herinstallatie van Windows Vista Home Premium lukt niet

Een vriend van me heeft een laptop met Windows Vista Home Premium. Het ding wordt niet veel door hem gebruikt.

Nu loopt de laptop regelmatig vast. Dat wil zeggen programma's die ik wil opstarten reageren na een paar tellen niet meer.

Updates downloaden en installeren loopt ook vast. Er is sinds vorig jaar augustus (2013) geen update meer gedaan.

Ik heb gezocht naar een punt van systeemherstel, maar dat was niet ingesteld.

Ik heb geheugencontrole en schijfcontrole uitgevoerd. Beide controles waren OK.

Ik heb gecontroleerd op mal- en spyware, maar dat leverde niets op.

Iedere keer als ik de laptop opnieuw opstart, krijg ik de keuze of ik het in veilige modus (met de 2 varianten daarbij) of normaal wil laten opstarten.

Al met al is het een beetje ronddraaien in een cirkel.

Nu dacht ik om een herinstallatie van Windows Vista Home Premium te doen. Maar de originele cd's zijn niet meer aanwezig.

Ik heb nu een image genomen en die op dvd gezet. Mijn idee is dan dat ik dmv de setup.exe van de dvd uit te voeren een schone installatie kan uitvoeren.

Echter nadat ik setup.exe heb aangeklikt gebeurt er niets.

Op de laptop staat een OEM versie geinstalleerd.

Wat kan ik nu het beste doen?

11 februari 2014 aangepast door djessdog

Op de manier die jij opgeeft zal je geen herinstallatie van Windows kunnen uitvoeren, een installatieschijf is nodig.

In dit geval gaat het om een laptop, indien de herstelpartitie aanwezig is op de laptop kan die wel terug gezet naar fabrieksinstellingen maar.......voer onderstaande eert eens uit zodat we kunnen nagaan of virussen/ malware de oorzaak zijn van die problemen.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

Hallo, hierbij het logje:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Evanne at 2014-02-12 16:21:50

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 25 GB (33%) free of 76 GB

Total RAM: 3061 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:22:56, on 12-2-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19499)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Evanne\Desktop\RSIT.exe

C:\Program Files\trend micro\Evanne.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing)

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: Update FindRight - Unknown owner - C:\Program Files\FindRight\updateFindRight.exe

O23 - Service: Util FindRight - Unknown owner - C:\Program Files\FindRight\bin\utilFindRight.exe

--

End of file - 8471 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default

prefs.js - "browser.startup.homepage" - "http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, wrc@avast.com:8.0.1497, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

browser.xpt

browserdirprovider.dll

brwsrcmp.dll

components.list

FeedConverter.js

FeedProcessor.js

FeedWriter.js

fuelApplication.js

GPSDGeolocationProvider.js

jsconsole-clhandler.js

NetworkGeolocationProvider.js

nsAddonRepository.js

nsBadCertHandler.js

nsBlocklistService.js

nsBrowserContentHandler.js

nsBrowserGlue.js

nsContentDispatchChooser.js

nsContentPrefService.js

nsDefaultCLH.js

nsDownloadManagerUI.js

nsExtensionManager.js

nsFormAutoComplete.js

nsHandlerService.js

nsHelperAppDlg.js

nsINIProcessor.js

nsLivemarkService.js

nsLoginInfo.js

nsLoginManager.js

nsLoginManagerPrompter.js

nsMicrosummaryService.js

nsPlacesAutoComplete.js

nsPlacesDBFlush.js

nsPlacesTransactionsService.js

nsPrivateBrowsingService.js

nsProxyAutoConfig.js

nsSafebrowsingApplication.js

nsSearchService.js

nsSearchSuggestions.js

nsSessionStartup.js

nsSessionStore.js

nsSetDefaultBrowser.js

nsSidebar.js

nsTaggingService.js

nsTryToClose.js

nsUpdateService.js

nsUpdateServiceStub.js

nsUpdateTimerManager.js

nsUrlClassifierLib.js

nsUrlClassifierListManager.js

nsURLFormatter.js

nsWebHandlerApp.js

pluginGlue.js

storage-Legacy.js

storage-mozStorage.js

txEXSLTRegExFunctions.js

WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\

npnul32.dll

C:\Program Files\Mozilla Firefox\searchplugins\

bolcom-nl.xml

google.xml

marktplaats-nl.xml

sweet-page.xml

vandale-nl.xml

wikipedia-nl.xml

yahoo-nl.xml

C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\extensions\

1391958098_xpi

jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack

{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-02-26 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-02-26 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-05 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-05 154136]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-05 129560]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]

"NDSTray.exe"=NDSTray.exe []

"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]

"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]

"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]

"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]

"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-01-29 430080]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-12 16:21:51 ----D---- C:\Program Files\trend micro

