Ga naar inhoud

pc blijft bij veel websites redirecten naar andere websites

Fresonis
 Delen

Aanbevolen berichten

Fresonis Enthousiasteling

Fresonis

Geplaatst:
Geplaatst:

Hallo,

 

Als ik websites bezoek worden deze de laatste tijd bijna allemaal redirected naar een andere vage website. Soms is het een goksite, dan weer iets met veiligheid van mijn pc, dan is het porno, ga zo maar door. Ik kan hierdoor bijna niet meer normaal surfen op het internet vanwege dat veel websites worden doorgestuurd naar deze vage websites. Ik heb CCleaner, Malwarebytes en Hitmanpro gebruikt, maar nog steeds heb ik het probleem. Ook al verschillende mappen verwijderd met vage namen, zoals JoonieCoeUpon, iets met Fun2 etc. Ik heb een rsit logje gemaakt, hieronder het resultaat. Hopelijk kunnen jullie mij helpen.

 

log.txt

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Giliam at 2015-03-14 17:35:58
Microsoft Windows 8.1 
System drive C: has 34 GB (14%) free of 244 GB
Total RAM: 16267 MB (88% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:03, on 14-3-2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Logitech\G-Series Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Giliam\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Giliam.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\i-Tunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Giliam\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: bw+0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw+0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw-0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw-0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw00 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw00s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw10 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw10s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw20 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw20s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw30 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw30s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw40 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw40s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw50 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw50s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw60 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw60s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw70 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw70s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw80 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw80s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw90 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bw90s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwa0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwa0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwb0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwb0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwc0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwc0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwd0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwd0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwe0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwe0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwf0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwf0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwg0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwg0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwh0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwh0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwi0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwi0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwj0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwj0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwk0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwk0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwl0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwl0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwm0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwm0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwn0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwn0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwo0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwo0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwp0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwp0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwq0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwq0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwr0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwr0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bws0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bws0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwt0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwt0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwu0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwu0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwv0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwv0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bww0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bww0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwx0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwx0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwy0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwy0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwz0 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: bwz0s - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Protocol: offline-8876480 - {743F55B9-2590-470E-AA82-36537FAED85B} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 16355 bytes
 
======Listing Processes======
 
 
 
 
 
wininit.exe
 
winlogon.exe
 
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Classic Shell\ClassicShellService.exe"
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -startup
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
taskhostex.exe 
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {f16a36d3-c904-44b9-84a1216a472d6e2e}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
 
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe 
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 71be5e7c-9002-4b7f-9682-9277725d61e8 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
 
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 95431CD2-D287-69B9-F179-4A9A578B2A81 -Reinvoke
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\G-Series Software\LGDCore.exe" /SHOWHIDE
"C:\Program Files\Logitech\G-Series Software\LCDMon.exe" 
"C:\Program Files\Logitech\G-Series Software\Applets\LCDClock.exe"
"C:\Program Files\Logitech\G-Series Software\Applets\LCDMedia.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
KHALMNPR.EXE /API
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Giliam\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Giliam\AppData\Local\Steam\htmlcache" -steampid 5052 -buildid 1424305157 -steamid "0"  --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3696.0.998083477\981381727" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40,48 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4709 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Enabled/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_41/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ConditionalRembSuppression/Control/WebRTC-NewVideoAPI/Default/WebRTC-ScreencastTargetBitrateOvershoot/Default/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3696 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3696.2.228282666\1687691255" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Enabled/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/Default/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_41/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ConditionalRembSuppression/Control/WebRTC-NewVideoAPI/Default/WebRTC-ScreencastTargetBitrateOvershoot/Default/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3696 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3696.6.645487021\405540230" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Control/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/None/MaterialDesignNTP/Enabled/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_HUPDecayDisabled/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/Default/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_41/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/default/VoiceTrigger/Install/WebRTC-ConditionalRembSuppression/Control/WebRTC-NewVideoAPI/Default/WebRTC-ScreencastTargetBitrateOvershoot/Default/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3696 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3696.9.1651061391\691224602" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584 
 
"C:\Users\Giliam\Downloads\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
======Scheduled tasks folder======
 
