Ga naar inhoud

Is mijn laptop gehackt?


froesjel

Aanbevolen berichten

Hallo,

Sinds een week heb ik problemen met mijn laptop. 2 keer is hij al gecrasht. Ook kan ik met mijn printer (Canon MG 5550)niet meer afdrukken via WiFi. Heb verschillende keren een systeemherstel gedaan zonder enige verandering. Ik gebruik ook een Wlan-versterker (Medion MD 86464). ook deze kan ik niet meer gebruiken. Het internet dat ik gebruik is van Belgacom BB-3. Ik gebruik de versterker omdat ik via de modem van mijn zus gebruik. Ik woon in een appartement van 3 verdiepen. mijn zus woont op het 3de en ik op het 1ste. Voor de problemen begonnen had ik geen problemen om op het net te surfen in mijn kamer. Maar nu moet ik in de living al gaan om op het net te geraken, waar ik 2 à 3 blokjes heb voor de verbinding. In mijn kamer geen enkel blokje. Vroeger volledig bereik 5 blokjes. Nu ben ik echt ten einde raad. Mijn laptop is een Acer Aspire 7560.

Hoop dat jullie mij kunnen helpen.

Mvg Alain.

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by alain at 2014-04-10 09:02:59

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 474 GB (80%) free of 595 GB

Total RAM: 3563 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:03:02, on 10/04/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17041)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files\trend micro\alain.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)

R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: IEToolbar.BHO - {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll (file missing)

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)

O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)

O3 - Toolbar: MoneyMillionaire Toolbar - {d28c7e56-2cc6-415c-8727-d71334085926} - mscoree.dll (file missing)

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: (no name) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - (no file)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: Dropbox.lnk = alain\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater18.0.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12414 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=0129af38-5e22-455a-94df-3306ff814536 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\4314ca15-9532-4d47-bddb-210507bbdf62-188-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

"c:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

atieclxx

C:\Windows\System32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"

"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"

"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"

"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 2900

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"

\??\C:\Windows\system32\conhost.exe "1665374476-2110944395483270257-1470486880-571040242461591855-1192639441-1118629599

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\System32\alg.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"taskhost.exe"

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2704

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

taskeng.exe {D6FE293C-8B84-4755-A8F4-543817D9DB73}

"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"

"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt

"c:\Program Files\Microsoft Security Client\NisSrv.exe"

"C:\Users\alain\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-21 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b}]

IEToolbar.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-21 3486232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-21 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-21 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

{d28c7e56-2cc6-415c-8727-d71334085926} - MoneyMillionaire Toolbar - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]

{48586425-6bb7-4f51-8dc6-38c88e3ebb58}

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll [2014-03-21 3486232]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-21 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"=C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-12 138096]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-03-05 39408]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-02-18 177448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]

C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX210 Series]

C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE [2008-11-06 223232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-31 1092688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]

C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-21 2207848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-07 11788392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-25 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-03-05 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^alain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

C:\Users\alain\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-01-03 30714328]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-03-19 4971024]

"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]

"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2013-02-19 453736]

C:\Users\alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\alain\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]

"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-10 08:49:14 ----DC---- C:\Program Files\trend micro

2014-04-10 08:49:13 ----DC---- C:\rsit

2014-04-09 10:40:10 ----HDC---- C:\ProgramData\CanonIJMyPrinter

2014-04-09 10:13:34 ----HDC---- C:\ProgramData\CanonIJMIG

2014-04-09 09:11:58 ----A---- C:\Windows\system32\ieui.dll

2014-04-09 09:11:57 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-04-09 09:11:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-04-09 09:11:53 ----A---- C:\Windows\system32\vbscript.dll

2014-04-09 09:11:41 ----A---- C:\Windows\system32\iernonce.dll

2014-04-09 09:11:41 ----A---- C:\Windows\system32\ie4uinit.exe

2014-04-09 09:11:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-04-09 09:11:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-04-09 09:11:37 ----A---- C:\Windows\system32\jscript9diag.dll

2014-04-09 09:11:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-04-09 09:11:36 ----A---- C:\Windows\system32\dxtrans.dll

2014-04-09 09:11:36 ----A---- C:\Windows\system32\dxtmsft.dll

2014-04-09 09:11:35 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-04-09 09:11:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-04-09 09:11:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-04-09 09:11:35 ----A---- C:\Windows\system32\msrating.dll

2014-04-09 09:11:35 ----A---- C:\Windows\system32\jsproxy.dll

2014-04-09 09:11:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-04-09 09:11:34 ----A---- C:\Windows\system32\msfeeds.dll

2014-04-09 09:11:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-04-09 09:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-04-09 09:11:33 ----A---- C:\Windows\system32\ieUnatt.exe

2014-04-09 09:11:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-04-09 09:11:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-04-09 09:11:32 ----A---- C:\Windows\system32\iesetup.dll

2014-04-09 09:11:31 ----A---- C:\Windows\system32\mshtml.dll

2014-04-09 09:11:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-04-09 09:11:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-04-09 09:11:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-04-09 09:11:28 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-04-09 09:11:28 ----A---- C:\Windows\system32\ieapfltr.dll

2014-04-09 09:11:27 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-04-09 09:11:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-04-09 09:11:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-04-09 09:11:25 ----A---- C:\Windows\system32\iertutil.dll

2014-04-09 09:11:24 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-04-09 09:11:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-04-09 09:11:24 ----A---- C:\Windows\system32\wininet.dll

2014-04-09 09:11:24 ----A---- C:\Windows\system32\urlmon.dll

2014-04-09 09:11:22 ----A---- C:\Windows\system32\ieframe.dll

2014-04-09 09:11:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-04-09 09:11:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-04-09 09:11:19 ----A---- C:\Windows\system32\jscript9.dll

2014-04-09 09:11:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-04-09 06:02:34 ----AC---- C:\Windows\system32\drivers\msiscsi.sys

2014-04-09 06:02:34 ----A---- C:\Windows\system32\drivers\storport.sys

2014-04-09 06:02:34 ----A---- C:\Windows\system32\drivers\Diskdump.sys

2014-04-09 06:02:33 ----A---- C:\Windows\SYSWOW64\iologmsg.dll

2014-04-09 06:02:33 ----A---- C:\Windows\system32\iologmsg.dll

2014-04-09 06:02:26 ----A---- C:\Windows\system32\kernel32.dll

2014-04-09 06:02:24 ----A---- C:\Windows\system32\wow64.dll

2014-04-09 06:02:23 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2014-04-09 06:02:22 ----A---- C:\Windows\system32\wow64win.dll

