Foutcode 80070005 en slechte configuratie.

Hallo, dag en vrolijke pasen aan allen.

Sedert enkele dagen krijg ik, na het afsluiten van de laptop, een update van 2 . Daarna sluit de pc af.

Bij de volgende opstart worden deze 2 geconfigureert maar to 30% en dan krijg ik "FOUT BIJ CONFIGURATE? SLUIT DE PC NIET AF".

Hij probeert nogmaals , zonder succes den ik, en geeft dan toegang met "WELKOM" en kan ik werken.

De fotcode is 80070005 (zie bijlage)

Deze fout komt ook voor bij andere mensen verneem ik.

Hoe te verhelpen ?

Graag hulpje aub.

M.vr.gr.

Jean Paul

Zie hier: Fout 0x80070005 in Windows Update wanneer u updates probeert te installeren

Dus 2 mogelijkheden:

1) om deze updates te kunnen installeren moet je gebruiker als Administrator gedefinieerd zijn

als je wel bent ingelogd met die rechten, dan:

2) je zou Malware op de PC kunnen hebben staan.

Je zou Malwarebytes Antimalware Free kunnen installeren: https://www.malwarebytes.org/ (klik op: "Free version download") en uitvoeren

Elders op het forum wordt Malware uitgebreid behandeld.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .
  

RSIT Logbestanden plaatsen

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Bekijk ook de instructievideo.

Hallo, hierbij de LOG.

Hopelijk in orde zo

gr.

jean Paul

Logfile of random's system information tool 1.09 (written by random/random)

Run by Pc at 2014-04-20 20:43:52

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 381 GB (62%) free of 610 GB

Total RAM: 6092 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:44:00, on 20/04/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16545)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\trend micro\Pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: CrossriderApp0051108 - {11111111-1111-1111-1111-110511111108} - C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bho.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs:

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 10449 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 24359920

\??\C:\Windows\system32\conhost.exe "19714323531299392491-2144050676-26699466817636848161219571610111600597795355967

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\diMaster.dll" /prefetch:1

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Fighters\FighterSuiteService.exe"

"C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe"

"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"

"C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe" -monitor 488

C:\Windows\system32\valWBFPolicyService.exe

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 2608

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"taskhost.exe"

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe" /c /a /s UserSession

"C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe" /c /a /s UserSession2

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash

C:\Windows\splwow64.exe 12288

"C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe"

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\x64\LiveKitLoader64.exe" 4128

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Settings Manager\systemk\systemku.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"

"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"

"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4612 CREDAT:145409

"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4612 CREDAT:145410

"C:\Users\Pc\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Plus-HD-8.1-codedownloader.job

C:\Windows\tasks\Plus-HD-8.1-enabler.job

C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job

C:\Windows\tasks\Plus-HD-8.1-updater.job

C:\Windows\tasks\Plus-HD-8.1-validator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411160}]

BobyLyrics-16 - C:\Program Files (x86)\BobyLyrics-16\BobyLyrics-16-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}]

Plus-HD-4.9 - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]

Plus-HD-8.1 - C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bho64.dll [2014-02-28 673792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll [2014-03-11 916320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-17 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll [2014-03-11 916320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-17 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]

Plus-HD-8.1 - C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bho.dll [2014-02-28 501760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll [2014-03-11 654176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL [2014-02-21 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll [2014-03-11 916320]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll [2014-03-11 916320]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll [2014-03-11 654176]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"=C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [2011-05-03 487424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]

C:\Windows\System32\browserchoice.exe [2010-02-23 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\Windows\system32\hkcmd.exe [2013-11-07 399832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

C:\Windows\system32\igfxtray.exe [2013-11-07 171992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\Windows\system32\igfxpers.exe [2013-11-07 442328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"CommonToolkitTray"=C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [2013-11-20 1681952]

"sfagent"=C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [2014-01-24 1069600]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-18 113288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-20 20:43:52 ----D---- C:\rsit