C:\WINDOWS\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe  
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-07 13191312]
"Launch LGDCore"=C:\Program Files\Logitech\G-Series Software\LGDCore.exe [2005-11-02 1594880]
"Launch LCDMon"=C:\Program Files\Logitech\G-Series Software\LCDMon.exe [2005-11-02 283648]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-02-19 2874048]
"BitTorrent"=C:\Users\Giliam\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-03-04 1744472]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=E:\i-Tunes\iTunesHelper.exe [2013-05-31 152392]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2015-03-14 17:35:58 ----D---- C:\rsit
2015-03-14 17:35:58 ----D---- C:\Program Files\trend micro
2015-03-14 17:26:00 ----A---- C:\WINDOWS\system32\drivers\hitmanpro37.sys
2015-03-14 17:25:33 ----D---- C:\Program Files\HitmanPro
2015-03-14 17:02:05 ----D---- C:\ProgramData\HitmanPro
2015-03-11 08:04:56 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-03-11 08:04:56 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-03-11 08:04:49 ----A---- C:\WINDOWS\system32\win32k.sys
2015-03-11 08:04:48 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-03-11 08:04:48 ----A---- C:\WINDOWS\system32\schannel.dll
2015-03-11 08:04:47 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-03-11 08:04:47 ----A---- C:\WINDOWS\system32\calc.exe
2015-03-11 08:04:44 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-03-11 08:04:44 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-03-11 08:04:43 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-03-11 08:04:42 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-03-11 08:04:42 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-03-11 08:04:16 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-03-11 08:04:16 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-03-11 08:04:16 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-03-11 08:04:16 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-03-11 08:04:15 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-03-11 08:04:15 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-03-11 08:04:04 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 08:04:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-03-11 08:04:03 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-03-11 08:04:02 ----A---- C:\WINDOWS\system32\localspl.dll
2015-03-11 08:04:01 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-03-11 08:04:00 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-03-11 08:04:00 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 08:03:59 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-03-11 08:03:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-03-11 08:03:59 ----A---- C:\WINDOWS\system32\authui.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-03-11 08:03:58 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 08:03:57 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-03-11 08:03:57 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-03-11 08:03:57 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-03-11 08:03:57 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-03-11 08:03:57 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-03-11 08:03:57 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 08:03:57 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-03-11 08:03:56 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-03-11 08:03:56 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-03-11 08:03:56 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-03-11 08:03:56 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-03-11 08:03:56 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 08:03:55 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-03-11 08:03:55 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-03-11 08:03:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-03-11 08:03:55 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-03-11 08:03:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-03-11 08:03:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-03-11 08:03:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-03-11 08:03:53 ----A---- C:\WINDOWS\system32\wininet.dll
2015-03-11 08:03:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-03-11 08:03:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\jscript.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-03-11 08:03:52 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-03-11 08:03:50 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-03-11 08:03:50 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 08:03:50 ----A---- C:\WINDOWS\system32\shell32.dll
2015-03-11 08:03:50 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 08:03:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-03-11 08:03:49 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-03-11 08:03:49 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 08:03:48 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-03-11 08:03:48 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-03-11 08:03:48 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-03-11 08:03:48 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 08:03:48 ----A---- C:\WINDOWS\system32\msctf.dll
2015-03-11 08:03:48 ----A---- C:\WINDOWS\explorer.exe
 
