Ga naar inhoud

Webpagina herstellen


Aanbevolen berichten

 De laptop van mijn vrouw heeft startpagina als startpagina .

Heel vaak krijg ik een melding dat er niet gereageerd wordt .

Dan is het net of de laptop vast loopt.

En dan wordt aangegeven dat ik op herstel pagina moet klikken .

En dan is het weer klaar .

Willen we dan te snel ?

Link naar reactie
Delen op andere sites

  • Reacties 26
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ?

 

Download 51a5f5d096dae-icon_RSIT.png RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je 
hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een 

.
Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.10 (written by random/random)

Run by Gerda at 2015-12-26 16:04:08

Microsoft Windows 8.1

System drive C: has 852 GB (91%) free of 936 GB

Total RAM: 5602 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:04:19, on 26-12-2015

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.17840)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\APPINTEGRATOR.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\Gerda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/8

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll

O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll

O3 - Toolbar: Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Allin1Convert EPM Support] "C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe" T8EPMSUP.DLL,S

O4 - HKLM\..\Run: [Allin1Convert AppIntegrator 32-bit] C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator.exe

O4 - HKLM\..\Run: [Allin1Convert AppIntegrator 64-bit] C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Allin1ConvertService (Allin1Convert_8hService) - Mindspark - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe

O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @oem7.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10127 bytes

======Listing Processes======

wininit.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\atiesrxx.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\WINDOWS\system32\Hpservice.exe

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe

"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService

C:\WINDOWS\system32\svchost.exe -k apphost

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\WINDOWS\System32\svchost.exe -k utcsvc

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

dashost.exe {fca9e961-6cbd-45fb-a2b9a2ac78d50579}

C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession

-hiberboot

atieclxx

C:\WINDOWS\Explorer.EXE

ClassicStartMenu.exe -startup

C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

taskhostex.exe

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow

"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"

"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\APPINTEGRATOR.EXE"

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

"C:\WINDOWS\system32\GWX\GWX.exe"

"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding

"C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5936 CREDAT:267521 /prefetch:2

C:\WINDOWS\System32\svchost.exe -k smphost

taskhost.exe $(Arg0)

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5936 CREDAT:464169 /prefetch:2

"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584

"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 952B9881-24C7-38AA-3CE7-D0095CE15FD8 -Reinvoke

"C:\Users\Gerda\Downloads\RSITx64.exe"

C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}]

Search Assistant BHO - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2015-03-29 144968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}]

Toolbar BHO - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll [2015-03-29 1037896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{cd1a63ba-a08c-431b-9a34-f240aadc728d} - Allin1Convert - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2015-03-29 1037896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24 2916152]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-07-21 1425408]

"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-08-09 161728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-26 491320]

"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-07-09 580512]

"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2011-08-26 1342008]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]

"Allin1Convert EPM Support"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe [2015-03-29 12872]

"Allin1Convert AppIntegrator 32-bit"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator.exe [2015-03-29 225864]

"Allin1Convert AppIntegrator 64-bit"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe [2015-03-29 258632]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"VIDC.YUY2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"VIDC.YVYU"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-26 16:04:08 ----D---- C:\rsit

2015-12-26 16:04:08 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2015-12-26 16:04:08 ----RD---- C:\Program Files

2015-12-26 16:04:08 ----D---- C:\WINDOWS\Prefetch

2015-12-26 16:03:29 ----D---- C:\WINDOWS\Temp

2015-12-26 16:00:00 ----D---- C:\WINDOWS\system32\sru

2015-12-26 11:14:11 ----D---- C:\WINDOWS\system32\config

2015-12-26 11:13:45 ----SHD---- C:\WINDOWS\Installer

2015-12-26 11:13:44 ----SHD---- C:\Config.Msi

2015-12-26 11:13:44 ----D---- C:\ProgramData\Microsoft Help

2015-12-26 11:11:57 ----D---- C:\Program Files\Microsoft Silverlight

2015-12-26 11:11:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2015-12-26 11:10:59 ----D---- C:\WINDOWS\WinSxS