2014-04-09 06:02:19 ----A---- C:\Windows\SYSWOW64\setup16.exe

2014-04-09 06:02:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2014-04-09 06:02:16 ----A---- C:\Windows\system32\ntvdm64.dll

2014-04-09 06:02:15 ----A---- C:\Windows\system32\wow64cpu.dll

2014-04-09 06:02:13 ----A---- C:\Windows\SYSWOW64\wow32.dll

2014-04-09 06:02:12 ----A---- C:\Windows\SYSWOW64\instnm.exe

2014-04-09 06:02:09 ----A---- C:\Windows\SYSWOW64\user.exe

2014-04-09 06:02:03 ----A---- C:\Windows\system32\drivers\ntfs.sys

2014-04-08 09:48:29 ----AC---- C:\Windows\SYSWOW64\authuitu.dll

2014-04-08 09:48:29 ----AC---- C:\Windows\system32\authuitu.dll

2014-04-08 09:48:20 ----AC---- C:\Windows\system32\uxtuneup.dll

2014-04-08 09:48:19 ----AC---- C:\Windows\SYSWOW64\uxtuneup.dll

2014-04-08 09:34:01 ----AC---- C:\Windows\system32\TURegOpt.exe

2014-04-08 09:23:12 ----DC---- C:\Program Files (x86)\TuneUp Utilities 2014

2014-03-22 08:37:19 ----DC---- C:\Users\alain\AppData\Roaming\AVG

2014-03-22 08:33:34 ----DC---- C:\ProgramData\AVG

2014-03-22 08:33:11 ----SHDC---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-03-21 17:59:30 ----DC---- C:\ProgramData\PriceMeterLiveUpdate

2014-03-21 17:59:30 ----DC---- C:\Program Files (x86)\PriceMeterLiveUpdate

2014-03-21 17:59:23 ----DC---- C:\Users\alain\AppData\Roaming\PriceMeterUpdater

2014-03-21 17:37:29 ----SHDC---- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2014-03-21 08:06:13 ----DC---- C:\ProgramData\AVG Secure Search

2014-03-12 09:41:15 ----A---- C:\Windows\system32\wwansvc.dll

2014-03-12 09:41:14 ----A---- C:\Windows\SYSWOW64\wer.dll

2014-03-12 09:41:14 ----A---- C:\Windows\system32\wer.dll

2014-03-12 09:41:13 ----A---- C:\Windows\system32\win32k.sys

2014-03-12 09:36:40 ----A---- C:\Windows\SYSWOW64\qedit.dll

2014-03-12 09:36:40 ----A---- C:\Windows\system32\qedit.dll

2014-03-12 09:36:39 ----A---- C:\Windows\system32\WindowsCodecs.dll

2014-03-12 09:36:38 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll

======List of files/folders modified in the last 1 month======

2014-04-10 08:58:23 ----DC---- C:\Windows\Temp

2014-04-10 08:51:06 ----DC---- C:\Windows\system32\config

2014-04-10 08:49:14 ----RDC---- C:\Program Files

2014-04-10 08:39:06 ----DC---- C:\ProgramData\clear.fi

2014-04-10 08:38:42 ----DC---- C:\Windows\tracing

2014-04-10 08:23:34 ----DC---- C:\ProgramData\MFAData

2014-04-10 07:10:21 ----DC---- C:\Windows\SysWOW64

2014-04-09 11:10:00 ----DC---- C:\Windows\system32\Tasks

2014-04-09 10:51:30 ----DC---- C:\ProgramData\CanonIJPLM

2014-04-09 10:47:55 ----DC---- C:\Program Files (x86)\Canon

2014-04-09 10:40:10 ----HDC---- C:\ProgramData

2014-04-09 10:10:13 ----RSDC---- C:\Windows\Media

2014-04-09 10:09:55 ----DC---- C:\Windows\Prefetch

2014-04-09 09:29:04 ----D---- C:\Windows\winsxs

2014-04-09 09:21:31 ----DC---- C:\Program Files\Internet Explorer

2014-04-09 09:21:30 ----DC---- C:\Windows\SYSWOW64\nl-NL

2014-04-09 09:21:30 ----DC---- C:\Windows\SYSWOW64\en-US

2014-04-09 09:21:28 ----DC---- C:\Windows\system32\nl-NL

2014-04-09 09:21:28 ----DC---- C:\Windows\system32\en-US

2014-04-09 09:21:28 ----DC---- C:\Windows\System32

2014-04-09 09:21:28 ----DC---- C:\Windows\PolicyDefinitions

2014-04-09 09:21:27 ----DC---- C:\Program Files (x86)\Internet Explorer

2014-04-09 09:21:23 ----DC---- C:\Windows\system32\drivers

2014-04-09 09:21:23 ----DC---- C:\Windows\AppPatch

2014-04-09 09:21:21 ----D---- C:\Windows\system32\DriverStore

2014-04-09 09:21:04 ----DC---- C:\Windows\system32\drivers\UMDF

2014-04-09 09:12:57 ----DC---- C:\Windows\system32\catroot

2014-04-09 09:12:56 ----DC---- C:\Windows\system32\catroot2

2014-04-09 09:11:00 ----SHD---- C:\System Volume Information

2014-04-09 09:06:24 ----SHDC---- C:\Windows\Installer

2014-04-09 09:06:23 ----SHDC---- C:\Config.Msi

2014-04-09 09:05:54 ----DC---- C:\Windows\system32\MRT

2014-04-09 09:01:48 ----A---- C:\Windows\system32\MRT.exe

2014-04-09 08:58:02 ----DC---- C:\Users\alain\AppData\Roaming\vlc

2014-04-09 08:06:28 ----DC---- C:\Windows\inf

2014-04-09 08:06:28 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-04-08 09:53:19 ----DC---- C:\Windows\Tasks

2014-04-08 09:32:20 ----DC---- C:\Program Files (x86)\AVG

2014-04-08 09:29:00 ----DC---- C:\Windows

2014-04-08 09:23:12 ----DC---- C:\Program Files (x86)

