Reclame

Boetn · 12 februari 2014

Beste,

Telkens ik op het internet bezig ben heb ik last van reclame die ik anders niet had, willekeurige woorden die in het groen zijn aangeduid en soms wordt ik doorgestuurd naar sites die ik niet wil...

Nu heb ik wat forums bekeken en ga ervan uit dat ik met Malware zit omdat ik recent ben beginnen downloaden van Pirate Proxy.

Ik heb mijn laptop al gescand met mijn antivirus (Norton), met MalareBytes en met ADWcleaner. hiervan heb ik telkens verwijdert wat als negatief eruit kwam maar nog steeds is dit niet opgelost.

Kunt u mij AUB helpen ??

kweezie wabbit · 12 februari 2014

Kunt u mij AUB helpen ??

We gaan in elk geval ons best doen.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

12 februari 2014 aangepast door kweezie wabbit

Boetn · 12 februari 2014

Telkens ik dit wil posten dan krijg ik volgende foutmelding: Fatal error: Maximum execution time of 30 seconds exceeded in /home/pchelpfor/domains/pc-helpforum.be/public_html/includes/functions.php on line 2351

kweezie wabbit · 12 februari 2014

Je kan het logje ook als bijlage toevoegen aan je bericht.

In de instructievideo kan je nakijken welk bestand je moet nemen en waar het staat.

Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.

Boetn · 12 februari 2014

[ATTACH]30305[/ATTACH]

Bij deze zou het in orde moeten zijn.

- - - Updated - - -

ik heb ook opgemerkt dat er bestanden staan op mijn C schijf die daar waarschijnlijk niet thuishoren, foto in bijlage xD

log.txt

kweezie wabbit · 13 februari 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyclsid;
emptyfolderscheck;delete 
startupall; 
filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
Do a Deep Scan
Installed Programs
HijackThis Log
Startup Information
Running Processes
Recently Created
Empty Temp
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

Boetn · 13 februari 2014

Zoek.exe v5.0.0.0 Updated 10-February-2014

Tool run by mini__000 on do 13-02-2014 at 21:38:56,18.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\mini__000\Downloads\zoek (1).exe [scan all users] [script inserted] [Checkboxes used]

==== Running Processes ======================

C:\WINDOWS\system32\wininit.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Re-markit\Re-markit153.exe

C:\Windows\RfBtnSvc64.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\DllHost.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

C:\Program Files (x86)\Re-markit\Re-markit_wd.exe

C:\WINDOWS\system32\taskhostex.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\skydrive.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Dolby PCEE4\pcee4.exe

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

c:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

C:\WINDOWS\system32\wwahost.exe

C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe

C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe

C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

C:\Windows\System32\SettingSyncHost.exe

C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\taskhost.exe

C:\Users\mini__000\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Users\mini__000\Downloads\zoek (1).exe

C:\WINDOWS\system32\conhost.exe

==== System Restore Info ======================

13-2-2014 21:41:10 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\PROGRA~2\BearShare Applications deleted successfully

C:\PROGRA~2\Call of Duty Ghosts deleted successfully

C:\PROGRA~2\MediaPlayerV1 deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\Users\mini__000\AppData\Roaming\BitTorrent deleted successfully

C:\Users\mini__000\AppData\Roaming\HpUpdate deleted successfully

C:\Users\mini__000\AppData\Roaming\MusicNet deleted successfully

C:\Users\mini__000\AppData\Roaming\rmi deleted successfully

C:\Users\cynth_000\AppData\Local\CrashDumps deleted successfully

C:\Users\mini__000\AppData\Local\CrashDumps deleted successfully

C:\Users\mini__000\AppData\Local\genienext deleted successfully

==== Creating Sample_13-02-2014_2147.zip ======================

Copied file C:\ProgramData\pclunst.exe to sample\pclunst.exe

sample\pclunst.exe renamed to 891975EA974507F67FDB80A9E92DD8EA

C:\Users\Public\Desktop\sample_13-02-2014_2147.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1804440243-3702103313-2254850248-1006\Software\Microsoft\Internet Explorer\SearchScopes\{350640D9-3155-4920-B443-AD92899A1319} deleted successfully

HKEY_USERS\S-1-5-21-1804440243-3702103313-2254850248-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

HKEY_USERS\S-1-5-21-1804440243-3702103313-2254850248-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

clear.fi SDK- Movie 2

clear.fi SDK - Video 2

æTorrent

Acer Device Fast-lane

Acer Instant Update Service

Acer Power Management

Acer Recovery Management

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AVG PC TuneUp 2014

AVG PC TuneUp 2014 (nl-NL)