2014-02-12 16:21:50 ----D---- C:\rsit

2014-02-12 16:03:13 ----D---- C:\Windows\Migration

2014-02-12 13:44:15 ----A---- C:\Windows\system32\msfeedssync.exe

2014-02-12 13:44:13 ----A---- C:\Windows\system32\ie4uinit.exe

2014-02-12 13:44:12 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-02-12 13:44:12 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-12 13:44:11 ----A---- C:\Windows\system32\iertutil.dll

2014-02-12 13:44:10 ----A---- C:\Windows\system32\urlmon.dll

2014-02-12 13:44:10 ----A---- C:\Windows\system32\iernonce.dll

2014-02-12 13:44:09 ----A---- C:\Windows\system32\wininet.dll

2014-02-12 13:44:09 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-12 13:44:09 ----A---- C:\Windows\system32\iedkcs32.dll

2014-02-12 13:44:08 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-12 13:44:06 ----A---- C:\Windows\system32\iesysprep.dll

2014-02-12 13:43:58 ----A---- C:\Windows\system32\occache.dll

2014-02-12 13:43:57 ----A---- C:\Windows\system32\iesetup.dll

2014-02-12 13:43:57 ----A---- C:\Windows\system32\ieframe.dll

2014-02-12 13:43:53 ----A---- C:\Windows\system32\corpol.dll

2014-02-12 13:43:52 ----A---- C:\Windows\system32\licmgr10.dll

2014-02-12 13:43:51 ----A---- C:\Windows\system32\ieui.dll

2014-02-12 13:43:50 ----A---- C:\Windows\system32\iepeers.dll

2014-02-12 13:43:49 ----A---- C:\Windows\system32\mshtmled.dll

2014-02-12 13:43:48 ----A---- C:\Windows\system32\mstime.dll

2014-02-12 13:43:47 ----A---- C:\Windows\system32\url.dll

2014-02-12 13:43:46 ----A---- C:\Windows\system32\mshtml.dll

2014-02-12 07:33:56 ----A---- C:\Windows\system32\vbscript.dll

2014-02-12 07:32:06 ----A---- C:\Windows\system32\msxml3.dll

2014-02-11 19:00:11 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-02-11 17:17:59 ----A---- C:\Windows\system32\win32k.sys

2014-02-11 17:17:54 ----A---- C:\Windows\system32\SysFxUI.dll

2014-02-11 17:17:54 ----A---- C:\Windows\system32\drivers\portcls.sys

2014-02-11 17:17:54 ----A---- C:\Windows\system32\drivers\drmk.sys

2014-02-11 17:17:46 ----A---- C:\Windows\system32\FntCache.dll

2014-02-11 17:17:46 ----A---- C:\Windows\system32\DWrite.dll

2014-02-11 17:17:45 ----A---- C:\Windows\system32\d3d10level9.dll

2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10core.dll

2014-02-11 17:17:44 ----A---- C:\Windows\system32\d3d10_1core.dll

2014-02-11 17:17:44 ----A---- C:\Windows\system32\d2d1.dll

2014-02-11 17:17:43 ----A---- C:\Windows\system32\d3d10_1.dll

2014-02-11 17:17:43 ----A---- C:\Windows\system32\d3d10.dll

2014-02-11 17:12:29 ----A---- C:\Windows\system32\wscript.exe

2014-02-11 17:12:28 ----A---- C:\Windows\system32\cscript.exe

2014-02-11 17:12:27 ----A---- C:\Windows\system32\wshcon.dll

2014-02-11 17:12:27 ----A---- C:\Windows\system32\scrrun.dll

2014-02-11 16:32:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-02-11 16:32:03 ----A---- C:\Windows\system32\cdd.dll

2014-02-11 16:31:59 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2014-02-11 16:31:55 ----A---- C:\Windows\system32\gdi32.dll

2014-02-11 16:30:50 ----A---- C:\Windows\system32\crypt32.dll

2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-02-11 15:14:33 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-02-11 15:14:32 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-02-11 15:14:32 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-02-11 15:03:13 ----ASH---- C:\hiberfil.sys