2014-04-07 11:13:38 ----DC---- C:\Windows\Minidump

2014-04-07 09:33:46 ----DC---- C:\Windows\system32\NDF

2014-04-06 08:45:28 ----DC---- C:\Program Files (x86)\Re-markit

2014-04-06 08:20:36 ----DC---- C:\Windows\system32\wfp

2014-04-06 08:20:36 ----DC---- C:\Program Files\Microsoft Security Client

2014-04-06 08:20:34 ----DC---- C:\Windows\system32\wbem

2014-04-06 08:18:57 ----DC---- C:\Windows\system32\drivers\etc

2014-04-06 08:18:57 ----DC---- C:\Windows\system32\CodeIntegrity

2014-04-06 08:18:57 ----DC---- C:\Windows\AppCompat

2014-04-06 08:18:51 ----HDC---- C:\ProgramData\CanonIJETV

2014-04-06 08:18:50 ----DC---- C:\Program Files\Windows Sidebar

2014-04-06 08:18:49 ----DC---- C:\Program Files (x86)\Realtek

2014-04-06 08:18:49 ----DC---- C:\Program Files (x86)\PC Speed Up

2014-04-06 08:18:49 ----DC---- C:\Program Files (x86)\Microsoft Security Client

2014-04-06 08:17:58 ----DC---- C:\Program Files (x86)\Ask.com

2014-04-06 08:17:08 ----D---- C:\Windows\registration

2014-04-06 08:15:14 ----HDC---- C:\Program Files\CanonBJ

2014-04-06 08:15:06 ----DC---- C:\Program Files\Canon

2014-04-06 08:15:04 ----DC---- C:\Program Files (x86)\Windows Sidebar

2014-04-05 16:21:19 ----DC---- C:\ProgramData\CanonIJWSpt

2014-04-01 11:22:35 ----DC---- C:\Users\alain\AppData\Roaming\Dropbox

2014-03-27 17:04:05 ----RDC---- C:\Users

2014-03-21 19:01:09 ----DC---- C:\ProgramData\TuneUp Software

2014-03-21 18:38:30 ----DC---- C:\ProgramData\Google

2014-03-21 18:12:10 ----DC---- C:\Users\alain\AppData\Roaming\TuneUp Software

2014-03-21 18:04:38 ----ADC---- C:\ProgramData\Temp

2014-03-21 08:05:35 ----DC---- C:\Program Files (x86)\AVG Secure Search

2014-03-12 10:31:58 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-03-12 10:23:15 ----DC---- C:\Program Files\Microsoft Silverlight

2014-03-12 10:23:06 ----DC---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-11-01 212280]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-21 49952]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-05-20 22912]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-05-20 20328]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-05-20 62584]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]

R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]

R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-21 146432]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-25 9257472]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-25 300544]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-17 2712064]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-12 2833256]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2014-02-10 14112]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-15 47232]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2013-01-30 46720]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-12-30 117248]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]

S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-06-10 98816]

S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2010-12-30 54784]

S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-06-10 86016]

S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-06-10 28672]

S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-06-10 213504]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]

S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []

S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]

S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-24 19456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]

S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-01-06 676864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-11-13 56832]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 usbrndis6;USB RNDIS6-adapter; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\drivers\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-25 204288]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-02-23 3782672]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-31 352848]

R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-03-31 2183992]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [2014-03-21 1771032]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]

R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-04 655624]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-09 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-04-09 111616]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f C:\Program Files (x86)\WinPcap\rpcapd.ini []

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-05 1255736]

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]

S4 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]

S4 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]

S4 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]

S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-01-18 39528]

S4 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]

S4 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064};c
 {93a3111f-4f74-4ed8-895e-d9708497629e};c
 {1d970ed5-3eda-438d-bffd-715931e2775b};c
 {95B7759C-8C7F-4BF1-B163-73684A933233};c
 C:\Program Files (x86)\AVG Secure Search\18.0.5.292\AVG Secure Search_toolbar.dll;f
 {EE932B49-D5C0-4D19-A3DA-CE0849258DE6};c
 {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064};c
 {d28c7e56-2cc6-415c-8727-d71334085926};c
 {48586425-6bb7-4f51-8dc6-38c88e3ebb58};c
 {95B7759C-8C7F-4BF1-B163-73684A933233};c
 {5513F07E-936B-4E52-9B00-067394E91CC5};c
 vToolbarUpdater18.0.5;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}];r64
 C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308};fs
 C:\ProgramData\PriceMeterLiveUpdate;fs
 C:\Program Files (x86)\PriceMeterLiveUpdate;fs
 C:\Users\alain\AppData\Roaming\PriceMeterUpdater;fs
 C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C};fs
 C:\Program Files (x86)\Ask.com;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by alain on vr 11/04/2014 at 8:03:19,59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\alain\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 8:09:45,22 =====

--- Create Environment Variables 8:09:47,15

--- Create System Restore Point 8:09:56,39

--- Checking Input 8:10:14,43

--- AU AppData Check 8:10:23,59

--- Remove From Windows Installer 8:10:35,26

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by alain on vr 11/04/2014 at 8:03:19,59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\alain\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

11/04/2014 8:10:12 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Babylon deleted successfully

C:\PROGRA~3\Canon IJ Network Tool deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully

C:\Users\alain\AppData\Roaming\Systweak deleted successfully

C:\Users\alain\AppData\Local\Downloaded Installations deleted successfully

C:\Users\alain\AppData\Local\Lollipop deleted successfully

C:\Users\Cody\AppData\Local\VirtualStore deleted successfully

C:\Users\Gast\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.5 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.5 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

==== Deleting Files \ Folders ======================

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Program Files (x86)\PriceMeterLiveUpdate not found

C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found

C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found

C:\ProgramData\PriceMeterLiveUpdate deleted

C:\Users\alain\AppData\Roaming\PriceMeterUpdater deleted

C:\Program Files (x86)\Ask.com deleted

C:\PROGRA~2\GUTFBEC.tmp deleted

C:\PROGRA~2\GUMFBEB.tmp deleted

C:\PROGRA~2\PC Speed Up deleted

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\PROGRA~2\Re-markit deleted

C:\PROGRA~2\VideoDownloadConverter deleted

C:\PROGRA~2\VideoDownloadConverter_4z deleted

C:\PROGRA~2\MyFree Codec deleted

C:\PROGRA~2\Search Results Toolbar deleted

C:\PROGRA~2\COMMON~1\AVG Secure Search deleted

C:\Users\alain\AppData\Roaming\ExpressFiles deleted

C:\Users\alain\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\Users\alain\AppData\Roaming\ParetoLogic deleted

C:\Users\alain\AppData\Roaming\DriverCure deleted

C:\Users\alain\AppData\Roaming\BabSolution deleted

C:\Users\alain\AppData\Roaming\Babylon deleted

C:\Users\alain\AppData\Roaming\Registry Mechanic deleted

C:\Users\alain\AppData\Roaming\OpenCandy deleted

C:\PROGRA~3\StarApp deleted

C:\PROGRA~3\AVG Security Toolbar deleted

C:\PROGRA~3\OberonGameConsole deleted

C:\PROGRA~3\MaggneiPaic deleted

C:\PROGRA~3\AVG Secure Search deleted

C:\PROGRA~3\InstallMate deleted

C:\PROGRA~3\Tarma Installer deleted

C:\Users\alain\AppData\Local\VideoDownloadConverter_4z deleted

C:\Users\alain\AppData\Local\AVG Secure Search deleted

C:\Users\alain\AppData\Local\PutLockerDownloader deleted

C:\Users\alain\AppData\Local\Software deleted

C:\Users\Gast\AppData\Local\AVG Secure Search deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Users\alain\AppData\LocalLow\AVG Secure Search deleted