Bonjour

BS.Player FREE

Canon Utilities CameraWindow DC 8

Canon Utilities ImageBrowser EX

Canon Utilities PhotoStitch

clear.fi Media

clear.fi Photo

Command & Conquer 3

Command & Conquer Generals

Command and ConquerTM Generals Zero Hour

Counter-Strike: Global Offensive

DAEMON Tools Pro Advanced

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dolby Home Theater v4

ETDWare PS/2-X64 11.6.17.002_WHQL

HP Photo Creations

HP Photosmart 6520 series Basissoftware van het apparaat

HP Photosmart 6520 series Help

HP Photosmart 6520 series Productverbeteringsonderzoek

HP Update

Identity Card

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel© Trusted Connect Service Client

iTunes

Launch Manager

Live Updater

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft Office Access MUI (Dutch) 2010

Microsoft Office Excel MUI (Dutch) 2010

Microsoft Office Groove MUI (Dutch) 2010

Microsoft Office InfoPath MUI (Dutch) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (Dutch) 2010

Microsoft Office Outlook MUI (Dutch) 2010

Microsoft Office PowerPoint MUI (Dutch) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (Dutch) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proofing (Dutch) 2010

Microsoft Office Publisher MUI (Dutch) 2010

Microsoft Office Shared 64-bit MUI (Dutch) 2010

Microsoft Office Shared MUI (Dutch) 2010

Microsoft Office Word MUI (Dutch) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Tools for Office Runtime

MSXML 4.0 SP2 Parser and SDK

Nero BackItUp

Nero BackItUp 12 Essentials OEM.a01

Nero BackItUp Help (CHM)

Nero ControlCenter

Nero ControlCenter Help (CHM)

Nero Core Components

Nero Launcher

Nero RescueAgent

Nero RescueAgent Help (CHM)

Nero Update

Norton Internet Security

NVIDIA-configuratiescherm 327.02

NVIDIA Grafisch stuurprogramma 327.02

NVIDIA Install Application

NVIDIA Optimus 1.11.3

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Update 1.11.3

NVIDIA Update Components

Office Addin

OpenAL

Paltalk Messenger 11.2

PowerISO

Prerequisite installer

Qualcomm Atheros Bluetooth Suite (64)

Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Qualcomm Atheros WLAN and Bluetooth Client Installation Program

Re-markit

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

Shared C Run-time for x64

Sony PC Companion 2.10.188

Steam

True Image 2013

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition

Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

UpdateChecker

Visual Studio 2005 Tools for Office Second Edition Runtime

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

VLC media player 2.0.0

WinRAR 5.01 (64-bit)

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Users\mini__000\daemonprocess.txt deleted

C:\Users\mini__000\.android deleted

C:\extensions.sqlite deleted

C:\extensions.ini deleted

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted

C:\Users\cynth_000\AppData\Local\Pokki deleted

C:\Users\mini__000\AppData\Local\Mobogenie deleted

C:\Users\mini__000\AppData\Local\cache deleted

C:\Users\mini__000\Documents\Mobogenie deleted

C:\ProgramData\pclunst.exe deleted

"C:\PROGRA~2\Re-markit\Re-markit153.exe" deleted

"C:\PROGRA~2\Re-markit\Re-markit_wd.exe" deleted

"C:\PROGRA~2\Re-markit" not deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 5963 MB

CPU Info: Intel® Core i5-3230M CPU @ 2.60GHz

CPU Speed: 2634,8 MHz

Sound Card: Speakers (Realtek High Definiti |

Display Adapters: Intel® HD Graphics 4000 | Intel® HD Graphics 4000 | Intel® HD Graphics 4000 | NVIDIA GeForce 710M

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet-controller (NDIS 6.30) | Qualcomm Atheros AR5BWB222 Wireless-netwerkadapter

CD / DVD Drives: 2x (D: | E: | ) D: MATSHITADVD-RAM UJ8E1 | E: DTSOFT BDROM

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C: 578,8GB | G: 97,7GB

Hard Disks - Free: C: 479,9GB | G: 77,5GB

Manufacturer *: Insyde Corp.

BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Acer VA70_HC

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Norton Internet Security disabled (Outdated)

Firewall: Norton Internet Security disabled

Internet Explorer Version: 11.0.9600.16518

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2014-01-27 17:48:46 363AEB546254E2745794B7C119DC7BB3 980 ----a-w- C:\WINDOWS\eReg.dat

====== C:\Users\MINI__~1\AppData\Local\Temp ====

2014-02-10 17:27:24 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\mini__000\AppData\Local\Temp\htmlayout.dll

2014-02-10 17:09:58 E5E10C8DA7CA857EB2F4730C32523329 2133304 ----a-w- C:\Users\mini__000\AppData\Local\Temp\UpdateWizard_25558\SilentUpdater.exe

2014-02-10 17:09:58 0D2AE9FFEC41B817520A450ACA85C9D5 586040 ----a-w- C:\Users\mini__000\AppData\Local\Temp\UpdateWizard_25558\tulic.dll

2014-02-10 17:05:29 E48537F65B0437252C300ACF56F43B8C 606520 ----a-w- C:\Users\mini__000\AppData\Local\Temp\Rar$EXa0.710\AVG PC Tuneup 2014 14.0.1001.204 Final incl Crack [ThumperDC]\Crack\tulic.dll

2014-02-10 17:05:29 1D54FF915F3AB4857A70DA337BB942D6 229176 ----a-w- C:\Users\mini__000\AppData\Local\Temp\Rar$EXa0.710\AVG PC Tuneup 2014 14.0.1001.204 Final incl Crack [ThumperDC]\Crack\UpdateWizard.exe

2014-02-10 17:05:29 1808E226AEF144331A66076B67FA8329 169784 ----a-w- C:\Users\mini__000\AppData\Local\Temp\Rar$EXa0.710\AVG PC Tuneup 2014 14.0.1001.204 Final incl Crack [ThumperDC]\Crack\RegWiz.exe

2014-02-06 20:06:11 F6278B5A16F830885B184D5F72E1B935 947200 ----a-w- C:\Users\mini__000\AppData\Local\Temp\uninstall708218.exe

2014-02-06 20:06:11 4CE42D5CF5D556A4D429E95B474F413C 2370560 ----a-w- C:\Users\mini__000\AppData\Local\Temp\uninstall708140.exe

====== C:\WINDOWS\SysWOW64 =====

2014-02-12 12:48:51 C9C0B562C7AA50A672766AAC8112DF05 3936256 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll

2014-02-12 12:48:51 2754B116D797255B6A2F2F5DB1760238 2071552 ----a-w- C:\WINDOWS\SysWOW64\d3d10warp.dll

2014-02-12 12:48:49 5254A52E0F354BC7955E309C4166CE0A 1317376 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll

2014-02-12 12:48:47 F0769848C6438AF1FF45E495219222B7 444928 ----a-w- C:\WINDOWS\SysWOW64\msdrm.dll

2014-02-12 12:48:18 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll

2014-02-12 12:48:18 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll

2014-02-12 12:48:18 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-02-12 12:48:17 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll

2014-02-12 12:48:17 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

2014-02-12 12:48:17 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll

2014-02-12 12:48:16 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll

2014-02-12 12:48:16 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll

2014-02-12 12:48:16 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-02-12 12:48:16 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll

2014-02-12 12:48:16 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-02-12 12:48:15 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\WINDOWS\SysWOW64\msrating.dll

2014-02-12 12:48:15 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb

2014-02-12 12:48:15 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll

2014-02-12 12:48:15 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll

2014-02-12 12:48:15 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-02-12 12:48:15 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-02-12 12:48:06 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\WINDOWS\SysWOW64\pcaui.exe

2014-02-12 12:48:06 94443607F11CA635408A89F598C16DDD 835584 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll

2014-02-12 12:48:06 77854ABDFA570601755D9D63F1F890DA 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll

2014-02-12 12:48:04 E31D12A9F5F358D60B8B34A1949DCE45 11702272 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll

2014-02-12 12:48:04 419E037A7BAE52E665F89FB22FCC5D87 4961792 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-02-12 12:48:03 D5B5184F8C258D2C3AC70E3799C7A4BF 830976 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-02-12 12:48:03 46C6D8A6B4DEBBB55B6DA6B92C100599 1202888 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll

2014-02-12 12:48:03 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms

2014-02-12 12:47:48 7D30E75C5C0FEAA40B79775C92C6AF23 628736 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-02-12 12:47:48 5D2A65C08953962327A21A51B5FC2089 1020928 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll

2014-02-12 12:47:48 5A37BBFA3A43556806DE5DDAD682766B 105984 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-02-10 17:10:23 CC7A4572AF76CA5DD55F7F742F185297 35640 ----a-w- C:\WINDOWS\SysWOW64\uxtuneup.dll

2014-02-10 17:09:12 9BC991C359DEFC8303BBFCAA5BD4DC42 25400 ----a-w- C:\WINDOWS\SysWOW64\authuitu.dll

