743377EBB5D9A370A8C2086CFDCC 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-08-16 19:48:48 522A1595D5701800DD41B2D472F5AAED 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-08-16 19:48:45 B2081803D510DCE174992BA880EDCA70 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-08-16 19:48:45 97687971F9CB30E2633DE0F1296B9F61 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-08-16 19:48:45 552FA62B0EFECD22D8D52499324BCA4F 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-16 19:44:56 F97A0CFC495C92FF2F6A03933157D115 3208192 ----a-w- C:\Windows\System32\win32k.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 
[HKEY_USERS\S-1-5-21-1869362604-1768435415-2293966079-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Spotify Web Helper"="C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
 
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Spotify Web Helper"="C:\Users\Windows7\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
 
==== Startup Registry Disabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Windows7\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-07-2015 19:30]
C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [03-02-2013 10:52]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2015 21:20]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2015 21:20]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2015 21:20]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-08-2015 21:20]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4983" [wscript.exe C:\Users\Windows7\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d0db7d54cc35d1" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0db7d5525056a" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{243725C8-E191-48A6-990A-59B2DD03BD84}" [C:\Program Files (x86)\Logitech\iTouch\iTouch.exe]
"C:\Windows\SysNative\tasks\{6FF46B97-D352-4539-9FC2-8DC98768A89B}" [C:\Program Files (x86)\Logitech\iTouch\iTouch.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"]
 
==== Chromium Look ======================
 
Google Chrome Version: 44.0.2403.157
 
 
 
==== Chromium Startpages ======================
 
C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Preferences
ries":"C7EC0723DF4ED6DD007C7C1E99263BD1269097FB5ECFF6C223091CAD84716A1A"}},"super_mac":"323E2EAB33F45A8516F4E1B71B71BE8649C517F291131D482C22B765EC126341"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.nl/]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"},"sync":{"remaining_rollback_tries":0}}
 
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{BEDCB1EE-EBCC-455E-992E-6A6970810C32}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{BEDCB1EE-EBCC-455E-992E-6A6970810C32} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\472EE7AF07377B34A9543AB971CCDC5C deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EE23957-0BA5-48F3-AFAF-912C35815723} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\472EE7AF07377B34A9543AB971CCDC5C deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Windows7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Windows7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\Windows7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=51 folders=8 28827330 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Windows7\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Windows7\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on zo 23-08-2015 at 12:07:46,53 ======================
Link naar reactie
Delen op andere sites
albada53 Bijdrager

albada53

Geplaatst:
  • Auteur
Geplaatst:

Dank voor je advies v.w.b. MSE. Ik heb een betaalde versie van GData, maar deze vertraagde de computer heel erg en stond ook niet toe om bepaalde downloads wel door te laten. Ik zal deze dan toch maar weer installeren?

Ik denk dat de problemen verholpen zijn, dankzij jullie/jouw hulp.

Is er in de instellingen bij Windows 7 de mogelijkheid om PUP's niet toe te laten?

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

PUP's komen meestal binnen als "extraatje" bij nieuwe software die je download/installeert.

Lees daarom steeds goed elk kadertje dat je te zien krijgt en vink ongewenste extra's uit alvorens op Next te klikken.

Helaas zijn er geen instellingen bij Windows waarbij je dergelijke zaken kan blokkeren.

Een handig tooltje, die standaard veel van die ongewenste extra's uitvinkt, is Unchecky!

 

 

Om de besmette herstelpunten en de gebruikte tools (RSIT, Zoek) te verwijderen, mag je onderstaande nog uitvoeren:

 

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore


Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

 

Malwarebytes (Mbam) kan je (i.p.v. Spybot) laten staan om als second opinion scanner te gebruiken naast jouw virusscanner.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.