epe1987
-
Items
16 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door epe1987
-
-
hallo, had een laptop gekregen werkte prima,maar is op gegeven moment ermee gestopt,
heb toen windows xp professional opnieuw geinstalleerd , dit ging goed maar heb nu geen internet mee.
en in apparaatbeheer is leeg. merk is: emachines
-
Opgelost bedankt voor de hulp!!
-
Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by beheerder on do 19-09-2013 at 7:38:47,66.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Media\Documents\zoek\zoek.exe [script inserted]
==== System Restore Info ======================
19-9-2013 07:40:09 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311551178} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\desksvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FromDocToPDF_65Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"FromDocToPDF Search Scope Monitor"=-
"FromDocToPDF_65 Browser Plugin Loader"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Desk 365"=-
==== Deleting Files \ Folders ======================
"C:\Users\Media\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk" deleted
"C:\windows\tasks\Plus-HD-2.2-codedownloader.job" deleted
"C:\windows\tasks\Plus-HD-2.2-enabler.job" deleted
"C:\windows\tasks\Plus-HD-2.2-firefoxinstaller.job" deleted
"C:\windows\tasks\Plus-HD-2.2-updater.job" deleted
"C:\windows\SysNative\tasks\Plus-HD-2.2-codedownloader" deleted
"C:\windows\SysNative\tasks\Plus-HD-2.2-enabler" deleted
"C:\windows\SysNative\tasks\Plus-HD-2.2-firefoxinstaller" deleted
"C:\windows\SysNative\tasks\Plus-HD-2.2-updater" deleted
"C:\windows\tasks\Torntv 2-codedownloader.job" deleted
"C:\windows\tasks\Torntv 2-enabler.job" deleted
"C:\windows\tasks\Torntv 2-updater.job" deleted
"C:\windows\SysNative\tasks\Torntv 2-codedownloader" deleted
"C:\windows\SysNative\tasks\Torntv 2-enabler" deleted
"C:\windows\SysNative\tasks\Torntv 2-updater" deleted
"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted
"C:\Program Files (x86)\Desk 365\desk365.exe" deleted
"C:\Program Files (x86)\Desk 365\ebase.dll" deleted
"C:\Program Files (x86)\Desk 365\edeskcmn.dll" deleted
"C:\Program Files (x86)\Desk 365\edis64.dll" deleted
"C:\Program Files (x86)\Desk 365\ElexDbg.dll" deleted
"C:\Program Files (x86)\Desk 365\enotify.dll" deleted
"C:\Program Files (x86)\Desk 365\libpng.dll" deleted
"C:\Program Files (x86)\Desk 365\libpopdlg.dll" deleted
"C:\Program Files (x86)\Desk 365\mbdet.dll" deleted
"C:\Program Files (x86)\Desk 365\ouilibnl.dll" deleted
"C:\Program Files (x86)\Desk 365\desk365.exe" deleted
"C:\Program Files (x86)\Desk 365\ebase.dll" deleted
"C:\Program Files (x86)\Desk 365\edeskcmn.dll" deleted
"C:\Program Files (x86)\Desk 365\edis64.dll" deleted
"C:\Program Files (x86)\Desk 365\ElexDbg.dll" deleted
"C:\Program Files (x86)\Desk 365\enotify.dll" deleted
"C:\Program Files (x86)\Desk 365\libpng.dll" deleted