C:\Users\alain\AppData\LocalLow\VideoDownloadConverter_4z deleted

C:\Users\alain\AppData\LocalLow\searchresultstb deleted

C:\Users\alain\AppData\LocalLow\IAC deleted

C:\Users\alain\AppData\LocalLow\ilividtoolbargaw deleted

C:\Users\alain\AppData\LocalLow\DataMngr deleted

C:\Users\Gast\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\wininit.ini deleted

C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\windows\SysNative\Tasks\EPUpdater deleted

C:\user.js deleted

C:\END deleted

C:\Windows\Syswow64\SearchProtect deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

C:\Windows\SysWow64\searchplugins deleted

C:\Windows\SysWow64\Extensions deleted

C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader4@ftdownloader.com.xpi deleted

C:\Users\alain\Desktop\ongebruikte progamma's\avg_free_stb_all_2014_4158_softonic.exe deleted

"C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted

"C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted

"C:\PROGRA~2\AVG Secure Search" not deleted

"C:\PROGRA~2\AVG Secure Search" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-04-07 09:13:32 50625CF1B2D2860E4BA7F96E15370A9A 457073076 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\alain\AppData\Local\Temp ====

2014-04-11 06:04:54 E6AB3AED57555CB7942940597C0F90BE 126264 -c--a-w- C:\Users\alain\AppData\Local\Temp\TUUUninstallHelper.exe

2014-04-09 08:08:11 5F875FDDFFC4D7E91C2B10E895CC6F8C 354392 -c--a-r- C:\Users\alain\AppData\Local\Temp\uninstall.exe

2014-04-08 07:46:54 EC3943C1838A51246751AA9A2CACB6AC 601400 -c--a-w- C:\Users\alain\AppData\Local\Temp\UpdateWizard_25616\tulic.dll

2014-04-08 07:46:54 5D98C7A746137AE06D907D98E7882313 2163000 -c--a-w- C:\Users\alain\AppData\Local\Temp\UpdateWizard_25616\SilentUpdater.exe

2014-04-08 07:29:08 64AAADD364A6F0BA10673BC4274EC608 4096000 -c--a-w- C:\Users\alain\AppData\Local\Temp\Lang_nl-NL.msi

2014-04-08 07:20:08 9C8EE6D9827FFBE4DFA849883053F18D 3911680 -c--a-w- C:\Users\alain\AppData\Local\Temp\Lang_en-GB.msi

2014-04-08 05:25:47 FAB3371539E43959E10CB99647AFABAD 32056 -c--a-w- C:\Users\alain\AppData\Local\Temp\SDShelEx-win32.dll

2014-04-08 05:25:47 EF168DFDE45180C494D5F311CB9F6408 31544 -c--a-w- C:\Users\alain\AppData\Local\Temp\SDShelEx-x64.dll

2014-04-08 05:25:47 91D74E495517F8817F30C3F91F229904 28472 -c--a-w- C:\Users\alain\AppData\Local\Temp\DseShExt-x86.dll

2014-04-08 05:25:47 445DDF7EDBF92E9B641E811153ACB7F2 26424 -c--a-w- C:\Users\alain\AppData\Local\Temp\DseShExt-x64.dll

2014-04-06 08:24:56 22385EE33688B10B61DA1D8CA9549E4B 120192 -c--a-w- C:\Users\alain\AppData\Local\Temp\clear.fiClient\cabarc.exe

====== Java Cache =====

2014-03-31 13:05:25 D41D8CD98F00B204E9800998ECF8427E 0 -c--a-w- C:\Users\alain\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-1d355db4

====== C:\Windows\SysWOW64 =====

2014-04-09 07:11:57 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-04-09 07:11:53 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-04-09 07:11:44 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-04-09 07:11:36 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-04-09 07:11:35 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-04-09 07:11:35 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-04-09 07:11:35 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-04-09 07:11:34 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-04-09 07:11:33 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-04-09 07:11:33 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-04-09 07:11:32 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-04-09 07:11:32 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-04-09 07:11:28 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-04-09 07:11:28 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-04-09 07:11:28 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-04-09 07:11:25 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-04-09 07:11:24 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-04-09 07:11:24 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-04-09 07:11:23 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-04-09 07:11:21 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-04-09 07:11:20 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-04-09 07:11:18 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-04-09 04:02:23 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2014-04-09 04:02:19 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2014-04-09 04:02:16 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2014-04-09 04:02:13 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2014-04-09 04:02:12 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2014-04-09 04:02:09 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2014-04-08 07:48:29 C33CA1A7B95318D945F96A794E3C0DE7 25400 -c--a-w- C:\Windows\SysWOW64\authuitu.dll

2014-04-08 07:48:19 A0265D720F0F4B0496A2D679D64C2E83 35640 -c--a-w- C:\Windows\SysWOW64\uxtuneup.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-04-09 07:11:58 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-04-09 07:11:53 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-04-09 07:11:45 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-04-09 07:11:41 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-04-09 07:11:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-04-09 07:11:40 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-04-09 07:11:40 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-04-09 07:11:37 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-04-09 07:11:36 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-04-09 07:11:36 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-04-09 07:11:35 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-04-09 07:11:35 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-04-09 07:11:34 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-04-09 07:11:33 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-04-09 07:11:32 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-04-09 07:11:31 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-04-09 07:11:28 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-04-09 07:11:28 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-04-09 07:11:27 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-04-09 07:11:26 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-04-09 07:11:25 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-04-09 07:11:24 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-04-09 07:11:24 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-04-09 07:11:22 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-04-09 07:11:22 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-04-09 07:11:19 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-04-09 04:02:26 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll

2014-04-09 04:02:24 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2014-04-09 04:02:22 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2014-04-09 04:02:16 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2014-04-09 04:02:15 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2014-04-08 07:48:29 8BAC9B63A6F3864F5F973729014F6D7F 29496 -c--a-w- C:\Windows\Sysnative\authuitu.dll

2014-04-08 07:48:20 153C65961B92D0FF804644533E7F1100 42808 -c--a-w- C:\Windows\Sysnative\uxtuneup.dll