2014-02-11 14:38:24 ----D---- C:\avast! sandbox

2014-02-11 14:24:18 ----RASH---- C:\MSDOS.SYS

2014-02-11 14:24:18 ----RASH---- C:\IO.SYS

2014-02-09 17:42:43 ----A---- C:\Windows\ntbtlog.txt

2014-02-09 16:37:09 ----D---- C:\Windows\SoftwareDistribution

2014-02-09 16:12:51 ----D---- C:\Users\Evanne\AppData\Roaming\0F1F1C2Y1H1P1C0I0T

2014-02-09 16:01:31 ----D---- C:\Program Files\FindRight

2014-02-09 15:39:54 ----D---- C:\Users\Evanne\AppData\Roaming\ParetoLogic

2014-02-09 15:39:54 ----D---- C:\Users\Evanne\AppData\Roaming\DriverCure

2014-02-09 15:39:50 ----D---- C:\ProgramData\ParetoLogic

2014-02-08 21:55:10 ----D---- C:\Program Files\TeamViewer

2014-02-08 21:49:15 ----A---- C:\Windows\system32\roboot.exe

2014-02-08 21:49:10 ----D---- C:\Users\Evanne\AppData\Roaming\systweak

2014-02-08 21:46:06 ----D---- C:\Users\Evanne\AppData\Roaming\Mozilla

2014-02-08 21:45:20 ----D---- C:\Program Files\Mobogenie

2014-02-08 21:43:50 ----D---- C:\Program Files\Mozilla Firefox

2014-01-22 20:37:26 ----A---- C:\Windows\system32\drivers\RapportKELL.sys

======List of files/folders modified in the last 1 month======

2014-02-12 16:22:23 ----D---- C:\Windows\Temp

2014-02-12 16:21:53 ----D---- C:\Windows\Prefetch

2014-02-12 16:21:51 ----RD---- C:\Program Files

2014-02-12 16:17:00 ----AD---- C:\Windows\System32

2014-02-12 16:17:00 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-12 16:14:31 ----SHD---- C:\Windows\Installer

2014-02-12 16:14:30 ----HD---- C:\Config.Msi

2014-02-12 16:14:19 ----D---- C:\Windows\Microsoft.NET

2014-02-12 16:09:47 ----RSD---- C:\Windows\assembly

2014-02-12 16:09:07 ----D---- C:\Windows\inf

2014-02-12 16:03:58 ----D---- C:\Windows\system32\en-US

2014-02-12 16:03:13 ----SD---- C:\ProgramData\Microsoft

2014-02-12 16:03:13 ----D---- C:\Windows

2014-02-12 16:00:08 ----SHD---- C:\System Volume Information

2014-02-12 15:30:57 ----D---- C:\Program Files\Internet Explorer

2014-02-12 15:30:56 ----D---- C:\Windows\system32\migration

2014-02-12 13:55:15 ----D---- C:\Windows\winsxs

2014-02-12 13:41:07 ----D---- C:\Windows\system32\catroot

2014-02-12 13:41:05 ----D---- C:\Windows\system32\catroot2

2014-02-12 07:40:46 ----D---- C:\Windows\system32\MRT

2014-02-12 07:36:24 ----A---- C:\Windows\system32\mrt.exe

2014-02-12 07:09:18 ----D---- C:\Windows\Debug

2014-02-11 20:16:27 ----D---- C:\Program Files\Google

2014-02-11 17:51:43 ----D---- C:\Windows\system32\drivers

2014-02-11 17:51:42 ----D---- C:\Windows\system32\RTCOM

2014-02-11 16:58:59 ----D---- C:\Windows\rescache

2014-02-11 16:35:42 ----D---- C:\Windows\system32\nl-NL

2014-02-11 15:24:17 ----D---- C:\Program Files\Microsoft Silverlight

2014-02-11 14:58:25 ----D---- C:\ProgramData\AVAST Software

2014-02-11 14:58:13 ----SD---- C:\Windows\system32\Microsoft

2014-02-11 14:21:33 ----D---- C:\Windows\system32\Tasks

2014-02-09 16:18:03 ----D---- C:\Windows\Panther

2014-02-09 15:53:23 ----D---- C:\Windows\Tasks

2014-02-09 15:39:50 ----HD---- C:\ProgramData

2014-02-09 15:39:50 ----D---- C:\Program Files\Common Files

2014-02-09 15:36:25 ----D---- C:\Windows\AppPatch

2014-02-09 13:27:50 ----D---- C:\Windows\Minidump

2014-02-09 13:27:45 ----SD---- C:\Windows\Downloaded Program Files

2014-02-09 00:13:25 ----D---- C:\Windows\system32\LogFiles

2014-02-08 21:57:36 ----RSD---- C:\Windows\Fonts

2014-02-08 15:39:16 ----SD---- C:\Users\Evanne\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]

R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2014-01-22 107256]

R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]

R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]

R1 RapportCerberus_59849;RapportCerberus_59849; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [2014-02-11 340432]

R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2014-01-22 155704]

R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2014-01-22 228888]

R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]

R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]

R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-12-28 104448]

R3 RTL8187B;Realtek RTL8187B draadloos 802.11b/g 54Mbps USB 2.0 netwerkadapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]

R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]

R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]

R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-01-22 1444120]

R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-05 4915040]

R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]

R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]

R2 TosCoSrv;TOSHIBA Power Saver; c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]

R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

R2 Update FindRight;Update FindRight; C:\Program Files\FindRight\updateFindRight.exe [2014-02-05 80160]

R2 Util FindRight;Util FindRight; C:\Program Files\FindRight\bin\utilFindRight.exe [2014-02-09 80160]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-26 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]