2014-02-07 20:15:05 38718C4E864DC8F8E1DB0EF3B5566FA7 178800 ----a-w- C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-02-12 12:48:52 053472337FDD116BD010C88DB0C34DF1 4604416 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll

2014-02-12 12:48:51 389C4E97E3A498159B625A7A13EA4560 2397184 ----a-w- C:\WINDOWS\Sysnative\d3d10warp.dll

2014-02-12 12:48:49 AC7C39F7A866BF81103042244CE85827 2152448 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll

2014-02-12 12:48:48 BE94090FCBB95B6F22E952D27BD2610E 570880 ----a-w- C:\WINDOWS\Sysnative\msdrm.dll

2014-02-12 12:48:18 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\WINDOWS\Sysnative\ieetwcollectorres.dll

2014-02-12 12:48:18 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll

2014-02-12 12:48:17 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\WINDOWS\Sysnative\ieetwproxystub.dll

2014-02-12 12:48:16 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll

2014-02-12 12:48:16 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\WINDOWS\Sysnative\ieetwcollector.exe

2014-02-12 12:48:16 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll

2014-02-12 12:48:16 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb

2014-02-12 12:48:16 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll

2014-02-12 12:48:15 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll

2014-02-12 12:48:15 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl

2014-02-12 12:48:15 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe

2014-02-12 12:48:14 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll

2014-02-12 12:48:14 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll

2014-02-12 12:48:14 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll

2014-02-12 12:48:14 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll

2014-02-12 12:48:14 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\WINDOWS\Sysnative\ieUnatt.exe

2014-02-12 12:48:13 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

2014-02-12 12:48:13 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll

2014-02-12 12:48:13 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\WINDOWS\Sysnative\wininet.dll

2014-02-12 12:48:13 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\WINDOWS\Sysnative\msrating.dll

2014-02-12 12:48:06 D13EE1D0B33D2B19C048EFA53DD41A2B 1113040 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll

2014-02-12 12:48:06 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\WINDOWS\Sysnative\pcaui.exe

2014-02-12 12:48:06 570444FD34EE07261E22536122ECD720 7416832 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll

2014-02-12 12:48:06 22B4875CBDFA96BEF911F5A79FFA56EA 548864 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll

2014-02-12 12:48:05 5BD47B7C7DF76203FD639F2568A8C7B7 13209088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll

2014-02-12 12:48:03 A9154084EBC2A190943548AE4275A0E9 1105408 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll

2014-02-12 12:48:03 30D839DEBD6B0E89D13B9259C39B3FFA 1462216 ----a-w- C:\WINDOWS\Sysnative\propsys.dll

2014-02-12 12:48:03 2100B28C34C4FCE916A4A61F58E31198 9701 ----a-w- C:\WINDOWS\Sysnative\connectedsearch-results.searchconnector-ms

2014-02-12 12:47:49 F67102E9791A5B80070B30ADF1159A3C 4217344 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll

2014-02-12 12:47:48 F2629AF810E939672173CB17ECAC1667 919040 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll

2014-02-12 12:47:48 5C6F6CC5C1395A8B5864713CD3F7F329 720384 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll

2014-02-12 12:47:48 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe

2014-02-12 12:47:48 41BD327A7518C4102969FCEE8F3D5030 121344 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll

2014-02-12 12:47:48 1968E2E5143D2EB964F836BA19A51104 2804224 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll

2014-02-12 12:47:47 BBB9A31169B4969169ADE608231E2985 115712 ----a-w- C:\WINDOWS\Sysnative\winbici.dll

2014-02-10 17:10:23 581AB99644D82A5443EA28A46F3717DC 42808 ----a-w- C:\WINDOWS\Sysnative\uxtuneup.dll

2014-02-10 17:09:12 C0F02EE11D02202C2E759D354F466E30 29496 ----a-w- C:\WINDOWS\Sysnative\authuitu.dll

2014-02-10 17:09:12 7973D58239BA6D47438D78F5E8DBE3D0 40248 ----a-w- C:\WINDOWS\Sysnative\TURegOpt.exe

====== C:\WINDOWS\Sysnative\drivers =====

2014-02-11 21:39:21 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys

2014-02-07 19:39:21 9090485DB1A2A76D5F20893ED25C2BD8 283064 ----a-w- C:\WINDOWS\Sysnative\drivers\dtsoftbus01.sys

2014-02-05 16:27:54 3570E8B9016621C5BC8754B026DDB3B8 129944 ----a-w- C:\WINDOWS\Sysnative\drivers\scdemu.sys