2015-12-26 11:10:45 ----D---- C:\WINDOWS\system32\MRT

2015-12-26 11:07:48 ----A---- C:\WINDOWS\system32\MRT.exe

2015-12-26 11:06:41 ----D---- C:\WINDOWS\SysWOW64

2015-12-26 10:59:02 ----D---- C:\WINDOWS\system32\catroot2

2015-12-26 10:55:49 ----D---- C:\WINDOWS\CbsTemp

2015-12-25 14:47:56 ----RD---- C:\WINDOWS\System32

2015-12-25 14:47:56 ----D---- C:\WINDOWS\Inf

2015-12-25 14:47:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2015-12-25 14:36:31 ----D---- C:\Windows

2015-12-25 14:36:30 ----D---- C:\WINDOWS\system32\wbem

2015-12-25 14:34:48 ----RSD---- C:\WINDOWS\Media

2015-12-25 14:34:48 ----D---- C:\WINDOWS\system32\nl-NL

2015-12-25 14:34:48 ----D---- C:\Program Files\Windows Journal

2015-12-25 14:34:48 ----D---- C:\Program Files\Windows Defender

2015-12-25 14:34:48 ----D---- C:\Program Files\Internet Explorer

2015-12-25 14:34:48 ----D---- C:\Program Files (x86)\Internet Explorer

2015-12-25 14:34:46 ----SD---- C:\WINDOWS\SYSWOW64\GWX

2015-12-25 14:34:46 ----SD---- C:\WINDOWS\system32\GWX

2015-12-25 14:34:46 ----RD---- C:\WINDOWS\ToastData

2015-12-25 14:34:46 ----D---- C:\WINDOWS\Tasks

2015-12-25 14:34:46 ----D---- C:\WINDOWS\SYSWOW64\wbem

2015-12-25 14:34:46 ----D---- C:\WINDOWS\SYSWOW64\nl-NL

2015-12-25 14:34:46 ----D---- C:\WINDOWS\SYSWOW64\migration

2015-12-25 14:34:46 ----D---- C:\WINDOWS\system32\migration

2015-12-25 14:34:46 ----D---- C:\WINDOWS\system32\drivers\UMDF

2015-12-25 14:34:46 ----D---- C:\WINDOWS\system32\drivers

2015-12-25 14:34:45 ----D---- C:\WINDOWS\ShellNew

2015-12-25 14:34:45 ----D---- C:\WINDOWS\PolicyDefinitions

2015-12-25 14:34:45 ----D---- C:\WINDOWS\apppatch

2015-12-25 14:34:15 ----D---- C:\WINDOWS\SYSWOW64\Macromed

2015-12-25 14:34:15 ----D---- C:\WINDOWS\SystemResources

2015-12-25 14:34:15 ----D---- C:\WINDOWS\system32\Tasks

2015-12-25 14:34:15 ----D---- C:\WINDOWS\system32\Sysprep

2015-12-25 14:34:15 ----D---- C:\WINDOWS\system32\Macromed

2015-12-25 14:34:15 ----D---- C:\WINDOWS\system32\CodeIntegrity

2015-12-25 14:34:14 ----D---- C:\WINDOWS\servicing

2015-12-25 14:34:10 ----D---- C:\WINDOWS\rescache

2015-12-25 14:34:07 ----D---- C:\WINDOWS\Globalization

2015-12-25 14:33:46 ----D---- C:\Program Files\Common Files\microsoft shared

2015-12-25 14:30:27 ----HD---- C:\Program Files\WindowsApps

2015-12-25 14:24:46 ----D---- C:\WINDOWS\registration

2015-12-25 14:22:30 ----D---- C:\WINDOWS\system32\DriverStore

2015-12-25 14:21:46 ----D---- C:\WINDOWS\Microsoft.NET

2015-12-25 14:21:34 ----RD---- C:\WINDOWS\assembly

2015-12-25 14:14:58 ----SHD---- C:\System Volume Information

2015-12-12 11:56:53 ----D---- C:\WINDOWS\AppReadiness

2015-12-09 04:39:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2015-12-01 18:19:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem7.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-10 29600]