======List of files/folders modified in the last 1 month======
 
2015-03-14 17:35:58 ----RD---- C:\Program Files
2015-03-14 17:35:35 ----D---- C:\WINDOWS\Prefetch
2015-03-14 17:34:35 ----RD---- C:\WINDOWS\System32
2015-03-14 17:34:35 ----D---- C:\WINDOWS\Inf
2015-03-14 17:34:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-14 17:34:12 ----D---- C:\Users\Giliam\AppData\Roaming\BitTorrent
2015-03-14 17:29:03 ----D---- C:\WINDOWS\Temp
2015-03-14 17:28:17 ----D---- C:\Users\Giliam\AppData\Roaming\Skype
2015-03-14 17:28:12 ----D---- C:\Program Files (x86)\Steam
2015-03-14 17:27:56 ----D---- C:\Windows
2015-03-14 17:27:56 ----D---- C:\ProgramData\NVIDIA
2015-03-14 17:27:16 ----D---- C:\ProgramData\{dbf8ceea-4b40-e70a-dbf8-8ceea4b43ba9}
2015-03-14 17:26:00 ----D---- C:\WINDOWS\system32\drivers
2015-03-14 17:23:49 ----D---- C:\WINDOWS\Logs
2015-03-14 17:23:49 ----D---- C:\WINDOWS\debug
2015-03-14 17:22:32 ----RD---- C:\Program Files (x86)
2015-03-14 17:18:29 ----D---- C:\WINDOWS\system32\NDF
2015-03-14 17:04:37 ----SHD---- C:\System Volume Information
2015-03-14 17:02:05 ----HD---- C:\ProgramData
2015-03-14 17:00:00 ----D---- C:\WINDOWS\system32\sru
2015-03-14 16:54:53 ----D---- C:\Program Files\CCleaner
2015-03-14 16:54:33 ----D---- C:\WINDOWS\tracing
2015-03-14 16:43:40 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-14 14:00:14 ----D---- C:\WINDOWS\AppReadiness
2015-03-14 13:59:35 ----HD---- C:\Program Files\WindowsApps
2015-03-13 08:16:30 ----D---- C:\WINDOWS\system32\config
2015-03-13 08:14:38 ----D---- C:\WINDOWS\rescache
2015-03-12 08:38:53 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-12 08:38:44 ----D---- C:\WINDOWS\WinSxS
2015-03-11 19:39:40 ----D---- C:\WINDOWS\Microsoft.NET
2015-03-11 08:27:27 ----RD---- C:\WINDOWS\ToastData
2015-03-11 08:27:27 ----D---- C:\WINDOWS\SysWOW64
2015-03-11 08:27:27 ----D---- C:\Program Files\Internet Explorer
2015-03-11 08:27:27 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 08:27:26 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2015-03-11 08:27:26 ----D---- C:\WINDOWS\system32\nl-NL
2015-03-11 08:27:26 ----D---- C:\Program Files\Windows Defender
2015-03-11 08:27:26 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-11 08:27:25 ----D---- C:\WINDOWS\WinStore
2015-03-11 08:20:51 ----D---- C:\WINDOWS\CbsTemp
2015-03-11 08:20:02 ----D---- C:\WINDOWS\system32\MRT
2015-03-11 08:17:40 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-08 13:46:15 ----D---- C:\ProgramData\Origin
2015-03-07 15:10:38 ----SHD---- C:\WINDOWS\Installer
2015-03-07 15:10:38 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-03-07 15:08:32 ----RSD---- C:\WINDOWS\assembly
2015-03-07 15:06:04 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-07 15:03:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-05 20:08:12 ----D---- C:\ProgramData\6010903001406704663
2015-03-04 22:24:42 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-03-03 14:17:35 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-02-28 12:43:18 ----D---- C:\Program Files (x86)\Origin
2015-02-27 08:01:27 ----D---- C:\ProgramData\Skype
2015-02-27 08:01:26 ----RD---- C:\Program Files (x86)\Skype
2015-02-22 13:44:06 ----D---- C:\GOG Games
2015-02-20 08:21:26 ----D---- C:\WINDOWS\system32\catroot2
2015-02-19 17:27:08 ----D---- C:\WINDOWS\SoftwareDistribution
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 asahci64;asahci64; C:\WINDOWS\System32\drivers\asahci64.sys [2012-07-18 49048]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-15 283064]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [2015-03-14 43664]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-01-08 3775928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-07 4102928]
R3 IntcDAud;@oem71.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-10-03 454416]
R3 iwdbus;@oem69.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-11-04 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 LHidFilt;@oem12.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;@oem12.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2013-07-07 32344]
R3 MEIx64;@oem23.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 NVHDA;@oem75.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;@oem72.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
S3 dg_ssudbus;@oem42.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem68.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-11-04 38296]
S3 ssudmdm;@oem40.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
S3 WinUsb;@oem41.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClassicShellService;Classic Shell Service; C:\Program Files\Classic Shell\ClassicShellService.exe [2013-06-29 68608]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-03-14 127752]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-01-08 319080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-12-13 935240]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel® Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-01-08 280680]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 116648]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-28 1910640]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
 
-----------------EOF-----------------
Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
{08B0E5C0-4FCB-11CF-AAA5-00401C608501};c
{743F55B9-2590-470E-AA82-36537FAED85B};c
C:\WINDOWS\tasks\AutoKMS.job;f
C:\Windows\AutoKMS;fs
C:\ProgramData\{dbf8ceea-4b40-e70a-dbf8-8ceea4b43ba9};fs
C:\ProgramData\6010903001406704663;fs
CHRdefaults;
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites
Fresonis Enthousiasteling

Fresonis

Geplaatst:
  • Auteur
Geplaatst:

Hallo Kape,

 

Het bericht wat jij hier op het forum laat zien is een ander bericht dan dat ik in mijn mail heb gekregen van het forum. Nu vraag ik mij af welke actie ik moet uitvoeren.