====== C:\WINDOWS\Tasks ======

2014-02-06 20:05:58 EBACBCACED8235A3171270649EBC4FBE 400 ----a-w- C:\WINDOWS\Tasks\Re-markit_wd.job

2014-02-06 20:05:58 369408147134CB4C2FB03EEBD83FEB0E 2988 ----a-w- C:\WINDOWS\Sysnative\Tasks\Re-markit_wd

2014-02-05 05:58:42 6DDF065623D9EE2C73E9D35E84ACDEC0 3676 ----a-w- C:\WINDOWS\Sysnative\Tasks\HP-Online updateprogramma

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-02-11 20:59:30 -------- d-----w- C:\Program Files\trend micro

2014-02-05 05:44:00 -------- d-----w- C:\Program Files\WinRAR

2014-02-04 20:09:44 -------- d-----w- C:\Program Files\iPod

2014-02-04 20:09:43 -------- d-----w- C:\Program Files\iTunes

======= C:\PROGRA~2 =====

2014-02-10 17:07:43 -------- d-----w- C:\PROGRA~2\AVG

2014-02-07 20:01:51 -------- d-----w- C:\PROGRA~2\Electronic Arts

2014-02-07 19:38:54 -------- d-----w- C:\PROGRA~2\DAEMON Tools Pro Advanced

2014-02-06 20:05:57 -------- d-----w- C:\PROGRA~2\Re-markit

2014-02-05 16:37:47 -------- d-----w- C:\PROGRA~2\PowerISO

2014-02-04 20:09:43 -------- d-----w- C:\PROGRA~2\iTunes

2014-01-27 17:45:53 -------- d-----w- C:\PROGRA~2\EA Games

======= C: =====

2014-02-12 11:52:45 AB31EECD898080D88D80AB0B3D7C0F96 3496 ----a-w- C:\{25557C30-9E02-4576-81C6-774D9C66B87B}

2014-02-12 01:57:51 FEC2BB758B8F9E7865FEAFBBE6C6C674 2712 ----a-w- C:\{C597C181-12DE-4CD8-A1F6-EF5DBF864772}

2014-02-12 01:56:10 F5DB5627FEFCC7B5520502BE46AC74E3 3016 ----a-w- C:\{9DF275AE-FAB4-4289-9330-CBA3C5B38714}

2014-02-12 01:26:13 01D263794D1D4930FFC910C018AA81C6 2752 ----a-w- C:\{68C07214-0D15-492B-80DE-1FF267E512ED}

2014-02-12 01:23:07 23BDC7B7A85903644D2A1FF9F0DBB95C 3056 ----a-w- C:\{8CF3B53D-9901-4F72-B01A-DBA131FB549C}

2014-02-11 21:36:10 DFFD1537908900DF2A9BDDDD35FB847A 1864 ----a-w- C:\{AD1C8A74-B2C6-45AC-89EC-2E7DE8BF7A32}

2014-02-09 12:31:01 99A44F286AFC884A41754289BDAF597E 3288 ----a-w- C:\{D0AFFD1B-D807-47BA-BEC8-92D0F3717922}

====== C:\Users\mini__000\AppData\Roaming ======

2014-02-11 10:14:32 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG

2014-02-10 17:14:08 -------- d-----w- C:\Users\mini__000\AppData\Roaming\TuneUp Software

2014-02-08 02:54:03 -------- d-----w- C:\Users\mini__000\AppData\Roaming\Command & Conquer 3 Tiberium Wars

2014-02-07 20:11:51 -------- d--h--r- C:\Users\mini__000\AppData\Roaming\SecuROM

2014-02-07 19:38:59 -------- d-----w- C:\Users\mini__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro Advanced

2014-02-07 19:38:57 -------- d-----w- C:\Users\mini__000\AppData\Roaming\DAEMON Tools Pro

2014-02-07 18:00:19 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\CrashDumps

2014-02-07 17:55:13 -------- d-----w- C:\Users\mini__000\AppData\Local\DTClient

2014-02-07 17:54:06 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\DAEMON Tools Ultra

2014-02-07 17:52:15 -------- d-----w- C:\Users\mini__000\AppData\Roaming\DAEMON Tools Ultra

2014-02-05 16:30:27 -------- d-----w- C:\Users\mini__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-02-05 12:16:00 -------- d-----w- C:\Users\cynth_000\AppData\Roaming\AVG