S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-26 1836544]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-26 136176]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-26 138168]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {76577871-04EC-495E-A12B-91F7C3600AFA};c
 {8A918C1D-E123-4E36-B562-5C1519E434CE};c
 Update FindRight;s
 Util FindRight;s
 C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\extensions\1391958098_xpi;f
 C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b};fs
 C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack;fs
 C:\Users\Evanne\AppData\Roaming\0F1F1C2Y1H1P1C0I0T;fs
 C:\Program Files\FindRight;fs
 C:\Users\Evanne\AppData\Roaming\ParetoLogic;fs
C:\Users\Evanne\AppData\Roaming\DriverCure;fs
C:\ProgramData\ParetoLogic;fs
 C:\Windows\system32\roboot.exe;f
C:\Users\Evanne\AppData\Roaming\systweak;fs
 C:\Program Files\Mobogenie;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

Hier het resultaat van zoek.exe

Zoek.exe v5.0.0.0 Updated 10-February-2014

Tool run by Evanne on do 13-02-2014 at 7:53:18,89.

MicrosoftÆ Windows Vistaô Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Evanne\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

13-2-2014 7:57:23 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\ProgramData\AVAST Software deleted successfully

C:\Users\Evanne\AppData\Roaming\U3 deleted successfully

C:\Users\Evanne\AppData\Roaming\Windows Live Writer deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1136623961-3287669430-1088312469-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Update FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Update FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Util FindRight deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Util FindRight deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default

user.js not found

---- Lines Sweet removed from prefs.js ----

user_pref("browser.newtab.url", "http://www.sweet-page.com/newtab/?type=nt&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT");

user_pref("browser.search.defaultenginename", "sweet-page");

user_pref("browser.search.selectedEngine", "sweet-page");

user_pref("browser.startup.homepage", "http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- FireFox user.js and prefs.js backups ----

prefs_13-02-2014_0840_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]

@="C:\\Program Files\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\\{20a82645-c095-46ed-80e3-08825760534b\} not found

C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack deleted

C:\\Users\\Evanne\\AppData\\Roaming\\0F1F1C2Y1H1P1C0I0T deleted

C:\\Users\\Evanne\\AppData\\Roaming\\ParetoLogic deleted

C:\\Users\\Evanne\\AppData\\Roaming\\DriverCure deleted

C:\\ProgramData\\ParetoLogic deleted

C:\\Users\\Evanne\\AppData\\Roaming\\systweak deleted

C:\\Program Files\\Mobogenie deleted

C:\Program Files\Mozilla Firefox deleted

C:\Users\Evanne\daemonprocess.txt deleted

C:\Program Files\GUT35F7.tmp deleted

C:\Program Files\GUT92BF.tmp deleted

C:\Program Files\GUTAB4D.tmp deleted

C:\Program Files\GUTCEE9.tmp deleted

C:\Program Files\GUTD3CE.tmp deleted

C:\Program Files\GUM35E6.tmp deleted

C:\Program Files\GUM92AE.tmp deleted

C:\Program Files\GUMAB4C.tmp deleted

C:\Program Files\GUMCEB9.tmp deleted

C:\Program Files\GUMD3BD.tmp deleted

C:\Users\Evanne\AppData\Local\MoboGenie deleted

C:\Windows\system32\tasks\RegClean Pro deleted

C:\Windows\system32\roboot.exe deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome.manifest" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\install.rdf" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\index.html" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\newtab.html" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\newtabplus.xul" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\options.xul" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn.html" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\all.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\blank.gif" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\classification.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\default-wallpaper.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\default.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\game.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\google.com.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\google.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\help.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\icon.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\iconsmall.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\ie_logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\line.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\load.gif" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\logo.ico" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\main.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\oNewtab.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\photosload.gif" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\searchButton.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\settings.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\shoping.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\style.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\submit_buttion.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\uploadpaper.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\wallpaper_buttion.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weather.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weather.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\weatherlogo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\webstore.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\wedo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\easing.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\ga.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\google.autocomplete.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery-1.8.0.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery-base.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery.autocomplete.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\jquery.sortable.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\js.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\lazyload.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\newtabplus.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\options.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\wrap.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\xa.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js\xagainit.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\google.com.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\quickSearch.js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn\skin_0.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW\locale.dtd" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW\locale.properties" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\bookmarks.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\cloud.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\extensions.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\lastVisited.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\quickSearch.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\setup.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\download.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\skins.css" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\defaultBg.svg" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\defaultBgIco.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\idialog_s.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\ios5_button.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\left.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\loading.gif" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\loading2.gif" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_bg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_left.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\q_right.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\right.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\titleBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0\wedo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\buttonBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\categoryBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\cn_outSideLogo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\cn_uploadLogo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\icons.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\outSideLogo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchButton.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\searchLeft.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\selected.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\tabsBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img\uploadLogo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img\extensionsbtn.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\baidu.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\bing.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\google.com.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\google.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\linktype.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\searchButton.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\taobao.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img\yahoo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0\dialBoxStyle.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0\icons.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\headerBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\logo.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0\categoryBg.png" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0\icons.png" deleted