====== C:\Windows\Sysnative\drivers =====

2014-04-09 04:02:34 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys

2014-04-09 04:02:34 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys

2014-04-09 04:02:34 96BB922A0981BC7432C8CF52B5410FE6 274880 -c--a-w- C:\Windows\Sysnative\drivers\msiscsi.sys

2014-04-09 04:02:03 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

====== C:\Windows\Tasks ======

2014-03-21 17:11:32 772096B1533565D97B73C65131B7AA23 3694 -c--a-w- C:\Windows\Sysnative\Tasks\Adobe online update program

2014-03-21 15:59:20 FB0B54A2DCDE2E4CC4FCE0C703E9E57A 3292 -c--a-w- C:\Windows\Sysnative\Tasks\pricemeterdownloader

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-04-10 06:49:14 -------- dc----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-04-08 07:23:12 -------- dc----w- C:\PROGRA~2\TuneUp Utilities 2014

======= C: =====

====== C:\Users\alain\AppData\Roaming ======

2014-04-09 07:45:35 -------- dcsh--w- C:\Users\alain\AppData\Locallow\EmieUserList

2014-04-09 07:45:30 -------- dcsh--w- C:\Users\alain\AppData\Local\EmieUserList

2014-04-09 07:45:30 -------- dcsh--w- C:\Users\alain\AppData\Local\EmieSiteList

2014-04-09 07:30:54 -------- dcsh--w- C:\Users\alain\AppData\Locallow\EmieSiteList

2014-04-08 07:24:18 -------- dc----w- C:\Users\alain\AppData\Local\TuneUp Software

2014-03-27 15:14:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVG

2014-03-26 11:01:09 -------- dc----w- C:\Users\alain\AppData\Local\AVG

2014-03-23 06:38:56 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG

2014-03-22 06:37:19 -------- dc----w- C:\Users\alain\AppData\Roaming\AVG

2014-03-21 15:59:30 -------- dc----w- C:\Users\alain\AppData\Local\PriceMeterLiveUpdate

====== C:\Users\alain ======

2014-04-10 06:57:19 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\alain\Desktop\RSITx64.exe

2014-04-09 08:40:10 -------- dc-h--w- C:\ProgramData\CanonIJMyPrinter

2014-04-09 08:37:52 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gebruikersregistratie voor Canon MG5500 series

2014-04-09 08:13:34 -------- dc-h--w- C:\ProgramData\CanonIJMIG

2014-04-07 08:24:11 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

2014-04-01 07:54:07 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-03-22 06:33:34 -------- dc----w- C:\ProgramData\AVG

====== C: exe-files ==

2014-04-11 06:04:54 E6AB3AED57555CB7942940597C0F90BE 126264 -c--a-w- C:\Users\alain\AppData\Local\Temp\TUUUninstallHelper.exe

2014-04-10 06:57:19 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\alain\Desktop\RSITx64.exe

2014-04-10 06:49:14 9A2347903D6EDB84C10F288BC0578C1C 388608 -c--a-w- C:\Program Files\trend micro\alain.exe

2014-04-10 06:48:58 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LD1L210\RSITx64.exe

2014-04-09 08:37:52 EA2DFB3E298DE43E77EC4E70C9B3B8BD 69712 -c----w- C:\Program Files (x86)\Canon\IJEREG\MG5500 series\IJRMF.exe

2014-04-09 08:37:52 57B2DC0F38E830D98C5D5323F0F3C262 72784 -c----w- C:\Program Files (x86)\Canon\IJEREG\MG5500 series\UNINST.EXE

2014-04-09 08:29:46 9FA2DA695795766CB2CF977DAB3D44D6 56424 -c----w- C:\Program Files\CanonBJ\IJPrinter\Canon MG5500 series\IJDIA6.exe

2014-04-09 08:11:54 204B2B393B0A41E394C08EE3285C4BD1 94344 -c--a-r- C:\Program Files (x86)\Canon\IJPLM\setup.exe

2014-04-09 08:11:17 0767866EC60D7505DEF5B27288022351 124496 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe

2014-04-09 08:11:15 DE4445CFBBFC40A407D7C0DC96A66691 94288 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\MAPI.exe

2014-04-09 08:11:15 1254E2F94611C48090EA705879818560 1112656 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe

2014-04-09 08:11:11 D692DF2EE9EAF76E45E391FB1EF71153 421032 -c-ha-w- C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe

2014-04-09 08:08:11 5F875FDDFFC4D7E91C2B10E895CC6F8C 354392 -c--a-r- C:\Users\alain\AppData\Local\Temp\uninstall.exe

2014-04-09 07:11:50 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-04-09 07:11:50 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-04-09 07:11:50 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-04-09 07:11:49 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-04-09 07:11:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-04-09 07:11:33 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-04-09 07:11:33 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-04-09 07:11:27 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-04-09 07:11:26 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-04-09 07:11:24 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-04-09 07:11:23 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-04-09 04:02:19 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2014-04-09 04:02:12 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2014-04-09 04:02:09 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2014-04-08 07:46:54 5D98C7A746137AE06D907D98E7882313 2163000 -c--a-w- C:\Users\alain\AppData\Local\Temp\UpdateWizard_25616\SilentUpdater.exe

2014-04-08 07:24:48 54D079901CD1BA5363085919304C1C2C 223264 -c--a-w- C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QX60JT6\FreeZipSetup-2zR274lz.exe

2014-04-08 07:14:10 09FD43536D7488FE5B2F99CCA8B80DFA 46908840 -c--a-w- C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OIN4CC3J\TuneUpUtilities2014_en-US.exe

2014-04-08 06:41:53 09FD43536D7488FE5B2F99CCA8B80DFA 46908840 -c--a-w- C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LD1L210\TuneUpUtilities2014_en-US.exe

2014-04-07 08:24:55 FFEAB08AE0C438B404D0CFD0D1C31F22 114376 -c--a-w- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe

2014-04-07 08:22:26 51A688A1FE54CDB1BB25DD5040F82FA6 17282640 -c--a-w- C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IYE6FI3T\aTubeCatcher.exe

2014-04-06 08:24:56 22385EE33688B10B61DA1D8CA9549E4B 120192 -c--a-w- C:\Users\alain\AppData\Local\Temp\clear.fiClient\cabarc.exe

=== C: other files ==

2014-04-09 04:02:34 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2014-04-09 04:02:34 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys

2014-04-09 04:02:34 96BB922A0981BC7432C8CF52B5410FE6 274880 -c--a-w- C:\Windows\System32\drivers\msiscsi.sys

2014-04-09 04:02:03 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2014-04-08 07:46:53 148126672BDB54DAA2C3088C307A7464 2568528 -c--a-w- C:\Users\alain\AppData\Local\Temp\UpdateWizard_25616\package_14.0.1001.380_to_14.0.1001.392.zip