2014-04-20 20:43:52 ----D---- C:\Program Files\trend micro

2014-04-17 11:26:03 ----D---- C:\Users\Pc\AppData\Roaming\F-Secure

2014-04-17 11:26:03 ----D---- C:\ProgramData\F-Secure

2014-04-15 22:24:26 ----A---- C:\Windows\SYSWOW64\msvcr71.dll

2014-04-15 22:24:26 ----A---- C:\Windows\SYSWOW64\mfc71.dll

2014-04-15 22:24:26 ----A---- C:\Windows\SYSWOW64\gdiplus.dll

2014-04-15 22:20:36 ----D---- C:\Program Files (x86)\FrostWire 5

2014-04-13 14:18:25 ----D---- C:\Users\Pc\AppData\Roaming\Google

2014-04-13 14:17:29 ----D---- C:\Program Files\Google

2014-04-13 14:17:04 ----D---- C:\ProgramData\Google

2014-04-12 09:07:09 ----D---- C:\Users\Pc\AppData\Roaming\OpenCandy

2014-04-10 17:29:20 ----A---- C:\Windows\system32\kernel32.dll

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\wow32.dll

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\user.exe

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\setup16.exe

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2014-04-10 17:29:19 ----A---- C:\Windows\SYSWOW64\instnm.exe

2014-04-10 17:29:19 ----A---- C:\Windows\system32\wow64win.dll

2014-04-10 17:29:19 ----A---- C:\Windows\system32\wow64cpu.dll

2014-04-10 17:29:19 ----A---- C:\Windows\system32\wow64.dll

2014-04-10 17:29:19 ----A---- C:\Windows\system32\ntvdm64.dll

2014-04-10 17:29:17 ----A---- C:\Windows\system32\drivers\ntfs.sys

2014-04-10 17:22:49 ----A---- C:\Windows\system32\mshtmled.dll

2014-04-10 17:22:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-04-10 17:22:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-04-10 17:22:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-04-10 17:22:45 ----A---- C:\Windows\system32\iertutil.dll

2014-04-10 17:22:44 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-04-10 17:22:42 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-04-10 17:22:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-04-10 17:22:42 ----A---- C:\Windows\system32\wininet.dll

2014-04-10 17:22:42 ----A---- C:\Windows\system32\ieUnatt.exe

2014-04-10 17:22:42 ----A---- C:\Windows\system32\ieui.dll

2014-04-10 17:22:41 ----A---- C:\Windows\SYSWOW64\url.dll

2014-04-10 17:22:41 ----A---- C:\Windows\system32\url.dll

2014-04-10 17:22:40 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-04-10 17:22:40 ----A---- C:\Windows\system32\msfeeds.dll

2014-04-10 17:22:40 ----A---- C:\Windows\system32\jsproxy.dll

2014-04-10 17:22:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-04-10 17:22:39 ----A---- C:\Windows\system32\urlmon.dll

2014-04-10 17:22:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-04-10 17:22:38 ----A---- C:\Windows\SYSWOW64\jscript.dll

2014-04-10 17:22:38 ----A---- C:\Windows\system32\jscript9.dll

2014-04-10 17:22:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-04-10 17:22:37 ----A---- C:\Windows\system32\vbscript.dll

2014-04-10 17:22:37 ----A---- C:\Windows\system32\jscript.dll

2014-04-10 17:22:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-04-10 17:22:34 ----A---- C:\Windows\system32\mshtml.dll

2014-04-10 17:22:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-04-10 17:22:33 ----A---- C:\Windows\system32\ieframe.dll

2014-04-09 22:09:07 ----D---- C:\ProgramData\systemk

2014-03-28 10:11:41 ----RA---- C:\Windows\system32\drivers\BVRPMPR5a64.SYS

2014-03-28 10:10:52 ----D---- C:\Netgear

2014-03-25 17:46:32 ----RD---- C:\Program Files (x86)\Skype

2014-03-23 21:17:19 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 1 month======

2014-04-20 20:44:00 ----D---- C:\Windows\Prefetch

2014-04-20 20:43:52 ----RD---- C:\Program Files

2014-04-20 20:41:47 ----D---- C:\Windows\Temp

2014-04-20 20:21:12 ----D---- C:\Windows\system32\config

2014-04-20 20:11:13 ----D---- C:\Windows\System32

2014-04-20 20:11:13 ----D---- C:\Windows\inf

2014-04-20 20:11:13 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-04-20 20:08:34 ----SHD---- C:\System Volume Information