"C:\Program Files (x86)\Desk 365\libpopdlg.dll" deleted
"C:\Program Files (x86)\Desk 365\mbdet.dll" deleted
"C:\Program Files (x86)\Desk 365\ouilibnl.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brstub.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65hkstub.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65reghk.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrchMn.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\Hpg64.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\T8RES.DLL" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brstub.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65hkstub.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65reghk.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrchMn.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\Hpg64.dll" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\T8RES.DLL" deleted
"C:\Program Files (x86)\Desk 365" not deleted
"C:\program files (x86)\Torntv 2" deleted
"C:\Program Files (x86)\FromDocToPDF_65" not deleted
"C:\Program Files (x86)\WebCake" deleted
"C:\Users\Media\AppData\Roaming\WebCake" deleted
"C:\ProgramData\eSafe" deleted
"C:\Program Files (x86)\Torntv 2" deleted
"C:\Program Files (x86)\TornTV.com" deleted
"C:\Program Files (x86)\SopCast" deleted
"C:\Program Files (x86)\Common Files\337" deleted
"C:\Program Files (x86)\Desk 365" not deleted
"C:\Program Files (x86)\WebCake" deleted
"C:\Program Files (x86)\Plus-HD-2.2" deleted
"C:\Program Files (x86)\FromDocToPDF_65" not deleted
"C:\Users\Media\AppData\Roaming\Desk 365" deleted
"C:\Users\Media\AppData\Roaming\eIntaller" deleted
"C:\Users\Media\AppData\Roaming\WebCake" deleted
"C:\ProgramData\eSafe" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365" deleted
"C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted
"C:\Users\Media\AppData\LocalLow\FromDocToPDF_65" deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar" not deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin" not deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar" not deleted
"C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin" not deleted
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\Media\AppData\Local\Temp ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2013-09-15 14:51:05 0AC4D04D2D127CAE2BE09FBA48D19639 2273792 ----a-w- C:\windows\SysWOW64\msftedit.dll
2013-09-15 14:51:04 4F2214EB1269A6B906E2402883E0A658 551424 ----a-w- C:\windows\SysWOW64\oleaut32.dll
2013-09-15 14:50:58 3631AE3089DE4FAA50D3BD62E370299E 385768 ----a-w- C:\windows\SysWOW64\WerFault.exe
2013-09-15 14:50:58 0E38A984BE8C1F4A095B4A4E8BA1EB23 125440 ----a-w- C:\windows\SysWOW64\winmm.dll
2013-09-15 14:50:57 DF790AE26A476DAA05210BA571B45AAC 160256 ----a-w- C:\windows\SysWOW64\winmmbase.dll
2013-09-15 14:50:57 DB51E3BB92AAE9608CB4AC08A9E263B1 1022464 ----a-w- C:\windows\SysWOW64\gdi32.dll
2013-09-15 14:50:57 A179B0FB8241BC7FEF62E0AA5F315F9B 702464 ----a-w- C:\windows\SysWOW64\nshwfp.dll