2014-04-07 08:23:10 D6073A3FA57E22B82F13FCBAD71EDC92 1705 -c--a-w- C:\Users\alain\AppData\Local\Temp\oc_23D5\upgrade.zip

2014-04-04 18:34:29 A11B1B816B3452EA73970B3F53C73827 1033965 -c--a-w- C:\ProgramData\AVG2014\IDS\outbox\tmp_162a846a-f23a-47d2-9b00-6939b26c8628.zip

2014-04-04 17:25:28 8FF3C38C142ADD1AC13B98E18C092665 1017052 -c--a-w- C:\ProgramData\AVG2014\IDS\outbox\tmp_4a3ea14a-f224-47d2-9b27-6939b26c8628.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver "

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon "

"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE "

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver "

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe "

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"SkyDrive"="\"C:\\Users\\alain\\AppData\\Local\\Microsoft\\SkyDrive\\SkyDrive.exe\" /background"

"NTRedirect"="C:\\Windows\\SysWOW64\\rundll32.exe \"C:\\Users\\alain\\AppData\\Roaming\\BabSolution\\Shared\\enhancedNT.dll\",Run"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"vProt"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ArcadeMovieService"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dolby Advanced Audio v2"

"hkey"="HKLM"

"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EEventManager"

"hkey"="HKLM"

"command"="C:\\PROGRA~2\\EPSONS~1\\EVENTM~1\\EEventManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EgisTecPMMUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EgisUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON SX210 Series]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EPSON SX210 Series"

"hkey"="HKCU"

"command"="C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIFDE.EXE /FU \"C:\\Users\\alain\\AppData\\Local\\Temp\\E_S145B.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LManager"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileBroadband]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MobileBroadband"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Vodafone\\Vodafone Mobile Broadband\\Bin\\MobileBroadband.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVBg"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /FORPCEE4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="StartCCC"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SuiteTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="swg"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^alain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

"item"="Dropbox"

"path"="C:\\Users\\alain\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"

"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\Users\\alain\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EPSON_EB_RPCV4_01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EPSON_PM_RPCV4_01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VmbService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"MSC"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

==== Startup Folders ======================

2013-08-18 11:35:31 1053 -c-ha-w- C:\Users\alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a--c--- [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000Core.job --a--c--- C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/02/2013 14:13]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000UA.job --a--c--- C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/02/2013 14:13]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/10/2012 07:53]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/10/2012 07:53]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]

"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000Core" [C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000UA" [C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\alain\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\pricemeterdownloader" [C:\Users\alain\AppData\Local\PriceMeter\pricemeterd.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{97AA51C9-AC69-4524-B564-DB6C5E236309}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\{1137D312-D604-40E6-80D4-64945D0C9DCB}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{1E86B152-0279-4C4A-B3F7-BF4C47CCD9C2}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{37415A4E-3F55-412F-A600-E2EE497A832D}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{831227B2-235C-419D-A532-F99F94993806}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{8E2D9D37-81B1-438C-93A9-B73D30E01F35}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{AF454F46-4C32-4E2E-BCF4-563D25CB09BC}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE]

"C:\Windows\SysNative\tasks\{BAF2D979-D8DC-47F1-A257-4EAB52E461BF}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{CA4BF9A3-5B8D-473D-8610-5639D3C97E87}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE]

"C:\Windows\SysNative\tasks\{CADF8D62-B9C9-4A4D-A65D-35A3A9705C6E}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{CDDEFDED-A3AD-41AD-B8CC-3802F4328783}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{E7E3EE23-A1FA-496C-B7CF-DC47F484AFB9}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{E9764320-6B91-4284-B9B7-3184EBBE7639}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{EA946BB5-03C2-4352-8CD3-C37E263CBB05}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"discountfinder@moneymillionaire.com"="C:\ProgramData\Kortingzoeker\FFExtension20131010193222" [12/10/2013 16:05]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{e77d8ca6-3a60-4ae9-8461-53b22fa3125b}"="C:\Program Files (x86)\Re-markit\135.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\i4emk1mu.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\i4emk1mu.default

506C758195FD6F4F1594C0F1B1E32A15 - C:\ProgramData\Kortingzoeker\FFExtension20131010193222\plugins\npdf.dll - MoneyMillionaire plugin

4F26678A032868EA584431944FB2E6C7 - C:\Users\alain\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll - Microsoft Office 2013

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\alain\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bebnnlollpcjnfpkafhoclljaojgnfok - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]

dcpfhaghaadpjpgocojgnlhjcieeooel - C:\Program Files (x86)\Re-markit\135.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Bing"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Bing"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{20711F84-BDC0-4ABF-84DA-B974A90FDD74}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{20711F84-BDC0-4ABF-84DA-B974A90FDD74} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\mozilla\Firefox\Extensions\{e77d8ca6-3a60-4ae9-8461-53b22fa3125b} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF4A5F14-7108-05E7-076F-1458E406D2E6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\i4emk1mu.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1109 folders=241 161090291 bytes)

==== Empty Temp Folders ======================

C:\Users\alain\AppData\Local\Temp will be emptied at reboot

C:\Users\Cody\AppData\Local\Temp emptied successfully

C:\Users\Gast\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\alain\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\AVG Secure Search" not found

"C:\PROGRA~2\AVG Secure Search" not found

==== EOF on vr 11/04/2014 at 8:45:55,93 ======================

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Users\alain\AppData\Locallow\EmieUserList;fs
 C:\Users\alain\AppData\Local\EmieUserList;fs
 C:\Users\alain\AppData\Local\EmieSiteList;fs
 C:\Users\alain\AppData\Locallow\EmieSiteList;fs
 C:\Users\alain\AppData\Local\PriceMeterLiveUpdate;fs
 C:\\Users\\alain\\AppData\\Roaming\\BabSolution;fs
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-];r64
"NTRedirect"=-;r64
 C:\Windows\SysNative\tasks\0;fs
 C:\Windows\SysNative\tasks\pricemeterdownloader;fs
 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions];r64
 "{e77d8ca6-3a60-4ae9-8461-53b22fa3125b}"=-;r64
  emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by alain on za 12/04/2014 at 7:25:12,17.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\alain\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-04-11-064555.log 47220 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"NTRedirect"=-

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{e77d8ca6-3a60-4ae9-8461-53b22fa3125b}"=-