2014-04-20 20:05:32 ----D---- C:\Windows\winsxs

2014-04-20 20:05:27 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-04-20 20:05:27 ----D---- C:\Windows\SysWOW64

2014-04-20 20:05:27 ----D---- C:\Windows\system32\nl-NL

2014-04-20 20:05:27 ----D---- C:\Windows\system32\drivers

2014-04-20 20:05:25 ----D---- C:\Windows\system32\DriverStore

2014-04-20 12:38:00 ----D---- C:\Windows\system32\wbem

2014-04-20 12:38:00 ----D---- C:\Windows

2014-04-20 12:37:14 ----D---- C:\ProgramData\Norton

2014-04-20 12:37:08 ----D---- C:\Windows\system32\catroot2

2014-04-20 12:37:07 ----HD---- C:\Windows\system32\WLANProfiles

2014-04-20 12:37:07 ----D---- C:\Windows\Tasks

2014-04-20 12:37:07 ----D---- C:\Windows\registration

2014-04-20 12:12:11 ----SHD---- C:\Windows\Installer

2014-04-20 12:12:10 ----D---- C:\Windows\system32\catroot

2014-04-20 12:09:20 ----D---- C:\swsetup

2014-04-19 12:57:53 ----D---- C:\Users\Pc\AppData\Roaming\Skype

2014-04-18 22:42:47 ----D---- C:\Users\Pc\AppData\Roaming\vlc

2014-04-18 20:56:13 ----D---- C:\Users\Pc\AppData\Roaming\SoftGrid Client

2014-04-18 17:48:44 ----D---- C:\Windows\system32\NDF

2014-04-17 11:32:51 ----RD---- C:\Program Files (x86)

2014-04-17 11:26:03 ----HD---- C:\ProgramData

2014-04-17 10:03:22 ----D---- C:\Windows\AppPatch

2014-04-17 10:03:20 ----D---- C:\Windows\system32\CodeIntegrity

2014-04-15 11:08:55 ----D---- C:\Windows\SYSWOW64\Macromed

2014-04-15 11:08:55 ----D---- C:\Windows\system32\Tasks

2014-04-15 11:08:55 ----D---- C:\Windows\system32\Macromed

2014-04-15 11:08:55 ----D---- C:\Windows\system32\drivers\etc

2014-04-14 23:12:27 ----D---- C:\Windows\servicing

2014-04-14 23:12:27 ----D---- C:\Windows\AppCompat

2014-04-13 14:17:29 ----D---- C:\Program Files (x86)\Google

2014-04-13 14:16:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-04-12 20:59:37 ----D---- C:\Program Files\Internet Explorer

2014-04-12 20:59:37 ----D---- C:\Program Files\Common Files\Microsoft Shared

2014-04-12 20:59:37 ----D---- C:\Program Files (x86)\Internet Explorer

2014-04-12 20:59:21 ----D---- C:\Windows\system32\migration

2014-04-12 20:59:21 ----D---- C:\Users\Pc\AppData\Roaming\BitTorrent

2014-04-12 20:59:20 ----D---- C:\Windows\SYSWOW64\migration

2014-04-10 22:26:21 ----D---- C:\Windows\system32\MRT

2014-04-10 22:26:14 ----A---- C:\Windows\system32\MRT.exe

2014-04-10 17:52:42 ----D---- C:\Windows\system32\wfp

2014-04-08 23:14:12 ----D---- C:\Windows\system32\drivers\NISx64

2014-04-08 23:12:23 ----RHD---- C:\MSOCache

2014-04-08 23:12:23 ----D---- C:\FAVORIETEN

2014-03-25 17:46:50 ----D---- C:\ProgramData\Skype

2014-03-25 17:46:32 ----D---- C:\Program Files (x86)\Common Files

2014-03-23 21:17:38 ----D---- C:\Windows\system32\drivers\NSTx64

2014-03-23 21:13:24 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1502000.026\SYMDS64.SYS [2013-09-10 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1502000.026\SYMEFA64.SYS [2014-03-04 1148120]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [2014-03-19 1525976]