"C:\\Program Files\\FindRight\updateFindRight.exe" deleted

"C:\Program Files\FindRight\updateFindRight.exe" deleted

"C:\\Program Files\\FindRight\bin\utilFindRight.exe" deleted

"C:\Program Files\FindRight\bin\utilFindRight.exe" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\js" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\content\s_google_cn" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\en-US" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\es-419" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pl" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\pt-BR" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\tr" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-CN" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\locale\zh-TW" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skin_0" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\bookmarks\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\cloud\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\extensions\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\lastVisited\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\quickSearch\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\setup\img\skin_0" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img" deleted

"C:\\Users\\Evanne\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\otn14c4m.default\\extensions\\1391958098_xpi\chrome\skin\skins\img\skin_0" deleted

"C:\\Program Files\\FindRight" not deleted

"C:\Program Files\FindRight" not deleted

"C:\\Program Files\\FindRight\bin" not deleted

"C:\Program Files\FindRight\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Evanne\AppData\Local\Temp ====

2014-02-11 13:54:37 9EB54EABFB8B9FA02BFC48AF3A9FD020 41984 ----a-w- C:\Users\Evanne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxx2pam.dll

2014-02-08 20:42:11 C0F543C0A9EF23C2DDCF93CD922324AB 20240336 ----a-w- C:\Users\Evanne\AppData\Local\Temp\Mobogenie_Setup_2-1-37_613.exe

2014-02-05 09:33:20 1A29223420079456E8BE516BAEAE719F 5700688 ----a-w- C:\Users\Evanne\AppData\Local\Temp\TeamViewer\Version9\TeamViewer_.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-02-12 12:44:15 6F01E59ED7ADE15C0ECD138037D1BFCB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-02-12 12:44:13 4D533BE929A05AFC736BD9A5B957AA82 174080 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-12 12:44:12 3554D5001281A1D836B9BBB30530D106 25600 ----a-w- C:\Windows\System32\jsproxy.dll

2014-02-12 12:44:12 2B45D225F56385EE9841D7FF2E7793F4 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-02-12 12:44:11 902690A71DA969C0B157F96BD4110366 2005504 ----a-w- C:\Windows\System32\iertutil.dll

2014-02-12 12:44:10 732833FE6FE26FE6B2D3DA8A1823A7FE 55808 ----a-w- C:\Windows\System32\iernonce.dll

2014-02-12 12:44:10 4ECF98D402E9397C391FB3EB4ED60DF6 1213440 ----a-w- C:\Windows\System32\urlmon.dll

2014-02-12 12:44:09 DADEBF72E480F970B7F200082D49D85A 133632 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-12 12:44:09 98ED8AC09ECD23C31AF211562C0ED389 387584 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-02-12 12:44:09 5CE024AD2C4AA64F1589AC39109F07F8 916992 ----a-w- C:\Windows\System32\wininet.dll

2014-02-12 12:44:08 2035B9C2BD915C5F3B6A4F24EF2027BC 630272 ----a-w- C:\Windows\System32\msfeeds.dll

2014-02-12 12:44:06 8BAC9D8207D681F049CE4439BE2A5DFA 109056 ----a-w- C:\Windows\System32\iesysprep.dll

2014-02-12 12:44:06 6C824DBC5E197C3C2463FE093B05A3CB 1469440 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-02-12 12:43:59 BF0BB9193C905AC595719A306898A0BF 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2014-02-12 12:43:58 C5A19525D723B179994A3D1677FB4A86 206848 ----a-w- C:\Windows\System32\occache.dll

2014-02-12 12:43:57 F8AD3F2C9B5272F2F6CB4283BEC449CE 11111424 ----a-w- C:\Windows\System32\ieframe.dll

2014-02-12 12:43:57 E91AB23F0C6F9BE77F44E7B64140D751 71680 ----a-w- C:\Windows\System32\iesetup.dll

2014-02-12 12:43:53 A412FDC6BE7A3AFE9DB15EE5CCA56231 18944 ----a-w- C:\Windows\System32\corpol.dll

2014-02-12 12:43:52 A16E9C8B46887C7A072605875A2E7127 43520 ----a-w- C:\Windows\System32\licmgr10.dll

2014-02-12 12:43:51 35F76AB3A67EAA08888B0146AF43960F 164352 ----a-w- C:\Windows\System32\ieui.dll

2014-02-12 12:43:50 9084C6F6659A659DA4E59E493FF8A359 385024 ----a-w- C:\Windows\System32\html.iec

2014-02-12 12:43:50 58939D717886CDE70555478AB2D2862B 184320 ----a-w- C:\Windows\System32\iepeers.dll

2014-02-12 12:43:49 737EACC805F4BF3D0B1177203B9A2BE4 67072 ----a-w- C:\Windows\System32\mshtmled.dll

2014-02-12 12:43:48 D84ADEFB4972B41B0F67188F6C8E4581 611840 ----a-w- C:\Windows\System32\mstime.dll