==== Deleting Files \ Folders ======================

C:\\Users\\alain\\AppData\\Roaming\\BabSolution not found

C:\Users\alain\AppData\Locallow\EmieUserList deleted

C:\Users\alain\AppData\Local\EmieUserList deleted

C:\Users\alain\AppData\Local\EmieSiteList deleted

C:\Users\alain\AppData\Locallow\EmieSiteList deleted

C:\Users\alain\AppData\Local\PriceMeterLiveUpdate deleted

C:\Windows\SysNative\tasks\0 deleted

C:\Windows\SysNative\tasks\pricemeterdownloader deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-04-07 09:13:32 50625CF1B2D2860E4BA7F96E15370A9A 457073076 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\alain\AppData\Local\Temp ====

2014-04-11 06:45:34 22385EE33688B10B61DA1D8CA9549E4B 120192 -c--a-w- C:\Users\alain\AppData\Local\Temp\clear.fiClient\cabarc.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-04-09 07:11:57 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-04-09 07:11:53 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-04-09 07:11:44 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-04-09 07:11:36 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-04-09 07:11:35 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-04-09 07:11:35 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-04-09 07:11:35 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-04-09 07:11:34 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-04-09 07:11:33 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-04-09 07:11:33 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-04-09 07:11:32 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-04-09 07:11:32 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-04-09 07:11:28 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-04-09 07:11:28 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-04-09 07:11:28 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-04-09 07:11:25 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-04-09 07:11:24 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-04-09 07:11:24 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-04-09 07:11:23 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-04-09 07:11:21 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-04-09 07:11:20 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-04-09 07:11:18 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-04-09 04:02:23 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2014-04-09 04:02:19 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2014-04-09 04:02:16 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2014-04-09 04:02:13 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2014-04-09 04:02:12 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2014-04-09 04:02:09 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2014-04-08 07:48:29 C33CA1A7B95318D945F96A794E3C0DE7 25400 -c--a-w- C:\Windows\SysWOW64\authuitu.dll

2014-04-08 07:48:19 A0265D720F0F4B0496A2D679D64C2E83 35640 -c--a-w- C:\Windows\SysWOW64\uxtuneup.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-04-09 07:11:58 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-04-09 07:11:53 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-04-09 07:11:45 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-04-09 07:11:41 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-04-09 07:11:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-04-09 07:11:40 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-04-09 07:11:40 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-04-09 07:11:37 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-04-09 07:11:36 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-04-09 07:11:36 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-04-09 07:11:35 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-04-09 07:11:35 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-04-09 07:11:34 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-04-09 07:11:33 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-04-09 07:11:32 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-04-09 07:11:31 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-04-09 07:11:28 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-04-09 07:11:28 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-04-09 07:11:27 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-04-09 07:11:26 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-04-09 07:11:25 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-04-09 07:11:24 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-04-09 07:11:24 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-04-09 07:11:22 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-04-09 07:11:22 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-04-09 07:11:19 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-04-09 04:02:26 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll

2014-04-09 04:02:24 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2014-04-09 04:02:22 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2014-04-09 04:02:16 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2014-04-09 04:02:15 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2014-04-08 07:48:29 8BAC9B63A6F3864F5F973729014F6D7F 29496 -c--a-w- C:\Windows\Sysnative\authuitu.dll

2014-04-08 07:48:20 153C65961B92D0FF804644533E7F1100 42808 -c--a-w- C:\Windows\Sysnative\uxtuneup.dll

====== C:\Windows\Sysnative\drivers =====

2014-04-09 04:02:34 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys

2014-04-09 04:02:34 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys

2014-04-09 04:02:34 96BB922A0981BC7432C8CF52B5410FE6 274880 -c--a-w- C:\Windows\Sysnative\drivers\msiscsi.sys

2014-04-09 04:02:03 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

====== C:\Windows\Tasks ======

2014-03-21 17:11:32 772096B1533565D97B73C65131B7AA23 3694 -c--a-w- C:\Windows\Sysnative\Tasks\Adobe online update program

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-04-10 06:49:14 -------- dc----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-04-08 07:23:12 -------- dc----w- C:\PROGRA~2\TuneUp Utilities 2014

======= C: =====

====== C:\Users\alain\AppData\Roaming ======

2014-04-11 06:40:44 -------- dc----w- C:\Users\Gast\AppData\Local\Temp

2014-04-11 06:40:44 -------- dc----w- C:\Users\Cody\AppData\Local\Temp

2014-04-11 06:40:44 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-04-11 06:40:44 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-04-11 06:40:43 -------- dc----w- C:\Users\alain\AppData\Local\Temp

2014-04-08 07:24:18 -------- dc----w- C:\Users\alain\AppData\Local\TuneUp Software

2014-03-27 15:14:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVG

2014-03-26 11:01:09 -------- dc----w- C:\Users\alain\AppData\Local\AVG

2014-03-23 06:38:56 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG

2014-03-22 06:37:19 -------- dc----w- C:\Users\alain\AppData\Roaming\AVG

====== C:\Users\alain ======

2014-04-10 06:57:19 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\alain\Desktop\RSITx64.exe

2014-04-09 08:40:10 -------- dc-h--w- C:\ProgramData\CanonIJMyPrinter

2014-04-09 08:37:52 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gebruikersregistratie voor Canon MG5500 series

2014-04-09 08:13:34 -------- dc-h--w- C:\ProgramData\CanonIJMIG

2014-04-07 08:24:11 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

2014-04-01 07:54:07 -------- dc----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-03-22 06:33:34 -------- dc----w- C:\ProgramData\AVG

====== C: exe-files ==

2014-04-11 06:45:34 22385EE33688B10B61DA1D8CA9549E4B 120192 -c--a-w- C:\Users\alain\AppData\Local\Temp\clear.fiClient\cabarc.exe

2014-04-10 06:57:19 662C39FC1E27131551D557862CEC47F0 935175 -c--a-w- C:\Users\alain\Desktop\RSITx64.exe

2014-04-10 06:49:14 9A2347903D6EDB84C10F288BC0578C1C 388608 -c--a-w- C:\Program Files\trend micro\alain.exe

2014-04-09 08:37:52 EA2DFB3E298DE43E77EC4E70C9B3B8BD 69712 -c----w- C:\Program Files (x86)\Canon\IJEREG\MG5500 series\IJRMF.exe

2014-04-09 08:37:52 57B2DC0F38E830D98C5D5323F0F3C262 72784 -c----w- C:\Program Files (x86)\Canon\IJEREG\MG5500 series\UNINST.EXE

2014-04-09 08:29:46 9FA2DA695795766CB2CF977DAB3D44D6 56424 -c----w- C:\Program Files\CanonBJ\IJPrinter\Canon MG5500 series\IJDIA6.exe

2014-04-09 08:11:54 204B2B393B0A41E394C08EE3285C4BD1 94344 -c--a-r- C:\Program Files (x86)\Canon\IJPLM\setup.exe