R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [2013-09-26 162392]

R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [2013-09-27 162392]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-01-20 484952]

R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [2014-04-08 36240]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvia64.sys [2014-04-08 525016]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [2013-09-10 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [2013-09-27 264280]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [2014-02-18 593112]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-01-20 137648]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140419.009\ENG64.SYS [2014-04-10 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140419.009\EX64.SYS [2014-04-10 2099288]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-02-20 11471872]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-11 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-11 181248]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys [2013-06-26 768680]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirwin7.sys [2013-06-26 29352]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys [2013-06-26 23208]

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [2014-02-13 875736]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-01-25 177752]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS [2010-04-12 35840]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-10-16 42184]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]

R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]

R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [2014-03-11 130104]

R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [2014-03-12 276376]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [2014-01-24 216608]

R2 Suite Service;Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2013-12-16 1282592]

R2 SystemkService;Systemk Service; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [2014-04-08 3543056]

R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]

R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-30 35328]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-13 257712]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 116648]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2011-04-05 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2011-04-05 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-17 1255736]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.;-)

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

emptyclsid;
{11111111-1111-1111-1111-110511111108};c
{11111111-1111-1111-1111-110411411160};c
{11111111-1111-1111-1111-110411591118};c
{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47};c
C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bho.dll;f
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job;f
C:\Windows\tasks\Plus-HD-8.1-enabler.job;f
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job;f
C:\Windows\tasks\Plus-HD-8.1-updater.job;f
C:\Windows\tasks\Plus-HD-8.1-validator.job;f
C:\Users\Pc\AppData\Roaming\F-Secure:fs
C:\ProgramData\F-Secure;fs
C:\Users\Pc\AppData\Roaming\OpenCandy;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411160}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}];r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"mobilegeni daemon"=-;r64
chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Installed Programs
  
  
• HijackThis Log
  
  
• Running Processes
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Ma 21/4/2014 14.38

Hierbij de nieuwe log van zoek.exe

was dit het goede gedoe ?

grtn. Jean paul

Zoek.exe v5.0.0.0 Updated 14-April-2014

Tool run by Pc on ma 21/04/2014 at 14:18:09,19.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Pc\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe

C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe

C:\Windows\system32\valWBFPolicyService.exe

C:\Program Files (x86)\Settings Manager\systemk\systemku.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Users\Pc\Desktop\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== System Restore Info ======================

21/04/2014 14:21:03 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Movies Toolbar deleted successfully

C:\Program Files\Level Quality Watcher deleted successfully

C:\Program Files\Symantec deleted successfully

C:\PROGRA~3\Browser Manager deleted successfully

C:\PROGRA~3\BrowserProtect deleted successfully

C:\PROGRA~3\PCSettings deleted successfully

C:\Users\Pc\AppData\Roaming\TP deleted successfully

C:\Users\Pc\AppData\Local\F-Secure deleted successfully

C:\Users\Pc\AppData\Local\genienext deleted successfully

C:\Users\Pc\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411160} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411411160} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411591118} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411591118} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411411160} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411160} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411591118} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe AIR

Adobe Flash Player 13 ActiveX

Adobe Reader XI (11.0.06) - Nederlands

Adobe Shockwave Player 12.0

Broadcom 802.11 Wireless LAN Adapter

Compatibiliteitspakket voor het 2007 Microsoft Office system

CutePDF Writer 3.0

D3DX10

FrostWire 5.7.2

Gadwin PrintScreen

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Google+ Auto Backup

HP Support Solutions Framework

Intel PROSet Wireless

Intel® Processor Graphics

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel© PROSet/Wireless WiFi Software

Java 7 Update 51

Java 7 Update 51 (64-bit)

Java Auto Updater

Junk Mail filter update

Level Quality Watcher

Microsoft-invoegtoepassing Opslaan als PDF voor 2007 Microsoft Office-programma's

Microsoft .NET Framework 4.5.1

Microsoft .NET Framework 4.5.1 (Nederlands)