R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]

R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]

R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]

R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]

R3 Accelerometer;@oem7.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-10 42400]

R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]

R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]

R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]

R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-07-18 98472]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 RSP2STOR;@oem18.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-03 269968]

R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2012-07-21 540160]

R3 SynTP;@oem17.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-24 448312]

R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-06-19 57000]

R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]

R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]

R3 WirelessButtonDriver;@oem6.inf,%ServiceDesc%;HP Wireless Button Driver Service; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2012-08-03 20288]

S0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-07-24 79528]

S0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-07-24 26280]

S2 APXACC;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]

S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]

S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-24 41272]

S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-24 43832]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]

R2 Allin1Convert_8hService;Allin1ConvertService; C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe [2015-03-29 90696]

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-08-10 85504]

R2 hpsrv;@oem7.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-10 29600]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-07-09 35232]

R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-07-21 321536]

R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]

S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]

S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]

S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]

S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
 {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4};c
C:\Program Files (x86)\Allin1Convert_8h;fs
{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797};c
{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d};c
{cd1a63ba-a08c-431b-9a34-f240aadc728d};c
Allin1Convert EPM Support;s
Allin1Convert AppIntegrator 32-bit;s
Allin1Convert AppIntegrator 64-bit;s
Allin1Convert_8hService;s
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d};r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"Allin1Convert EPM Support"=-;r64
"Allin1Convert AppIntegrator 32-bit"=-;r64
"Allin1Convert AppIntegrator 64-bit"=-;r64
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.1 Updated 24-December-2015

Tool run by Gerda on zo 27-12-2015 at 10:38:53,61.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gerda\Downloads\zoek.exe [scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

27-12-2015 10:40:54 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Users\Gerda\AppData\Roaming\hpqlog deleted successfully

C:\Users\Gerda\AppData\Roaming\WinRAR deleted successfully

C:\Users\Gerda\AppData\Local\CrashDumps deleted successfully

C:\Users\Gerda\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\Gerda\AppData\Local\EmieSiteList deleted successfully

C:\Users\Gerda\AppData\Local\EmieUserList deleted successfully

C:\Users\Gerda\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\SearchScopes\{63894242-d1a7-4235-a425-c124cb8f4633} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AB6C2097-CD3A-4B68-BA7C-F6BC1C10C5D6} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{63894242-d1a7-4235-a425-c124cb8f4633} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AB6C2097-CD3A-4B68-BA7C-F6BC1C10C5D6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB6C2097-CD3A-4B68-BA7C-F6BC1C10C5D6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Allin1Convert_8hService deleted successfully

==== Deleting Files \ Folders ======================

C:\Users\Gerda\AppData\Local\Allin1Convert_8h deleted

C:\PROGRA~2\Connected Music powered by Universal Music Group deleted

C:\PROGRA~3\{BE4DD016-EE56-4AC8-9832-69281423A3D4} deleted

C:\PROGRA~3\Package Cache deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

C:\Users\Gerda\AppData\LocalLow\IAC deleted

C:\Users\Gerda\AppData\LocalLow\Allin1Convert_8h deleted

C:\Users\Gerda\AppData\LocalLow\Allin1Convert_8hEI deleted

C:\WINDOWS\SysNative\config\systemprofile\Searches deleted

"C:\windows\Installer\16babb.msi" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\8hdlghk.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\8hdlghk64.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\APPINTEGRATOR.EXE" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\APPINTEGRATORSTUB.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\ASSISTMONITOR64.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\HPG.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\Hpg64.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\T8RES.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\TOOLBARGUARD.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\TOOLBARGUARD64.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL" deleted

"C:\PROGRA~2\Allin1Convert_8h" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\assists" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\assists\ie_default_search_provider" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\Users\Gerda\AppData\Local\Temp ====

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

2015-12-26 10:02:43 713919E7E3BD6196D2498C2B8166AEAD 663552 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll

2015-12-26 10:02:43 668D2CA489F605E4C7A743A62632C383 4514816 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll

2015-12-26 10:02:43 0955BBBB50FCC3C2B2EB485FBBFBF4D3 496640 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll

2015-12-26 10:02:42 B60461B5CED2BFAE1A870C61C66966C4 2011136 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll

2015-12-26 10:02:42 3477EAB965E9DEDCD46F95C55F78489F 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-12-26 10:02:42 2010B9DF05FF49DA5C56E372D1135C20 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll

2015-12-26 10:02:39 B206E8BD4938B6C6B1C84DD13C12C4DF 20366848 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

2015-12-26 10:02:39 5FA89E1534B675CCA8CEE6B50D0B7B49 2280448 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll

2015-12-26 10:02:37 284442A1BAFD17731398AD22AB6C9099 12856832 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll

2015-12-26 10:02:36 6ED639FAAE29626ED1A98139A3C9C289 687104 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll

2015-12-26 10:02:36 219494B7F95F86071EC9D4FC0DC4962F 1311744 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll

2015-12-26 10:02:35 F1ED865CA8D6223739233576D7C76C1A 476160 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll

2015-12-26 10:02:35 DD99C9D2CA3F9B3D63B965B4EDDAE612 2050560 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-12-26 10:02:35 9E096DAFF4A3E967C0010CB9FA272C20 1048576 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll

2015-12-26 10:02:34 573B48998A78496D6D40D9C484192C96 325632 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll

2015-12-26 10:02:34 4ED815FE30E048A52A5FC420DD6E49D0 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll

2015-12-26 10:02:34 13DED010D9DFA204DB2C2F650B3901B8 279040 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll

2015-12-26 10:02:34 0E4EB92ED1D036F7C892E9AD3D821BF5 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll

2015-12-26 10:02:34 081BE765C4025EC2AB8011A6BFE222B5 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll

2015-12-26 10:02:17 C883C740EFBE6C298FE7EF3882A3A513 1559552 ----a-w- C:\WINDOWS\SysWOW64\DWrite.dll

2015-12-26 10:02:17 72DF14DA8F1CC15F7BE4176DE0404D9E 1376256 ----a-w- C:\WINDOWS\SysWOW64\user32.dll

2015-12-26 10:02:17 12F891ACA590368A341D0870AE17D46A 1490944 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll

2015-12-26 10:02:00 22C35A1912B6352FDFB8EC5E37DC7A10 1124384 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll

2015-12-26 10:01:57 EA12C211254C4898F9B82DAE20AA372A 1499920 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll

2015-12-26 10:01:57 6A0901DD70B669927C62A84F6E834A7A 414208 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll

2015-12-26 10:01:57 457EB1E8ACA3D6B0B7D366C8264E60F8 14336 ----a-w- C:\WINDOWS\SysWOW64\ntvdm64.dll

2015-12-26 10:01:57 05E13CBD68B08CECB986969611D0A12C 1344000 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll

2015-12-26 10:01:56 55E39A093E4B88F359D2E2D3C410BA78 2462720 ----a-w- C:\WINDOWS\SysWOW64\authui.dll

2015-12-26 10:01:52 D9067A6C370B6AFC04CC582C4F9F8E72 726528 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll

2015-12-26 10:01:52 0FB556A745740EA7309AC9C9609678FA 124928 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll

2015-12-26 10:01:51 90E17A681CCBED78BCBC8F7A4455E298 29696 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe

2015-12-26 10:01:51 4190932D111FF196E9CFBBD5F4232045 81920 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll

2015-12-26 10:01:43 463873126358017A07CE8976451759EF 53248 ----a-w- C:\WINDOWS\SysWOW64\PCPKsp.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2015-12-26 10:02:43 32C4438BACFF7AAC86AE54FAE74AA483 571392 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll

2015-12-26 10:02:42 4264B4BD10C5A21CF4A15998CB71551F 817664 ----a-w- C:\WINDOWS\Sysnative\jscript.dll

2015-12-26 10:02:42 3F0827114CE89176253684B588D4B02E 5923840 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll

2015-12-26 10:02:41 C24E9C3490373F476166A0D466B0BB8C 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll

2015-12-26 10:02:41 64F4B886C95379DEA6EF3DDF3CE2D853 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll

2015-12-26 10:02:40 E2C385B0D816AD37616BD4C4204D0633 2487808 ----a-w- C:\WINDOWS\Sysnative\wininet.dll

2015-12-26 10:02:40 A8B4563632BAF46BB005A0127727E82D 25837568 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

2015-12-26 10:02:39 5040CEF0DC919A81AF2C10CC67F3F36C 2887168 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll

2015-12-26 10:02:37 A2F0AB5736B60AC22D63113489D37FF1 14456832 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll

2015-12-26 10:02:37 23D900117F368A884C4C36A57E201F97 798208 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll

2015-12-26 10:02:36 D0EB186DFF60A296B144A0FC2490AC31 1546752 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll

2015-12-26 10:02:35 963F01E33EFADF54DDCCDDF31DFC2D37 615936 ----a-w- C:\WINDOWS\Sysnative\ieui.dll

2015-12-26 10:02:35 6D86F7F6C9FE6059B610DB1D6EF77659 2123264 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl

2015-12-26 10:02:35 33E703517D83F367B0B0B3EF2C807C77 718336 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe

2015-12-26 10:02:34 ECD38A229EECE874598B854B2A306347 145408 ----a-w- C:\WINDOWS\Sysnative\iepeers.dll

2015-12-26 10:02:34 C50956683D1FE88EC184F5047EC82864 2880000 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll

2015-12-26 10:02:34 B72E7828994EC80B5595111D5CD092F5 372224 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll

2015-12-26 10:02:34 503155AF5513116632202504D71FA29D 315392 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll

2015-12-26 10:02:34 377C0436711DE3AFB9527FB88F831F44 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll

2015-12-26 10:02:34 2A0AB8E59C47DC589C2DF3CEB1AA22EF 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll

2015-12-26 10:02:18 44BCB14107479CF6874C06FEF5D77336 4176384 ----a-w- C:\WINDOWS\Sysnative\win32k.sys

2015-12-26 10:02:18 33094E2182C451BCFCFD60F734B1C4EF 1540728 ----a-w- C:\WINDOWS\Sysnative\user32.dll

2015-12-26 10:02:18 3250C161812B3A98ADABBAB19E8CB98B 1994752 ----a-w- C:\WINDOWS\Sysnative\DWrite.dll

2015-12-26 10:02:18 2F225BC85B84C04EA01BAB8D8DACFA83 1383936 ----a-w- C:\WINDOWS\Sysnative\FntCache.dll

2015-12-26 10:02:17 F06533D9251558E69088F53AD420D796 1753600 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll

2015-12-26 10:02:14 54A9B188D1E558C9EF987ACAA5E7B997 186880 ----a-w- C:\WINDOWS\Sysnative\dpapisrv.dll

2015-12-26 10:02:01 12CEF192F55EC60A9BCA37F4B2E7729B 1385280 ----a-w- C:\WINDOWS\Sysnative\msctf.dll

2015-12-26 10:01:58 FAA44737F9CE36A16AE0B9657F265609 1355848 ----a-w- C:\WINDOWS\Sysnative\winresume.exe

2015-12-26 10:01:58 D89241C56421970BD644CEA453F9F1A8 1487008 ----a-w- C:\WINDOWS\Sysnative\winresume.efi

2015-12-26 10:01:58 7F4589C9A7B8BEE7F12B48244922F6DA 1735000 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll

2015-12-26 10:01:58 4BB376166563BCF9FE3AF100E159EB04 7455064 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe

2015-12-26 10:01:57 944CCF13CB8C8A2ED3CFD1464807EE77 16896 ----a-w- C:\WINDOWS\Sysnative\ntvdm64.dll

2015-12-26 10:01:57 5CCBB90E1CE7A71718576A777AA47838 1706496 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll

2015-12-26 10:01:57 592AC223520391D7D7E6F0D6A7723672 1659568 ----a-w- C:\WINDOWS\Sysnative\winload.efi

2015-12-26 10:01:57 33F44F60A2ADADA0395114DCBD509623 1519592 ----a-w- C:\WINDOWS\Sysnative\winload.exe

2015-12-26 10:01:57 258FCB4843397FE4008CC0B7041F16F7 522240 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll

2015-12-26 10:01:56 C903FFA0307A1BBD31F7B5316191F4E0 2775552 ----a-w- C:\WINDOWS\Sysnative\authui.dll

2015-12-26 10:01:53 E0FEF9522094BE3AAEAE307118F556AD 897024 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll

2015-12-26 10:01:53 688DAAE720E39DA86822785195646663 3706880 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll

2015-12-26 10:01:52 9F0C4323E23ACDA82C46377DAC589411 52224 ----a-w- C:\WINDOWS\Sysnative\wups2.dll

2015-12-26 10:01:52 91CA64009EF06F9C732E76B90C915FA4 140288 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll

2015-12-26 10:01:52 82EF611A17E71211661210825CD50B43 2243584 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll

2015-12-26 10:01:52 6A5F107E73586860440F46651EC8DA31 409088 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll

2015-12-26 10:01:52 30B7D98DC425DDB424C8DDFDB55979BA 136904 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe

2015-12-26 10:01:51 47142466B2D7FF48A4F64E8CAA1A17DD 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe

2015-12-26 10:01:51 0DBC49D2C19FAE040B2DEF2BFD09F5F0 95744 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll

2015-12-26 10:01:42 B1613F8E78ACA385EC652437482AC4DC 60928 ----a-w- C:\WINDOWS\Sysnative\PCPKsp.dll

2015-12-26 10:01:37 EC302D06155F8E3C383750993FCB6B27 146432 ----a-w- C:\WINDOWS\Sysnative\wininit.exe

2015-12-26 10:01:37 3F8645885823692D93765817759BE21C 572928 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe

====== C:\WINDOWS\Sysnative\drivers =====

2015-12-26 10:02:26 A7D51169CA28B0AA9B5DE2B7EFB5C3C9 145408 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys

2015-12-26 10:01:38 FC974B03C8B87455F44F734C8F31A3C8 37376 ----a-w- C:\WINDOWS\Sysnative\drivers\usbuhci.sys

2015-12-26 10:01:38 D25F0093A71FFB355160358DD70B0373 443224 ----a-w- C:\WINDOWS\Sysnative\drivers\usbport.sys

2015-12-26 10:01:38 CD81683F4553677B9BF5163A922153EB 462168 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys

2015-12-26 10:01:38 BBFD17B6B954FC9FA02E62D604052069 92504 ----a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys

2015-12-26 10:01:38 A0F0484C97D6441ED6A75D7426ECCC9E 30208 ----a-w- C:\WINDOWS\Sysnative\drivers\usbohci.sys

2015-12-26 10:01:38 9A2B3A98D7982372CA36A823F673EFB8 27992 ----a-w- C:\WINDOWS\Sysnative\drivers\usbd.sys

2015-12-26 10:01:38 5C90D5379B53590FBB24BBAD4FA682EE 468824 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2015-12-26 15:04:08 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

======= C: =====

====== C:\Users\Gerda\AppData\Roaming ======

====== C:\Users\Gerda ======

2015-12-26 15:03:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gerda\Downloads\RSITx64.exe

====== C: exe-files ==

2015-12-26 15:04:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gerda.exe

2015-12-26 15:03:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gerda\Downloads\RSITx64.exe

2015-12-26 10:02:35 F601CDE5F262BFFD0F56569AF53C91DE 814256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2015-12-26 10:02:35 E3DA77B534D7DFF8A2AE6A577A44703B 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2015-12-26 10:02:35 33E703517D83F367B0B0B3EF2C807C77 718336 ----a-w- C:\Windows\System32\ie4uinit.exe