Moet ik het script in jouw bericht hierboven uitvoeren samen met de genoemde opties, of moet ik het script uitvoeren die in mijn mail (zie bijlage) staat met bijbehorende aangevinkte opties?

 

Zodra ik weet welke ik moet doen, zal ik dit doen en het logje hier vermelden. 

 

Alvast bedankt voor de hulp!

 

post-12244-0-05018200-1426427597_thumb.j

Link naar reactie
Delen op andere sites
Fresonis Enthousiasteling

Fresonis

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Hallo,

 

Ik zie nu ook dat vaak voor iedere redirect, krijg ik youradexchange.com (met nog wat tekst erachter) in mijn webbalk voordat de website doorschakelt naar een vage website/advertentie.

Op internet gezocht hoe dit te verwijderen, maar nog geen succes gehad. 

Tevens vandaag 2 keer blauwscherm gekregen.

 

1maal met: DPC Watchdogs Violation 

1maal met: Kernel Security Check Failure

 

Beide keren werd de pc uitgeschakeld en opnieuw opgestart. Zeer frustrerend allemaal.
 

aangepast door Fresonis
Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Hallo Kape,

 

Het bericht wat jij hier op het forum laat zien is een ander bericht dan dat ik in mijn mail heb gekregen van het forum. Nu vraag ik mij af welke actie ik moet uitvoeren.

Moet ik het script in jouw bericht hierboven uitvoeren samen met de genoemde opties, of moet ik het script uitvoeren die in mijn mail (zie bijlage) staat met bijbehorende aangevinkte opties?

 

Zodra ik weet welke ik moet doen, zal ik dit doen en het logje hier vermelden. 

 

Alvast bedankt voor de hulp!

 

attachicon.gifmail pc helpforum.jpg

Je moet de instructies in het bericht hierboven uitvoeren en NIET deze van de mail.

 

De redirects worden opgelost door de malwareopruiming van Kape.

 

 

Voor de blauwe schermen mag je het volgende doen.

 

Download en installeer Blue screen view.

Start Blue Screen View op. 

Je zal nu een overzicht krijgen van de laatste foutmeldingen en Minidumps (.dmp-bestand). 

Selecteer het eerste bestand uit de lijst onder Dump File en druk op Ctrl+A 

Klik vervolgens op File (Bestand) en daarna op Save Selected Items (geselecteerde items opslaan) (Ctrl+S) 

Sla het bestand op je bureaublad op. 

Voeg nu het bestand als bijlage toe aan je volgend bericht.

Link naar reactie
Delen op andere sites
Fresonis Enthousiasteling

Fresonis

Geplaatst:
  • Auteur
Geplaatst:

Hallo Kape en Kweezie,

 

Ik heb Zoek.exe gedaan met bovenstaande script. Het resultaat staat in de bijlage.

 

zoek-results.log

 

Blue screen view heb ik ook geinstalleerd en geopend, maar ik krijg daar geen meldingen in beeld staan of bestanden. Het blijft leeg.

Onder advanced options staat de eerste optie aangevinkt.

 

Doe ik iets verkeerd met dat blue screen view of vergeet ik iets te doen?

 

Ik hoop dat jullie me verder kunnen helpen en dat jullie wat hebben een het zoek.logje

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Ga naar configuratiescherm - systeem en beveiliging - systeem en klik in de linkerkolom op geavanceerde systeeminstellingen.
Open de tab geavanceerd en klik bij opstart en herstelinstellingen op de knop instellingen.

Controleer dan of de instellingen staan zoals hieronder.

Onderaan bij systeemfouten moet je automatisch opnieuw opstarten uitvinken.
Bij foutopsporingsgegevens registreren selecteer je kleine geheugendump (128 kB)

of kleine geheugendump (256 kB)
Bestaand bestand overschrijven moet je uitvinken.

post-344-0-71266300-1426828039.jpg
 
Bevestig met OK en nogmaals OK.
Sluit het configuratiescherm.

 

 

Download adwcleaner.png AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).
 

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Voeg dit logje toe aan je volgend bericht.
Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.