Microsoft .NET Framework 4.5.1 (NLD)

Microsoft Application Error Reporting

Microsoft Office Click-to-Run 2010

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Starter 2010 - English

Microsoft PowerPoint Viewer

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

Norton Identity Safe

Norton Internet Security

Photo Common

Plus-HD-8.1

Realtek Ethernet Controller Driver

Renesas Electronics USB 3.0 Host Controller Driver

Search Protect

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Settings Manager

SkypeT 6.14

Synaptics TouchPad Driver

TeamViewer 9

VLC media player 2.1.3

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 5.01 (64-bit)

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411160}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\F-Secure deleted

C:\Users\Pc\AppData\Roaming\OpenCandy deleted

C:\Users\Pc\daemonprocess.txt deleted

C:\Users\Pc\.android deleted

C:\PROGRA~2\Mobogenie deleted

C:\PROGRA~2\SearchProtect deleted

C:\PROGRA~2\Plus-HD-8.1 deleted

C:\Users\Pc\AppData\Roaming\BabSolution deleted

C:\PROGRA~3\APN deleted

C:\PROGRA~3\Wincert deleted

C:\Users\Pc\AppData\Local\iLivid deleted

C:\Users\Pc\AppData\Local\SearchProtect deleted

C:\Users\Pc\AppData\Local\Mobogenie deleted

C:\Users\Pc\AppData\Local\cache deleted

C:\Users\Pc\Downloads\SoftonicDownloader_voor_frostwire.exe deleted

C:\Users\Pc\AppData\LocalLow\Plus-HD-4.9 deleted

C:\Users\Pc\AppData\LocalLow\ilividmoviestoolbar181 deleted

C:\Users\Pc\AppData\LocalLow\DataMngr deleted

C:\Windows\tasks\Plus-HD-8.1-codedownloader.job deleted

C:\Windows\tasks\Plus-HD-8.1-enabler.job deleted

C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job deleted

C:\Windows\tasks\Plus-HD-8.1-updater.job deleted

C:\Windows\tasks\Plus-HD-8.1-validator.job deleted

C:\windows\SysNative\tasks\Plus-HD-8.1-codedownloader deleted

C:\windows\SysNative\tasks\Plus-HD-8.1-enabler deleted

C:\windows\SysNative\tasks\Plus-HD-8.1-firefoxinstaller deleted

C:\windows\SysNative\tasks\Plus-HD-8.1-updater deleted

C:\windows\SysNative\tasks\Plus-HD-8.1-validator deleted

C:\Windows\Syswow64\SearchProtect deleted

C:\Users\Pc\Documents\Optimizer Pro deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 6092 MB

CPU Info: Intel® Core i7-2670QM CPU @ 2.20GHz

CPU Speed: 2240,5 MHz

Sound Card: Luidsprekers (High Definition A |

Display Adapters: Intel® HD Graphics 3000 | Intel® HD Graphics 3000 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Realtek PCIe GBE Family Controller | Intel® Centrino® Wireless-N 1030 | Bluetooth-apparaat (Personal Area Network)

CD / DVD Drives: 1x (D: | ) D: hp CDDVDW TS-L633R

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 596,1GB | Q: 0,0MB

Hard Disks - Free: C: 372,6GB | Q: 0,0MB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 10/23/12 | HPQOEM - 1

Time Zone: Romance (standaardtijd)

Motherboard *: Hewlett-Packard 1800

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)

Anti-Spyware: Norton Internet Security disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Firewall: Norton Internet Security disabled

Default Browser: Google Chrome 34.0.1847.116

Internet Explorer Version: 9.0.8112.16421

Google Chrome version: 34.0.1847.116

Adobe Reader version: 11.0.06.70

Sun Java version: 1.7.0_51 (32-bit)

Sun Java version: 1.7.0_51 (64-bit)

Shockwave Player version: 12.0.7r148

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-03-23 19:17:12 E89063608C5060B2042D38733B4D4D79 543584200 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Pc\AppData\Local\Temp ====