2015-12-26 10:02:26 323DA0EA734D0335CBD95A10344E0128 442880 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe

2015-12-26 10:02:26 0EE82D09011C456040EEA0EA7BAB66F2 394544 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe

2015-12-26 10:02:26 044403024E2CB2F9372D51D5A282C936 354816 ----a-w- C:\Windows\System32\GWX\GWXDetector.exe

2015-12-26 10:02:25 6DABFABC761F2DC1F0D159CC591C2A3B 119296 ----a-w- C:\Windows\System32\GWX\GWXUX.exe

2015-12-26 10:02:25 4A90FEC11212C344801655DB1FBF5E4A 518656 ----a-w- C:\Windows\System32\GWX\GWX.exe

2015-12-26 10:02:25 497D6328C4DB4BACD4222ADCE9E9D1D4 742400 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe

2015-12-26 10:01:58 FAA44737F9CE36A16AE0B9657F265609 1355848 ----a-w- C:\Windows\System32\winresume.exe

2015-12-26 10:01:58 4BB376166563BCF9FE3AF100E159EB04 7455064 ----a-w- C:\Windows\System32\ntoskrnl.exe

2015-12-26 10:01:57 33F44F60A2ADADA0395114DCBD509623 1519592 ----a-w- C:\Windows\System32\winload.exe

2015-12-26 10:01:52 30B7D98DC425DDB424C8DDFDB55979BA 136904 ----a-w- C:\Windows\System32\wuauclt.exe

2015-12-26 10:01:51 90E17A681CCBED78BCBC8F7A4455E298 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-12-26 10:01:51 47142466B2D7FF48A4F64E8CAA1A17DD 35840 ----a-w- C:\Windows\System32\wuapp.exe

2015-12-26 10:01:37 EC302D06155F8E3C383750993FCB6B27 146432 ----a-w- C:\Windows\System32\wininit.exe

2015-12-26 10:01:37 3F8645885823692D93765817759BE21C 572928 ----a-w- C:\Windows\System32\winlogon.exe

=== C: other files ==

2015-12-26 10:02:26 A7D51169CA28B0AA9B5DE2B7EFB5C3C9 145408 ----a-w- C:\Windows\System32\drivers\rmcast.sys

2015-12-26 10:02:18 44BCB14107479CF6874C06FEF5D77336 4176384 ----a-w- C:\Windows\System32\win32k.sys

2015-12-26 10:01:38 FC974B03C8B87455F44F734C8F31A3C8 37376 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2015-12-26 10:01:38 D25F0093A71FFB355160358DD70B0373 443224 ----a-w- C:\Windows\System32\drivers\usbport.sys

2015-12-26 10:01:38 CD81683F4553677B9BF5163A922153EB 462168 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2015-12-26 10:01:38 BBFD17B6B954FC9FA02E62D604052069 92504 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2015-12-26 10:01:38 A0F0484C97D6441ED6A75D7426ECCC9E 30208 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2015-12-26 10:01:38 9A2B3A98D7982372CA36A823F673EFB8 27992 ----a-w- C:\Windows\System32\drivers\usbd.sys

2015-12-26 10:01:38 5C90D5379B53590FBB24BBAD4FA682EE 468824 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"Allin1Convert EPM Support"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S"

"Allin1Convert AppIntegrator 32-bit"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator.exe"

"Allin1Convert AppIntegrator 64-bit"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{188CE919-82EF-4609-AFB2-3F283AAB9C47}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

==== Chromium Look ======================

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.startpagina.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.startpagina.nl/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

HKLM\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}

HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

HKCU\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} deleted successfully

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-206472500-104361960-3163359641-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1ADB7B61769BD2D4B8721E72722C3805 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{16B7BDA1-B967-4D2D-8B27-E12727C28350} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1ADB7B61769BD2D4B8721E72722C3805 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gerda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Gerda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Gerda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

C:\Users\Gerda\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=486 folders=117 87741247 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gerda\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Gerda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

"C:\PROGRA~2\Allin1Convert_8h" not found

==== EOF on zo 27-12-2015 at 11:07:37,36 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.