2013-09-15 14:50:57 34076BB22B3975BDA4D98E1A0F03F199 268800 ----a-w- C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-15 14:50:57 1C51CD68DB8C774E4C69CD628CFC4C80 245248 ----a-w- C:\windows\SysWOW64\FWPUCLNT.DLL
2013-09-15 14:50:56 68451FE440B77BD6447E8AF1D21FD62B 245760 ----a-w- C:\windows\SysWOW64\LocationApi.dll
2013-09-15 14:50:56 499403FAB514EF7C468F1E9157F8F7BA 67072 ----a-w- C:\windows\SysWOW64\openfiles.exe
2013-09-15 14:50:56 1342E8DE249F4049536F38F8D473CE26 154112 ----a-w- C:\windows\SysWOW64\WinSCard.dll
2013-09-14 09:06:52 DA150FBA450DB268C3DD1D389DF261EB 562688 ----a-w- C:\windows\SysWOW64\WSShared.dll
2013-09-14 09:06:51 4A4A793059187D8C85797F0FB8D9E48C 91648 ----a-w- C:\windows\SysWOW64\sppc.dll
2013-09-14 09:06:50 B4C5FC67D38883F84BE232F521D80261 628736 ----a-w- C:\windows\SysWOW64\wuapi.dll
2013-09-14 09:06:49 68309D440373633C54CCD61FFAB4948C 143872 ----a-w- C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-14 09:06:48 810B2358688A62CD67F0FBC699628D48 159232 ----a-w- C:\windows\SysWOW64\WSSync.dll
2013-09-14 09:06:47 FAC41DA4259549C5468AFC1FA53CED3A 35328 ----a-w- C:\windows\SysWOW64\wuapp.exe
2013-09-14 09:06:47 EC598115895C5E2BFCC3EC6D1DD5E1E2 167424 ----a-w- C:\windows\SysWOW64\WSClient.dll
2013-09-14 09:06:47 B607284B548E9749B7DFE21F0B0EE376 20992 ----a-w- C:\windows\SysWOW64\wups.dll
2013-09-14 09:06:47 77C93B12A1ACB58FD06DFEE17856B65B 126976 ----a-w- C:\windows\SysWOW64\wuwebv.dll
2013-09-14 09:06:47 44596FBFDD963FA0F7F7F96EFA6E3008 84992 ----a-w- C:\windows\SysWOW64\wudriver.dll
2013-09-14 09:06:45 B7267F83DE710AF993A15380C1F33239 83968 ----a-w- C:\windows\SysWOW64\OEMLicense.dll
2013-09-14 09:06:45 62FB9CC2F6E0EF8015EA06ECFD746154 76800 ----a-w- C:\windows\SysWOW64\setupcln.dll
2013-09-14 09:06:05 5FE24CECBD39A12E0BDDE3931FA5478B 14332928 ----a-w- C:\windows\SysWOW64\mshtml.dll
2013-09-14 09:05:56 B7D15FC840EB5A401A9A2D15A4BA1A94 1141248 ----a-w- C:\windows\SysWOW64\urlmon.dll
2013-09-14 09:05:56 A1BBF4D3F0F8164CF9A8B46B428100C6 13761024 ----a-w- C:\windows\SysWOW64\ieframe.dll
2013-09-14 09:05:56 76A981040FC0C9BA0C6EDC91BE99C3E4 2876928 ----a-w- C:\windows\SysWOW64\jscript9.dll
2013-09-14 09:05:55 F73CE26EFC7AE039A8534722395CE9A7 1767936 ----a-w- C:\windows\SysWOW64\wininet.dll
2013-09-14 09:05:55 F21025151AA06B25DC6FCE169560F4E4 493056 ----a-w- C:\windows\SysWOW64\msfeeds.dll
2013-09-14 09:05:55 E6BEEF5265329CBB3DDF95CE89F08580 39936 ----a-w- C:\windows\SysWOW64\jsproxy.dll
2013-09-14 09:05:55 B2F431895A7F787466EFEAB87C5F014F 33280 ----a-w- C:\windows\SysWOW64\iernonce.dll
2013-09-14 09:05:55 907EFFBAD00EF8FAF0347AF63F895FFE 109056 ----a-w- C:\windows\SysWOW64\iesysprep.dll
2013-09-14 09:05:55 7AC3F683EE68A588A26BDBBA1CC296B2 2048000 ----a-w- C:\windows\SysWOW64\iertutil.dll
2013-09-14 09:05:55 210074573A7E60E425A8E4667B55FA7C 44032 ----a-w- C:\windows\SysWOW64\UXInit.dll