2014-02-12 12:43:47 9C197E060E25E4D0ACADC81CA99B08D1 105984 ----a-w- C:\Windows\System32\url.dll

2014-02-12 12:43:46 6DD8A505EE63E2DA22E9FF3501D1C05C 6019584 ----a-w- C:\Windows\System32\mshtml.dll

2014-02-12 06:33:56 F5AD3D55D71D8FF7C2BDE5A4D7078ED8 420864 ----a-w- C:\Windows\System32\vbscript.dll

2014-02-12 06:32:06 BA53A05A630D4B8B5DA5427E4C633479 1248768 ----a-w- C:\Windows\System32\msxml3.dll

2014-02-11 18:00:11 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2014-02-11 16:17:59 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-02-11 16:17:54 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll

2014-02-11 16:17:46 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll

2014-02-11 16:17:46 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll

2014-02-11 16:17:45 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll

2014-02-11 16:17:44 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll

2014-02-11 16:17:44 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll

2014-02-11 16:17:44 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll

2014-02-11 16:17:44 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll

2014-02-11 16:17:43 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll

2014-02-11 16:17:43 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll

2014-02-11 16:12:29 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx

2014-02-11 16:12:29 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe

2014-02-11 16:12:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe

2014-02-11 16:12:27 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll

2014-02-11 16:12:27 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll

2014-02-11 15:32:03 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll

2014-02-11 15:31:55 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2014-02-11 15:30:50 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

====== C:\Windows\system32\drivers =====

2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-02-11 15:32:04 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-22 19:37:26 A2882E8E32852F1FC46BB7ACF3E9F1B5 107256 ----a-w- C:\Windows\System32\drivers\RapportKELL.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-12 15:21:51 -------- d-----w- C:\Program Files\trend micro

2014-02-09 15:01:31 -------- d-----w- C:\Program Files\FindRight

2014-02-08 20:55:10 -------- d-----w- C:\Program Files\TeamViewer

======= C: =====

2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

====== C:\Users\Evanne\AppData\Roaming ======

2014-02-09 14:29:54 -------- d-----w- C:\Users\Evanne\AppData\Local\ElevatedDiagnostics

2014-02-08 20:46:11 -------- d-----w- C:\Users\Evanne\AppData\Local\Mozilla

2014-02-08 20:46:06 -------- d-----w- C:\Users\Evanne\AppData\Roaming\Mozilla

====== C:\Users\Evanne ======

2014-02-12 15:15:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Evanne\Desktop\RSIT.exe

2014-02-11 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

2014-02-09 17:26:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run(2).exe

2014-02-09 17:23:47 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run.exe

2014-02-09 17:07:48 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Evanne\Downloads\chromeinstall-7u51.exe

2014-02-09 15:14:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-09 14:12:33 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.RNP.Run.exe

2014-02-08 22:43:45 6E8CD9409823BEA643C3C01958210CE4 37660568 ----a-w- C:\Users\Evanne\Downloads\Dropbox 2.6.2(2).exe

2014-02-08 20:53:51 0D7C0BC4553183F45A38C6218274A2EF 5853328 ----a-w- C:\Users\Evanne\Downloads\TeamViewer_Setup_nl.exe

2014-02-08 20:51:11 078D66AD44C5E9DF5C473DACE05D6DAF 282968 ----a-w- C:\Users\Evanne\Downloads\Firefox Setup Stub 27.0.exe

====== C: exe-files ==

2014-02-12 15:21:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Evanne.exe

2014-02-12 15:15:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Evanne\Desktop\RSIT.exe

2014-02-12 12:44:15 6F01E59ED7ADE15C0ECD138037D1BFCB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-02-12 12:44:13 4D533BE929A05AFC736BD9A5B957AA82 174080 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-12 12:44:09 DADEBF72E480F970B7F200082D49D85A 133632 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-12 12:44:07 B43392B1F2546C8F0963F5E5F49BE95D 376320 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-12 12:43:42 153A7C95B3E529725FB60632BD0B2DD7 638120 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-11 16:12:29 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe

2014-02-11 16:12:28 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe

2014-02-11 13:45:30 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\7c7a501d-48b3-4ffc-9954-06d71409dbce\csrss.exe

2014-02-11 13:45:30 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\3d173000-a8ed-4b5f-a71e-39456ab599e9\dwm.exe

2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\92176ca3-2ddf-4dfd-aad8-a35d4d966b3f\TPwrMain.exe

2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\9151e282-e67e-4783-9463-209d2ebbd0e7\RapportService.exe

2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\77abad2d-ed18-423f-bda7-5ed1e1f1ba32\hkcmd.exe

2014-02-11 13:45:29 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\1a4be01b-ed17-4208-91b5-fc34c7e83596\igfxpers.exe

2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\e9f70cc8-e51f-4090-83e1-2d2882c5cc99\RtHDVCpl.exe

2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\ada4704e-4577-40e0-a1cd-c297bdea1905\TOSCDSPD.exe