2014-02-05 05:49:56 -------- d-----w- C:\Users\mini__000\AppData\Roaming\AVG

2014-02-05 05:44:48 -------- d-----w- C:\Users\mini__000\AppData\Roaming\WinRAR

2014-02-03 17:26:07 -------- d-----w- C:\Users\mini__000\AppData\Local\NPE

2014-02-01 18:34:39 -------- d-----w- C:\Users\mini__000\AppData\Roaming\Bioshock

2014-01-27 17:40:52 -------- d-----w- C:\Users\mini__000\AppData\Roaming\DAEMON Tools Lite

2014-01-27 17:39:13 -------- d-----w- C:\Users\mini__000\AppData\Local\Popajar

2014-01-26 16:01:51 -------- d-----w- C:\Users\mini__000\AppData\Roaming\PowerISO

2014-01-23 09:51:04 -------- d-----w- C:\Users\mini__000\AppData\Local\Intel_Corporation

2014-01-20 07:00:02 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps

====== C:\Users\mini__000 ======

2014-02-12 14:50:12 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Desktop\RSITx64.exe

2014-02-12 14:48:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (4).exe

2014-02-12 14:21:07 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (3).exe

2014-02-12 14:14:48 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (2).exe

2014-02-12 12:48:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\mini__000\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-11 22:07:59 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (1).exe

2014-02-11 21:28:17 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\mini__000\Downloads\adwcleaner.exe

2014-02-11 20:58:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64.exe

2014-02-10 17:08:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014

2014-02-09 13:38:12 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp

2014-02-09 12:32:19 -------- d-----w- C:\ProgramData\Steam

2014-02-07 19:38:54 -------- d-----w- C:\ProgramData\DAEMON Tools Pro

2014-02-07 17:48:04 -------- d-----w- C:\ProgramData\DAEMON Tools Ultra

2014-02-05 16:52:46 -------- d-----w- C:\ProgramData\PC1Data

2014-02-05 16:37:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

2014-02-05 16:30:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-02-05 05:47:23 -------- d-----w- C:\ProgramData\AVG

2014-02-05 05:47:12 -------- d--h--w- C:\ProgramData\Common Files

2014-02-04 20:10:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-02-04 20:09:43 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-29 16:57:06 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol

2014-01-28 15:48:17 -------- d-----w- C:\ProgramData\Age of Empires 3

2014-01-27 17:45:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-01-27 17:39:50 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

====== C: exe-files ==

2014-02-12 14:50:12 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Desktop\RSITx64.exe

2014-02-12 14:48:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (4).exe

2014-02-12 14:21:07 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (3).exe

2014-02-12 14:14:48 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (2).exe

2014-02-12 12:48:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\mini__000\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-12 12:48:18 2E032281A818BCD191E3DD92000A8EAE 806064 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-12 12:48:16 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-02-12 12:48:16 9FBB2F038A2DDCE696BDEE7080241C0C 808112 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-02-12 12:48:16 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-02-12 12:48:15 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-12 12:48:15 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-12 12:48:15 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-12 12:48:14 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-12 12:48:06 9A21A14A25A7BC3D0EC1ED56CC75B4B7 17408 ----a-w- C:\Windows\SysWOW64\pcaui.exe

2014-02-12 12:48:06 6F531F98B8601A9E7A93F8FEC393E2D1 18944 ----a-w- C:\Windows\System32\pcaui.exe

2014-02-12 12:47:48 F637B5A26013B3FFE9771EE7BF971C05 99680 ----a-w- C:\Windows\FileManager\FileManager.exe

2014-02-12 12:47:48 DA3EFBF93F45EC4E84001EF6F0C7708D 362040 ----a-w- C:\Windows\FileManager\PhotosApp.exe

2014-02-12 12:47:48 5A9895295C7C6174C73496BD06B2E288 870912 ----a-w- C:\Windows\System32\SkyDrive.exe

2014-02-12 12:47:48 16277D1B8961AFDC49F44D57611E864B 1375992 ----a-w- C:\Windows\Camera\Camera.exe

2014-02-11 22:07:59 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64 (1).exe

2014-02-11 21:56:42 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\mini__000\AppData\Local\Microsoft\Windows\INetCache\IE\U4N78WPL\adwcleaner (1).exe

2014-02-11 21:37:57 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\mini__000\AppData\Local\Microsoft\Windows\INetCache\IE\YLE3WHG3\mbam-setup-1.75.0.1300.exe

2014-02-11 21:28:17 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\mini__000\Downloads\adwcleaner.exe

2014-02-11 20:59:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\mini__000.exe

2014-02-11 20:58:03 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\Downloads\RSITx64.exe

2014-02-11 20:57:04 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\mini__000\AppData\Local\Microsoft\Windows\INetCache\IE\YQQ84FWH\RSITx64.exe