2013-09-14 09:05:55 1669544D9288099E7BE0CF73EF8B9F3E 690688 ----a-w- C:\windows\SysWOW64\jscript.dll
2013-09-14 09:05:54 F76B96D80327187F52B01E0082571F20 2706432 ----a-w- C:\windows\SysWOW64\mshtml.tlb
2013-09-14 09:05:54 69B892115CD4E738FB0F2834DDB9002A 61440 ----a-w- C:\windows\SysWOW64\iesetup.dll
2013-09-14 09:05:54 0904FD891C44DE02D14A66DF07B64D6A 534528 ----a-w- C:\windows\SysWOW64\uxtheme.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2013-09-15 14:51:04 814F4A0774F08F580D71FA7E880CD454 1025024 ----a-w- C:\windows\Sysnative\localspl.dll
2013-09-15 14:51:04 7A102E79DD8F1032BCB76064E2E50C4A 778752 ----a-w- C:\windows\Sysnative\oleaut32.dll
2013-09-15 14:51:04 560A9357766AB0CDF38143EA3A66DA64 2839552 ----a-w- C:\windows\Sysnative\msftedit.dll
2013-09-15 14:51:04 3884117CE4FEC35E4A1A7A62918B1F34 1156096 ----a-w- C:\windows\Sysnative\IKEEXT.DLL
2013-09-15 14:51:03 45A2DE308D27355F0F0D13499C8207DA 1300480 ----a-w- C:\windows\Sysnative\gdi32.dll
2013-09-15 14:50:58 C89FAB42CD5FD672506031D941529A74 439488 ----a-w- C:\windows\Sysnative\WerFault.exe
2013-09-15 14:50:58 AF1349386D4C6786EF4E34FACEF15042 263680 ----a-w- C:\windows\Sysnative\wcmsvc.dll
2013-09-15 14:50:58 8E5271A1AC463276023B39BC846F299C 230912 ----a-w- C:\windows\Sysnative\WinSCard.dll
2013-09-15 14:50:58 827AE73CD7CB3A8292A50EF39169071F 115712 ----a-w- C:\windows\Sysnative\winmm.dll
2013-09-15 14:50:58 73133A0C0CA63817BFF2CB9DE65B64E7 723968 ----a-w- C:\windows\Sysnative\BFE.DLL
2013-09-15 14:50:58 6D9E07436B6646EC8F7EFFD39B6BA288 447488 ----a-w- C:\windows\Sysnative\wwansvc.dll
2013-09-15 14:50:58 58B7BEACEB8B19A9698FE85B76C88ED9 381952 ----a-w- C:\windows\Sysnative\FWPUCLNT.DLL
2013-09-15 14:50:58 12DE753B04FE08427BC4BA3133BFB1DB 414208 ----a-w- C:\windows\Sysnative\wwanconn.dll
2013-09-15 14:50:58 0ABF97013CA7400213DCBDC7B499AF85 183808 ----a-w- C:\windows\Sysnative\winmmbase.dll
2013-09-15 14:50:57 FF2E7B5DEF4C46870E8D00B80BBDB1DC 370688 ----a-w- C:\windows\Sysnative\Wwanadvui.dll
2013-09-15 14:50:57 9A218BB2D3EC7CAAC84351D59204013A 77312 ----a-w- C:\windows\Sysnative\openfiles.exe
2013-09-15 14:50:57 97D3B79F36CBD8B70F0D9BA6939D2462 391168 ----a-w- C:\windows\Sysnative\Windows.Networking.BackgroundTransfer.dll
2013-09-15 14:50:57 93BBEFF2825AFD81651EA2D938AAFCCA 543744 ----a-w- C:\windows\Sysnative\wwanmm.dll
2013-09-15 14:50:57 8C7D71CE2F03E8CD6F1045D9275E6E1D 74240 ----a-w- C:\windows\Sysnative\wcmcsp.dll
2013-09-15 14:50:56 DB5C9AD31E50EDC86C6072EDE1E89692 312832 ----a-w- C:\windows\Sysnative\LocationApi.dll
2013-09-15 14:50:56 B8BF7450DC17F940DD3B1A853F62724F 888832 ----a-w- C:\windows\Sysnative\nshwfp.dll
2013-09-15 14:50:56 2CE63B3A60C54BF7421B090429C286B0 387583 ----a-w- C:\windows\Sysnative\ApnDatabase.xml
2013-09-15 06:24:54 177C843D5B74A7EE79595EAC08AEDE8A 428344 ----a-w- C:\windows\Sysnative\FNTCACHE.DAT
2013-09-14 09:07:00 061A977C920FBE4BF71FF47C966DDDCA 4917760 ----a-w- C:\windows\Sysnative\sppsvc.exe