2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\a8f5a662-25ee-47f2-bdc7-9a08d17d8197\hpwuSchd2.exe

2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\94defef9-8e0f-4608-9c61-37261e2c6ab9\SmoothView.exe

2014-02-11 13:45:28 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\370cf422-47ae-449e-b289-c2c7ab9a5620\MSASCui.exe

2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\e8b5d12e-da90-435a-b820-7452a44740f7\NDSTray.exe

2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\a77beb6f-6bc9-4cca-ba36-9d81e3706422\wmpnscfg.exe

2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\550ba23f-d9af-4c69-b58a-0a9ff988a0cc\CFSwMgr.exe

2014-02-11 13:45:27 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\4cdc1568-da53-4e2e-9277-ef28bf4280e0\ehtray.exe

2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\d7f05737-0158-4b17-8401-f93cb32056ab\SynTPHelper.exe

2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\ae20e3af-c826-47ab-8449-84ed5f6fb4e3\conime.exe

2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\8d4f582b-4155-415b-9800-bad8fba4e62d\taskeng.exe

2014-02-11 13:45:26 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\7b8fc7b9-5606-462d-b776-215474067519\SynTPEnh.exe

2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\dc74c45e-2d5f-47c5-ad13-6e3b19dc4e62\taskeng.exe

2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\c76213c3-4547-42d9-b84f-cf08fbe425ca\TCrdMain.exe

2014-02-11 13:45:25 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\8efc26d7-f3b9-42e1-a878-f98a06762ca4\AvastUI.exe

2014-02-11 13:45:24 E887F98CD5B28446E6D51A88336F68C8 51928 ----a-w- C:\Windows\Temp\0e7a3256-5497-4f93-bb59-2c4449c4a384\explorer.exe

2014-02-09 17:26:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run(2).exe

2014-02-09 17:23:47 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.Run.exe

2014-02-09 17:08:17 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Evanne\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

2014-02-09 17:07:48 5C68A2107DBD9B08CACE3130FE55B062 921000 ----a-w- C:\Users\Evanne\Downloads\chromeinstall-7u51.exe

2014-02-09 15:19:34 C41D0C34D86ACCBB28148B066EAD1311 1710392 ------w- C:\ProgramData\HP\Installer\Temp\hpzmsi01.exe

2014-02-09 15:13:57 4336FBC3A8A75922456D194391A5999C 36528344 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.107\32.0.1700.107_chrome_installer.exe

2014-02-09 14:12:33 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Evanne\Downloads\MicrosoftFixit.wu.RNP.Run.exe

2014-02-08 22:43:45 6E8CD9409823BEA643C3C01958210CE4 37660568 ----a-w- C:\Users\Evanne\Downloads\Dropbox 2.6.2(2).exe

2014-02-08 20:55:16 FFF1DAC7CAF8EEA4A14680F89603C21F 462480 ----a-w- C:\Program Files\TeamViewer\Version9\uninstall.exe

2014-02-08 20:55:16 E89B5502726C2B2B54751644FF587B1E 202592 ----a-w- C:\Program Files\TeamViewer\Version9\tv_w32.exe

2014-02-08 20:55:16 C32E6295D7D024B2302EFF1A7FEFD720 4915040 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

2014-02-08 20:55:16 058717CBDB12598B60DC437AF1FFA104 238432 ----a-w- C:\Program Files\TeamViewer\Version9\tv_x64.exe

2014-02-08 20:55:15 3022B5E75BEC45B6082361AFCA8D41A5 4415328 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe

2014-02-08 20:55:13 FCE5499C5CD3364037D83C55B3C00DEA 12493152 ----a-w- C:\Program Files\TeamViewer\Version9\TeamViewer.exe

2014-02-08 20:53:51 0D7C0BC4553183F45A38C6218274A2EF 5853328 ----a-w- C:\Users\Evanne\Downloads\TeamViewer_Setup_nl.exe

2014-02-08 20:51:11 078D66AD44C5E9DF5C473DACE05D6DAF 282968 ----a-w- C:\Users\Evanne\Downloads\Firefox Setup Stub 27.0.exe

2014-02-08 20:42:11 C0F543C0A9EF23C2DDCF93CD922324AB 20240336 ----a-w- C:\Users\Evanne\AppData\Local\Temp\Mobogenie_Setup_2-1-37_613.exe

=== C: other files ==

2014-02-11 16:17:59 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys

2014-02-11 16:17:54 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys

2014-02-11 16:17:54 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-02-11 15:32:04 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2014-02-11 15:32:01 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys

2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_052c97ea\usbvideo.sys

2014-02-11 15:31:59 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2014-02-11 15:31:59 49A623C16E482F4D31AD0EBD801DD8EC 68608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_933ee10a\usbcir.sys

2014-02-11 15:31:59 1114579556DB85E9FAF9590DBC64CD62 73344 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_e74ab35a\USBAUDIO.sys