2014-04-09 08:11:17 0767866EC60D7505DEF5B27288022351 124496 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe

2014-04-09 08:11:15 DE4445CFBBFC40A407D7C0DC96A66691 94288 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\MAPI.exe

2014-04-09 08:11:15 1254E2F94611C48090EA705879818560 1112656 -c--a-w- C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe

2014-04-09 08:11:11 D692DF2EE9EAF76E45E391FB1EF71153 421032 -c-ha-w- C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe

2014-04-09 07:11:50 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-04-09 07:11:50 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-04-09 07:11:50 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-04-09 07:11:49 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-04-09 07:11:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-04-09 07:11:33 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-04-09 07:11:33 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-04-09 07:11:27 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-04-09 07:11:26 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-04-09 07:11:24 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-04-09 07:11:23 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-04-09 04:02:19 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2014-04-09 04:02:12 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2014-04-09 04:02:09 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2014-04-07 08:24:55 FFEAB08AE0C438B404D0CFD0D1C31F22 114376 -c--a-w- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe

=== C: other files ==

2014-04-09 04:02:34 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2014-04-09 04:02:34 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys

2014-04-09 04:02:34 96BB922A0981BC7432C8CF52B5410FE6 274880 -c--a-w- C:\Windows\System32\drivers\msiscsi.sys

2014-04-09 04:02:03 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3241781761-3953431157-4087400376-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver "

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon "

"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE "

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver "

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe "

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"SkyDrive"="\"C:\\Users\\alain\\AppData\\Local\\Microsoft\\SkyDrive\\SkyDrive.exe\" /background"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"vProt"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ArcadeMovieService"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dolby Advanced Audio v2"

"hkey"="HKLM"

"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EEventManager"

"hkey"="HKLM"

"command"="C:\\PROGRA~2\\EPSONS~1\\EVENTM~1\\EEventManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EgisTecPMMUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EgisUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON SX210 Series]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EPSON SX210 Series"

"hkey"="HKCU"

"command"="C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIFDE.EXE /FU \"C:\\Users\\alain\\AppData\\Local\\Temp\\E_S145B.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LManager"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVBg"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /FORPCEE4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="StartCCC"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SuiteTray"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="swg"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^alain^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]

"item"="Dropbox"

"path"="C:\\Users\\alain\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"

"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\Users\\alain\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EPSON_EB_RPCV4_01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EPSON_PM_RPCV4_01]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VmbService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"MSC"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

==== Startup Folders ======================

2013-08-18 11:35:31 1053 -c-ha-w- C:\Users\alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a--c--- [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000Core.job --a--c--- C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/02/2013 14:13]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000UA.job --a--c--- C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/02/2013 14:13]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/10/2012 07:53]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/10/2012 07:53]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]

"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000Core" [C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3241781761-3953431157-4087400376-1000UA" [C:\Users\alain\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\alain\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{97AA51C9-AC69-4524-B564-DB6C5E236309}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\{1137D312-D604-40E6-80D4-64945D0C9DCB}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{1E86B152-0279-4C4A-B3F7-BF4C47CCD9C2}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{37415A4E-3F55-412F-A600-E2EE497A832D}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{831227B2-235C-419D-A532-F99F94993806}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{8E2D9D37-81B1-438C-93A9-B73D30E01F35}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{AF454F46-4C32-4E2E-BCF4-563D25CB09BC}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE]

"C:\Windows\SysNative\tasks\{BAF2D979-D8DC-47F1-A257-4EAB52E461BF}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{CA4BF9A3-5B8D-473D-8610-5639D3C97E87}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE]

"C:\Windows\SysNative\tasks\{CADF8D62-B9C9-4A4D-A65D-35A3A9705C6E}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\{CDDEFDED-A3AD-41AD-B8CC-3802F4328783}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{E7E3EE23-A1FA-496C-B7CF-DC47F484AFB9}" [C:\Program Files (x86)\Mobistar Internet Everywhere\Mobistar Internet Everywhere.exe]

"C:\Windows\SysNative\tasks\{E9764320-6B91-4284-B9B7-3184EBBE7639}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]

"C:\Windows\SysNative\tasks\{EA946BB5-03C2-4352-8CD3-C37E263CBB05}" [D:\AUTORUN.EXE]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"discountfinder@moneymillionaire.com"="C:\ProgramData\Kortingzoeker\FFExtension20131010193222" [12/10/2013 16:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\i4emk1mu.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\i4emk1mu.default

506C758195FD6F4F1594C0F1B1E32A15 - C:\ProgramData\Kortingzoeker\FFExtension20131010193222\plugins\npdf.dll - MoneyMillionaire plugin

4F26678A032868EA584431944FB2E6C7 - C:\Users\alain\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll - Microsoft Office 2013

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\alain\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Bing"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Bing"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{20711F84-BDC0-4ABF-84DA-B974A90FDD74}"

{20711F84-BDC0-4ABF-84DA-B974A90FDD74} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cody\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\alain\AppData\Local\Mozilla\Firefox\Profiles\i4emk1mu.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1115 folders=247 161097456 bytes)

==== Empty Temp Folders ======================

C:\Users\alain\AppData\Local\Temp will be emptied at reboot

C:\Users\Cody\AppData\Local\Temp emptied successfully

C:\Users\Gast\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\alain\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 12/04/2014 at 8:10:18,79 ======================

Link naar reactie
Delen op andere sites

Flink wat rotzooi opgeruimd ... doe nu nog eerst even dit:

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

# AdwCleaner v3.023 - Report created 12/04/2014 at 10:09:41

# Updated 01/04/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : alain - ALAIN-PC

# Running from : C:\Users\alain\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

File Deleted : C:\Users\alain\AppData\Roaming\Mozilla\Firefox\Profiles\slx6c20e.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [discountfinder@moneymillionaire.com]

Key Deleted : HKCU\Software\Classes\pokki

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com

Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer

Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Installer.1

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_duplicate-cleaner_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_duplicate-cleaner_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_noclone-free_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_noclone-free_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\ExpressFiles

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\lollipop

Key Deleted : HKCU\Software\Myfree Codec

Key Deleted : HKCU\Software\Optimizer Pro

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\PrivitizeVPNInstallDates

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKCU\Software\VideoDownloadConverter_4z

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z

Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\ExpressFiles

Key Deleted : HKLM\Software\Myfree Codec

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\Software\VideoDownloadConverter

Key Deleted : HKLM\Software\VideoDownloadConverter_4z

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [15703 octets] - [12/04/2014 10:08:10]

AdwCleaner[s0].txt - [15130 octets] - [12/04/2014 10:09:41]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [15191 octets] ##########

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.