2013-09-14 09:06:57 D4D04839F3DFAF09D94BAB1016F7A297 2371728 ----a-w- C:\windows\Sysnative\WSService.dll
2013-09-14 09:06:57 4DD390AE1E1AD7EE02EFBB40FFBFE353 209200 ----a-w- C:\windows\Sysnative\NotificationUI.exe
2013-09-14 09:06:56 C80BE09E09CBD2D85D95C96CD9EA839B 1164288 ----a-w- C:\windows\Sysnative\sppobjs.dll
2013-09-14 09:06:55 9DEC60D4783377097014DFCCA31E69F8 3275776 ----a-w- C:\windows\Sysnative\wuaueng.dll
2013-09-14 09:06:53 C34DDB3F1082D40B9795AB7013C6E8B3 688640 ----a-w- C:\windows\Sysnative\WSShared.dll
2013-09-14 09:06:53 0F33B2A36E50793A08C86A0DBFFD60D5 105984 ----a-w- C:\windows\Sysnative\WinSetupUI.dll
2013-09-14 09:06:52 C121D6818C4FD2B8572F3409D4FF556F 120320 ----a-w- C:\windows\Sysnative\sppc.dll
2013-09-14 09:06:52 8C5DEF64385DD9B15792CECF05A88D79 773120 ----a-w- C:\windows\Sysnative\wuapi.dll
2013-09-14 09:06:51 20FAFBD28EC1128955308E7ABA5E765A 368640 ----a-w- C:\windows\Sysnative\sppwinob.dll
2013-09-14 09:06:48 EA2C469FD4B4B4CC984CAD8D48B13652 1621504 ----a-w- C:\windows\Sysnative\wucltux.dll
2013-09-14 09:06:48 DD9730BDD6515CE314F2EAAADFE54951 183808 ----a-w- C:\windows\Sysnative\WSSync.dll
2013-09-14 09:06:48 AFE039373642AA6C5003FED9417A857F 252416 ----a-w- C:\windows\Sysnative\WUSettingsProvider.dll
2013-09-14 09:06:48 A0C07056756C94FA19B231BBE58C33DF 49664 ----a-w- C:\windows\Sysnative\wups.dll
2013-09-14 09:06:48 633B9891D7C18B992CE9C6AF08DF4D05 49152 ----a-w- C:\windows\Sysnative\wups2.dll
2013-09-14 09:06:48 2C1C2A1AAB6B364AD4C10D71BFF91B28 59416 ----a-w- C:\windows\Sysnative\wuauclt.exe
2013-09-14 09:06:47 C30E6549F9770CF8925C06978E616841 142848 ----a-w- C:\windows\Sysnative\wuwebv.dll
2013-09-14 09:06:47 BDE065A9A03ECFA09A4ADBE4FE3EFE0B 174592 ----a-w- C:\windows\Sysnative\storewuauth.dll
2013-09-14 09:06:47 AA3BF5E865917912239E52E2217556CA 204800 ----a-w- C:\windows\Sysnative\WSClient.dll
2013-09-14 09:06:47 6925399CDC69C6DC9C829DAFF9F85681 40448 ----a-w- C:\windows\Sysnative\wuapp.exe
2013-09-14 09:06:47 26479DAFA9B1A91A101388819CD32FD9 99328 ----a-w- C:\windows\Sysnative\wudriver.dll
2013-09-14 09:06:47 00DC7D597DAA2740100B18BDD8CA8B7E 198656 ----a-w- C:\windows\Sysnative\Windows.ApplicationModel.Store.dll
2013-09-14 09:06:46 5C1442CC4FD8628839852297C05D6EF2 81408 ----a-w- C:\windows\Sysnative\setupcln.dll
2013-09-14 09:06:13 0CBE4F2B4C2316814693EAF8F9CD98A7 19246592 ----a-w- C:\windows\Sysnative\mshtml.dll
2013-09-14 09:06:02 1FFB9680178BAA8BFE2BE5CF91FBD574 3959296 ----a-w- C:\windows\Sysnative\jscript9.dll
2013-09-14 09:06:01 55B082D7A4823B963975F7D32C7AC8BA 15404544 ----a-w- C:\windows\Sysnative\ieframe.dll
2013-09-14 09:05:56 AE4AD9943B92F71C7552F3CBC94F3CF6 2647040 ----a-w- C:\windows\Sysnative\iertutil.dll
2013-09-14 09:05:56 4C95B1B5ADF6E82D7A8FA2DD8D383626 1365504 ----a-w- C:\windows\Sysnative\urlmon.dll
2013-09-14 09:05:55 FAA0282FF13ECFB8B620E01619703850 51712 ----a-w- C:\windows\Sysnative\ie4uinit.exe