2014-02-10 20:29:19 3A40A233ABCB85818F84432303FCD35F 262144 ----a-w- C:\Users\mini__000\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\U2E9UN03\mbam-setup-1.75.0.1300[1].exe

2014-02-10 17:13:22 1D54FF915F3AB4857A70DA337BB942D6 229176 ----a-w- C:\Program Files (x86)\AVG\AVG PC TuneUp\UpdateWizard.exe

2014-02-10 17:13:22 1808E226AEF144331A66076B67FA8329 169784 ----a-w- C:\Program Files (x86)\AVG\AVG PC TuneUp\RegWiz.exe

2014-02-10 17:09:58 E5E10C8DA7CA857EB2F4730C32523329 2133304 ----a-w- C:\Users\mini__000\AppData\Local\Temp\UpdateWizard_25558\SilentUpdater.exe

2014-02-10 17:09:12 7973D58239BA6D47438D78F5E8DBE3D0 40248 ----a-w- C:\Windows\System32\TURegOpt.exe

2014-02-10 17:05:29 1D54FF915F3AB4857A70DA337BB942D6 229176 ----a-w- C:\Users\mini__000\AppData\Local\Temp\Rar$EXa0.710\AVG PC Tuneup 2014 14.0.1001.204 Final incl Crack [ThumperDC]\Crack\UpdateWizard.exe

2014-02-10 17:05:29 1808E226AEF144331A66076B67FA8329 169784 ----a-w- C:\Users\mini__000\AppData\Local\Temp\Rar$EXa0.710\AVG PC Tuneup 2014 14.0.1001.204 Final incl Crack [ThumperDC]\Crack\RegWiz.exe

2014-02-07 19:39:21 BD217B63289396563D8E1CE82E20C405 52032 ----a-w- C:\Program Files (x86)\DAEMON Tools Pro Advanced\dtsoftbusinst64.exe

2014-02-07 19:38:54 2B2FBA7D4A2D1759B8CB2D907860EE58 77184 ----a-w- C:\Program Files (x86)\DAEMON Tools Pro Advanced\Uninstall.exe

2014-02-07 19:30:02 35DA11422170E4BAB373802755F1E37D 621568 ----a-w- C:\Users\mini__000\Downloads\SOFTWARE\DAEMON.Tools.Pro.Advanced.v5.4.0.0377-ADMIN@CRACK\SPTD\SPTDinst-x64.exe

2014-02-07 19:30:01 15BE2F528B778FEB305D8114C7512298 522752 ----a-w- C:\Users\mini__000\Downloads\SOFTWARE\DAEMON.Tools.Pro.Advanced.v5.4.0.0377-ADMIN@CRACK\SPTD\SPTDinst-x86.exe

2014-02-07 19:30:00 0EA54B6506ECB5CC33D6DA1E9B663795 9074139 ----a-w- C:\Users\mini__000\Downloads\SOFTWARE\DAEMON.Tools.Pro.Advanced.v5.4.0.0377-ADMIN@CRACK\Setup\do.NOT.run.me.exe

2014-02-07 16:14:14 42A82AA646AC77F12F0CCDEA5FCD51FA 276520960 ----a-w- C:\Users\mini__000\Downloads\GAMES\Command and Conquer 3 Tiberium War Kane Edition\Patch 1.09+Crack\CNC3_patch109_english.exe

=== C: other files ==

2014-02-13 20:47:16 6B99AEE16A0867D4301D5BA16DE27956 6222447 ----a-w- C:\Users\Public\Desktop\sample_13-02-2014_2147.zip

2014-02-11 21:39:21 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-10 17:26:53 17002591D5F07BA3C29CA116A27E72D7 809 ----a-w- C:\Users\mini__000\AppData\Local\Temp\pctskb4.vbs

2014-02-10 17:09:55 28A9E4EA1D45B30A9080BA0BD63A5ECB 7709008 ----a-w- C:\Users\mini__000\AppData\Local\Temp\UpdateWizard_25558\package_14.0.1001.204_to_14.0.1001.295.zip

2014-02-07 19:39:21 9090485DB1A2A76D5F20893ED25C2BD8 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2014-02-07 19:39:21 9090485DB1A2A76D5F20893ED25C2BD8 283064 ----a-w- C:\Program Files (x86)\DAEMON Tools Pro Advanced\dtsoftbus01.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1804440243-3702103313-2254850248-1006\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

"AcronisTibMounterMonitor"="C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe -autorun"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" C:\\Windows\\system32\\nvinitx.dll "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\ProgramData\HP Photo Creations\Communicator.exe [27-09-2013 08:21]