2014-04-12 07:09:17 7A340105C476CDA5A915F68ED453E37F 6956536 ----a-w- C:\Users\Pc\AppData\Local\Temp\setup.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-04-15 20:24:26 D0AAAE16BA162DD89D646887F1539855 1700352 ----a-w- C:\Windows\SysWOW64\gdiplus.dll

2014-04-15 20:24:26 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Windows\SysWOW64\msvcr71.dll

2014-04-15 20:24:26 1FD3F9722119BDF7B8CFF0ECD1E84EA6 1060864 ----a-w- C:\Windows\SysWOW64\mfc71.dll

2014-04-10 15:29:19 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2014-04-10 15:29:19 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2014-04-10 15:29:19 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2014-04-10 15:29:19 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2014-04-10 15:29:19 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2014-04-10 15:29:19 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2014-04-10 15:22:49 BC63D80B6810238266D4334A80783D60 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-04-10 15:22:48 AC65D9692CA56D8581F75FCFE0C0C4D6 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-04-10 15:22:47 447C9FADAC167AA7031328C11464C7D0 421376 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-04-10 15:22:45 46F8078ED1D499BF8149B7FDF915E5D5 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-04-10 15:22:44 D20FBD7E03F24A2720EAD746EADEE5A2 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-04-10 15:22:42 62077F806BC59CBD5A404338D710D133 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-04-10 15:22:42 48CB5C9B0942011010F5504F056FBF4E 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-04-10 15:22:41 077B7BE0796C9DA2E8C45F90496CFE36 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2014-04-10 15:22:40 DCEBA94B909C218BA2E471AEB9913E1C 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-04-10 15:22:39 8229FB32D999CDD1DFA731E8E2E510A4 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-04-10 15:22:39 25B97E6F25AFDA7EA0C9BF3CB137B4D8 1105408 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-04-10 15:22:38 E8E0342BC443D013E8806EE1B69C1FC7 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-04-10 15:22:38 6D4BC1F977EDF186A8C68152BFB43769 1806848 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-04-10 15:22:37 4C43E955E8F782E722659364341E0529 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-04-10 15:22:34 10D0FA4F2A6ADBEEA0FFF10583CC5407 12347904 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-04-10 15:22:33 D15B8C3BD0F2F6F520A10D5CFCE68879 9739264 ----a-w- C:\Windows\SysWOW64\ieframe.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-04-10 15:29:20 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll

2014-04-10 15:29:19 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2014-04-10 15:29:19 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2014-04-10 15:29:19 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2014-04-10 15:29:19 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2014-04-10 15:22:49 A259D58B8DFAFD3BFD17CF3F766E48E2 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-04-10 15:22:49 15CA3C94585FBFB3C24C58467823E348 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-04-10 15:22:45 08EECD1F8935B1A4DE04410E17D44523 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-04-10 15:22:42 E1D326630AB7331CDCDE89EDEFBE1338 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-04-10 15:22:42 56932FF02302B2A294A2221FF7FF1F06 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-04-10 15:22:42 50A8CEDD3D3E5BA6FD15F7C210EBD254 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-04-10 15:22:41 DCFC9E297BB41902CE3C15AA665D316A 237056 ----a-w- C:\Windows\Sysnative\url.dll

2014-04-10 15:22:40 A7E7461CB7F88B5373CC0F4C9B663EA0 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-04-10 15:22:40 691CF424BD6E01BE23C6C533167C39A7 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-04-10 15:22:39 D7151627525D724BF0E2A95DCBED8251 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-04-10 15:22:39 CB1B9ACC111EC16C47DFE25FC8023B72 1347072 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-04-10 15:22:38 61CE85A38BFCE26F46BDF9869841A961 2334720 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-04-10 15:22:37 EED5256DC69F266E7680EC1E3F1586DA 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-04-10 15:22:37 DF066F9762A7B31D1146A4C406053E4C 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-04-10 15:22:34 DB06224C72F52FAF8339D2669175A222 17848832 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-04-10 15:22:33 AC56947896A8B4E40386CBD03B792DF4 10926592 ----a-w- C:\Windows\Sysnative\ieframe.dll