2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbd.sys

2014-02-11 14:14:33 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbport.sys

2014-02-11 14:14:33 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys

2014-02-11 14:14:33 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbhub.sys

2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys

2014-02-11 14:14:33 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-02-11 14:14:32 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbohci.sys

2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbuhci.sys

2014-02-11 14:14:32 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbehci.sys

2014-02-11 14:14:32 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-02-11 14:10:08 AB51E1F08C8E789D6C9E8B94D15BE9A9 340432 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys

2014-02-11 14:10:08 000D82CC258E2D341605A6F350C4D1E6 606672 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys

2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

2014-02-11 13:24:18 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

2014-02-09 15:01:24 1707EEEC102FADDB29DD17585A99F3CB 1837759 ----a-w- C:\Users\Evanne\AppData\Local\Temp\fullpackage_temp1391958083\package1.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-1136623961-3287669430-1088312469-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RtHDVCpl"="RtHDVCpl.exe"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"NDSTray.exe"="NDSTray.exe"

"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup"

"Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe"

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Skytel"="Skytel.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"

"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "

"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"

==== Startup Folders ======================

2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

2008-02-26 16:14:32 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-01-2012 12:33]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-01-2012 12:33]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [01-08-2010 15:40]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default

- Undetermined - C:\Program Files\AVAST Software\Avast\WebRep\FF

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

==== Firefox Plugins ======================

Profilepath: C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default

49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

D6A4682A6FF41832A3F1A7AB9AE08199 - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll - Java Platform SE 6 U3

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

==== Chrome Look ======================

Google Wallet - Evanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"

"Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"

"Default_Page_URL"="http://www.sweet-page.com/?type=hp&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT"

"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}"

"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1391958097&from=cor&uid=TOSHIBAXMK1652GSX_78RQT4DPTXX78RQT4DPT&q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{25183DBC-A540-4F8F-B9EA-D69769AC0359} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on Users Desktops ======================

C:\Users\Evanne\Desktop\Foto's\myphotobook.lnk - C:\Program Files\myphotobook\myphotobook.exe

C:\Users\Evanne\Desktop\Foto's\Windows Live Photo Gallery.lnk - C:\Program Files\HP\Print Projects\Common01\Bin\HpqWLPG03.exe

C:\Users\Evanne\Desktop\Hulpprogramma's\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Users\Evanne\Desktop\Hulpprogramma's\avast Free Antivirus.lnk -

C:\Users\Evanne\Desktop\Hulpprogramma's\HP Solution Center.lnk - C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe

C:\Users\Evanne\Desktop\Hulpprogramma's\Ouneno - Stap 1.lnk -

C:\Users\Evanne\Desktop\Hulpprogramma's\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\Users\Evanne\Desktop\Hulpprogramma's\TOSHIBA Assist.lnk - C:\Program Files\TOSHIBA\TOSHIBA Assist\TInTouch.exe

C:\Users\Evanne\Desktop\Hulpprogramma's\TOSHIBA Gebruikershandleiding.lnk - C:\Program Files\TOSHIBA\Manuals\SPR6L300VNL0.pdf

C:\Users\Evanne\Desktop\Onderhoud\RegClean Pro.lnk - C:\Program Files\RegClean Pro\RegCleanPro.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\Users\Public\Desktop\Microsoft Works.lnk - C:\Program Files\Microsoft Works\MSWorks.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page

C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Veilige modus).lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging Console.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -config

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging starten.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -userstart

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging stoppen.lnk - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe -shutdown

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Sweet Page

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Sweet Page

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Evanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Veilige modus).lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Evanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Evanne\AppData\Local\Mozilla\Firefox\Profiles\otn14c4m.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Evanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=973 folders=166 616732622 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Evanne\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Evanne\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Evanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\FindRight" not found

==== EOF on do 13-02-2014 at 9:07:01,94 ======================

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

en als dat is gebeurd? moet ik dan weer een log produceren?

en als dat is gebeurd? moet ik dan weer een log produceren?

Dan mag je eerst dat logje van AdwCleaner in je volgende bericht plaatsen. Daarna kijken we dan weer verder. 13 februari 2014 aangepast door kape

OK

# AdwCleaner v3.018 - Report created 13/02/2014 at 15:52:26

# Updated 28/01/2014 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : Evanne - PC_VAN_EVANNE

# Running from : C:\Users\Evanne\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8949C266-9E3D-4EC0-B065-FBC84A5B388E}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8949C266-9E3D-4EC0-B065-FBC84A5B388E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\systweak

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\Software\systweak

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19499

-\\ Mozilla Firefox v3.6.28 (nl)

[ File : C:\Users\Evanne\AppData\Roaming\Mozilla\Firefox\Profiles\otn14c4m.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Evanne\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1724 octets] - [13/02/2014 15:45:02]

AdwCleaner[s0].txt - [1733 octets] - [13/02/2014 15:52:26]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1793 octets] ##########