C:\WINDOWS\tasks\Re-markit_wd.job --a-------- C:\Program Files (x86)\Re-markit\Re-markit_wd.exe []

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe]

"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\Dolby Selector" [C:\Dolby PCEE4\pcee4.exe]

"C:\WINDOWS\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]

"C:\WINDOWS\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe]

"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 6520 series" ["C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe"]

"C:\WINDOWS\SysNative\tasks\iuBrowserIEAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"]

"C:\WINDOWS\SysNative\tasks\iuEmailOutlookAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"]

"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe"]

"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"]

"C:\WINDOWS\SysNative\tasks\Re-markit_wd" [C:\Program Files (x86)\Re-markit\Re-markit_wd.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1E0040DF-3E88-464F-A263-49A3D11359C5}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{7776A57A-2A81-4E1D-81FF-5DD34795F337}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn" [13-02-2014 21:23]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[30-01-2014 18:24]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0C8A7311-7B39-457B-A00C-C90882CE88DC}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{0C8A7311-7B39-457B-A00C-C90882CE88DC} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{B1012A5D-972E-4E68-9A63-5D350FCA5B36} FindWide Url="{searchTerms - Search Results}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1804440243-3702103313-2254850248-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0C8A7311-7B39-457B-A00C-C90882CE88DC} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\99f9845a-a5c5-473e-9e43-11fe77e161ae deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun

O4 - HKLM\..\Policies\Explorer\Run: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Re-markit - Unknown owner - C:\Program Files (x86)\Re-markit\Re-markit153.exe (file missing)

O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\cynth_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\cynth_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\mini__000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\mini__000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=328 folders=43 27017587 bytes)

==== Empty Temp Folders ======================

C:\Users\cynth_000\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\mini__000\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\MINI__~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Re-markit" not found

==== EOF on do 13-02-2014 at 21:54:59,50 ======================

Boetn · 13 februari 2014

Ik denk dat het probleem opgelost is ,ik heb momenteel geen last meer van reclame :adore::adore: Bedankt !!!!!

Wel moet ik zeggen: na de scan wou ik het logje posten maar ik geraakte niet op het internet. ik zat namelijk op een proxy server:hmmmm:, maar dit was geen probleem want hier ben ik dan toch geraakt .

Kan ik ook weten wat het probleem nu precies was of is dit moeilijk om uit te leggen via mail?

kweezie wabbit · 14 februari 2014

Het was een besmetting die zich in je browser had genesteld en die is nu verwijderd, samen met nog wat potentieel gevaarlijke dingen.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Start Zoek.exe nogmaals met het onderstaande script.

Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\WINDOWS\Tasks\Re-markit_wd.job;f
C:\WINDOWS\Sysnative\Tasks\Re-markit_wd;f
C:\{25557C30-9E02-4576-81C6-774D9C66B87B};f
C:\{C597C181-12DE-4CD8-A1F6-EF5DBF864772};f
C:\{9DF275AE-FAB4-4289-9330-CBA3C5B38714};f
C:\{68C07214-0D15-492B-80DE-1FF267E512ED};f
C:\{8CF3B53D-9901-4F72-B01A-DBA131FB549C};f
C:\{AD1C8A74-B2C6-45AC-89EC-2E7DE8BF7A32};f
C:\{D0AFFD1B-D807-47BA-BEC8-92D0F3717922};f
filesrcm;
resetIEproxy;
resethosts;
autoclean;

Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

Boetn · 14 februari 2014

bij deze

Zoek.exe v5.0.0.0 Updated 13-February-2014

Tool run by mini__000 on vr 14-02-2014 at 21:01:36,45.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\mini__000\Downloads\zoek (1).exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-13-205459.log 56009 bytes

==== Reset Hosts File ======================

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\WINDOWS\Tasks\Re-markit_wd.job" deleted

"C:\WINDOWS\Sysnative\Tasks\Re-markit_wd" deleted

"C:\{25557C30-9E02-4576-81C6-774D9C66B87B}" deleted

"C:\{C597C181-12DE-4CD8-A1F6-EF5DBF864772}" deleted

"C:\{9DF275AE-FAB4-4289-9330-CBA3C5B38714}" deleted

"C:\{68C07214-0D15-492B-80DE-1FF267E512ED}" deleted

"C:\{8CF3B53D-9901-4F72-B01A-DBA131FB549C}" deleted

"C:\{AD1C8A74-B2C6-45AC-89EC-2E7DE8BF7A32}" deleted

"C:\{D0AFFD1B-D807-47BA-BEC8-92D0F3717922}" deleted