====== C:\Windows\Sysnative\drivers =====

2014-04-10 15:29:17 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

2014-03-28 08:11:41 9887CA12F407D7FBC7F48F3678F5F0B6 35840 ----a-r- C:\Windows\Sysnative\drivers\BVRPMPR5a64.SYS

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-04-20 18:43:52 -------- d-----w- C:\Program Files\trend micro

2014-04-13 12:17:29 -------- d-----w- C:\Program Files\Google

======= C:\PROGRA~2 =====

2014-04-15 20:20:36 -------- d-----w- C:\PROGRA~2\FrostWire 5

2014-03-25 15:46:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype

2014-03-25 15:46:32 -------- d-----r- C:\PROGRA~2\Skype

======= C: =====

====== C:\Users\Pc\AppData\Roaming ======

2014-04-20 09:06:00 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Fighters

2014-04-20 09:05:47 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-20 09:05:44 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp

2014-04-20 09:05:41 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-04-20 09:05:25 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Identities

2014-04-20 09:05:20 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp

2014-04-17 09:26:03 -------- d-----w- C:\Users\Pc\AppData\Roaming\F-Secure

2014-04-15 20:22:07 -------- d-----w- C:\Users\Pc\AppData\Local\Comodo

2014-04-15 20:20:49 -------- d-----w- C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5

2014-04-13 12:18:25 -------- d-----w- C:\Users\Pc\AppData\Roaming\Google

2014-04-12 18:42:33 -------- dc----w- C:\Users\Pc\AppData\Local\MigWiz

2014-04-04 15:51:59 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps

2014-03-25 15:47:20 -------- d-----w- C:\Users\Pc\AppData\Local\Skype

====== C:\Users\Pc ======

2014-04-20 16:17:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Pc\Desktop\RSITx64.exe

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Videos

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Pictures

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Music

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Favorites

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Downloads

2014-04-20 09:05:36 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Documents

2014-04-20 09:05:19 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites

2014-04-20 09:05:19 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Desktop

2014-04-17 09:24:52 -------- d-----w- C:\Users\Pc\Belgacom Cloud

2014-04-17 09:23:59 1B6C3627D3F192A9EFB12BEDE1956EC9 28802744 ----a-w- C:\Users\Pc\Downloads\Belgacom_Cloud_Win.exe

2014-04-15 20:23:15 B763782BEB7D4BE135B493A66AE2C841 509872 ----a-w- C:\Users\Pc\Documents\APNSetup.exe

2014-04-15 20:22:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-04-13 12:17:04 -------- d-----w- C:\ProgramData\Google

2014-04-09 20:09:07 -------- d-----w- C:\ProgramData\systemk

2014-03-25 15:46:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==

2014-04-21 08:04:56 3EABBCC26228958E68635EC4955DAF6A 470560 ----a-w- C:\Users\Pc\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe

2014-04-20 18:43:55 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Pc.exe

2014-04-20 16:17:39 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Pc\Desktop\RSITx64.exe

2014-04-20 09:06:08 3EABBCC26228958E68635EC4955DAF6A 470560 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe

2014-04-20 09:06:06 3EABBCC26228958E68635EC4955DAF6A 470560 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters\Tray\Updates\TKTRAY-DM\DM.exe

2014-04-17 09:32:34 5547AB584CA80A42F1A0CFC6405D0EE7 37003992 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\34.0.1847.116\34.0.1847.116_chrome_installer.exe

2014-04-17 09:31:46 53C969C20AE1935DD980F687D22D0453 10120 ------w- C:\Users\Pc\AppData\Local\Apps\2.0\ZBDQPJK5.DRD\TZND627D.8CV\goog...app_4fe91ede9f9bdca3_0001.0003_71f9d460b1ca391b\clickonce_bootstrap.exe

2014-04-17 09:23:59 1B6C3627D3F192A9EFB12BEDE1956EC9 28802744 ----a-w- C:\Users\Pc\Downloads\Belgacom_Cloud_Win.exe

2014-04-15 20:23:15 B763782BEB7D4BE135B493A66AE2C841 509872 ----a-w- C:\Users\Pc\Documents\APNSetup.exe

2014-04-15 20:21:05 2BE64E6D8BD2E1EB1806D508D0275599 507240 ----a-w- C:\Program Files (x86)\FrostWire 5\Uninstall.exe

2014-04-15 20:20:45 7316C8AC3C709BD5A9F01E0F01B7117F 21815888 ----a-w- C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserChoice]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BrowserChoice"

"hkey"="HKCU"

"command"="\"C:\\Windows\\System32\\browserchoice.exe\" /run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HotKeysCmds"

"hkey"="HKLM"

"command"="\"C:\\Windows\\system32\\hkcmd.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IgfxTray"

"hkey"="HKLM"

"command"="\"C:\\Windows\\system32\\igfxtray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Persistence"

"hkey"="HKLM"

"command"="\"C:\\Windows\\system32\\igfxpers.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SynTPEnh"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/04/2014 14:16]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/01/2014 12:06]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe"]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF" [17/04/2014 10:03]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 22:44]

nppllibpnmahfaklnpggkibhkapjkeob - No path found[]

Google Docs - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Plus-HD-8.1 - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\giccehglhacakcfemddmfhdkahamfcmd

BobyLyrics-16 - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffnmffcnjgdnckipooehcgglcfaheeb

Plus-HD-4.9 - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa

Norton Identity Protection - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Widget context - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp

Gmail - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DropToS - Pc\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo

Torch Games - Pc\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp

Torch Music - Pc\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad

FaceLift - Pc\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk

Torch Helper - Pc\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Torch Torrent - Pc\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc

Torch Music - Pc\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed

Hola - Pc\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh

==== Chrome Fix ======================

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffnmffcnjgdnckipooehcgglcfaheeb deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\giccehglhacakcfemddmfhdkahamfcmd deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0.localstorage deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0.localstorage-journal deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0 deleted successfully

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Start Page"="https://www.google.be/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{7FA82449-D80B-4B04-8429-7BC5FF2AECB0}"

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{7FA82449-D80B-4B04-8429-7BC5FF2AECB0} Google Url="https://www.google.com/search?q={searchTerms}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-8.1 deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs:

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Pc\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Pc\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2806 folders=395 125143528 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Pc\AppData\Local\Temp will be emptied at reboot

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Pc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ma 21/04/2014 at 14:35:09,01 ======================

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Start Zoek.exe nogmaals met het onderstaande script.

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  C:\Users\Pc\AppData\Roaming\F-Secure;fs
  chromelook;
  firefoxlook;
  autoclean; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  

Dag,

Hieronder de laatste log van : zoek.ex volgens uw laatste bericht)

Ik stuur daarna het LOG van AdwCleaner , oke

Groeten

jean paul

Zoek.exe v5.0.0.0 Updated 14-April-2014

Tool run by Pc on wo 23/04/2014 at 11:28:52,93.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Pc\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-04-21-123509.log 46680 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2366639599-4099548902-4220582541-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\Pc\AppData\Roaming\F-Secure deleted

C:\Users\Pc\AppData\LocalLow\DataMngr deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF" [17/04/2014 10:03]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx[11/03/2014 22:44]

Google Docs - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Norton Identity Protection - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

DropToS - Pc\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo

Torch Games - Pc\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp

Torch Music - Pc\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad

FaceLift - Pc\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk

Torch Helper - Pc\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Torch Torrent - Pc\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc

Torch Music - Pc\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed

Hola - Pc\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{7FA82449-D80B-4B04-8429-7BC5FF2AECB0}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{7FA82449-D80B-4B04-8429-7BC5FF2AECB0} Google Url="https://www.google.com/search?q={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Pc\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2806 folders=397 125148993 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Pc\AppData\Local\Temp will be emptied at reboot

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Pc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on wo 23/04/2014 at 11:39:14,02 ======================

- - - Updated - - -

Dag 23/4/2014 11.49 u

Kunt u mij aanwijzen welke link ik dien te gebruiken voor het ownloaden van adwcleaner want ik krijg een opmerking (zie bijlage )

AdwCleaner moet je downloaden door te klikken op de rode link in mijn vorig bericht.

De foutmelding die je krijgt, mag je negeren want AdwCleaner is volkomen veilig.