2013-09-14 09:05:55 D2CFD6F140FBC9F6F09B8DB42ACBE4B1 603136 ----a-w- C:\windows\Sysnative\msfeeds.dll
2013-09-14 09:05:55 A45FE588EC4D64620E755FAE8735856D 53760 ----a-w- C:\windows\Sysnative\jsproxy.dll
2013-09-14 09:05:55 74671852110963BD2D23740E65C84206 53760 ----a-w- C:\windows\Sysnative\UXInit.dll
2013-09-14 09:05:55 6DBE239FF1C9650A794C974B8C7913D7 2241024 ----a-w- C:\windows\Sysnative\wininet.dll
2013-09-14 09:05:55 6A0910927CDCBCF5EFE79B73D0B7596B 136704 ----a-w- C:\windows\Sysnative\iesysprep.dll
2013-09-14 09:05:55 6344E1B323F993C1F7FB68C028D356D6 855552 ----a-w- C:\windows\Sysnative\jscript.dll
2013-09-14 09:05:55 37A27E7A53724DF4193C0337891609AB 915968 ----a-w- C:\windows\Sysnative\uxtheme.dll
2013-09-14 09:05:55 163464CAAF793906958F7098DA9C9C6D 39936 ----a-w- C:\windows\Sysnative\iernonce.dll
2013-09-14 09:05:54 CC062CD7E7CBA0EFD0EF7975DD4CA1C4 67072 ----a-w- C:\windows\Sysnative\iesetup.dll
2013-09-14 09:05:54 C23E349B999CAC55B398C36E0FA54A88 2706432 ----a-w- C:\windows\Sysnative\mshtml.tlb
2013-09-14 09:05:38 947B40E8199C16F0E62EABC312813DF7 4038144 ----a-w- C:\windows\Sysnative\win32k.sys
====== C:\windows\Sysnative\drivers =====
2013-09-15 14:50:58 09039F3D5A23483010AA6F5FE388F3C4 327512 ----a-w- C:\windows\Sysnative\drivers\Classpnp.sys
2013-09-15 14:50:57 FC2B8B06BDBD3B6457F5A3DA9AD2410E 120144 ----a-w- C:\windows\Sysnative\drivers\msgpioclx.sys
2013-09-15 14:50:57 F58B030A0664385C707B8C1C63682041 195416 ----a-w- C:\windows\Sysnative\drivers\sdbus.sys
2013-09-15 14:50:57 DD7B107B2BB3EE845F57315EF4ECAC9A 125784 ----a-w- C:\windows\Sysnative\drivers\dumpsd.sys
2013-09-15 14:50:57 BFC7FE4AAEB61317A921871B4085EF4B 119040 ----a-w- C:\windows\Sysnative\drivers\USBSTOR.SYS
2013-09-15 14:50:57 630555943E5A3FE21010CE91EC7FC84F 341504 ----a-w- C:\windows\Sysnative\drivers\HdAudio.sys
2013-09-15 14:50:57 3F1F31883EAC9DDDF836ACC6D1DAC36C 96512 ----a-w- C:\windows\Sysnative\drivers\wfplwfs.sys
2013-09-15 14:50:57 25C50F4EDF70D0A831E0566BD181CCF2 321536 ----a-w- C:\windows\Sysnative\drivers\udfs.sys
2013-09-14 09:06:47 FAEF4C245BE832DB41B15DAAC336AFB7 58200 ----a-w- C:\windows\Sysnative\drivers\dam.sys
2013-08-25 19:38:58 FD47DF026B32969B8A68721A0243E8EE 36288 ----a-w- C:\windows\Sysnative\drivers\WdBoot.sys
2013-08-25 19:38:58 5F425D842DD6ADE9F95A51A0616AFAD7 247216 ----a-w- C:\windows\Sysnative\drivers\WdFilter.sys
2013-08-25 06:22:51 1794C43A000A47D92B3304FC1E3E512A 2233168 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys
====== C:\windows\Tasks ======
2013-08-31 18:55:48 -------- d-----w- C:\windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
====== C:\windows\Temp ======
======= C:\Program Files =====
2013-09-18 16:42:57 -------- d-----w- C:\Program Files\trend micro
2013-08-31 18:54:45 -------- d-----w- C:\Program Files\Microsoft Office
2013-08-31 18:44:25 -------- d-----w- C:\Program Files\Microsoft Office 15
======= C:\Program Files (x86) =====
2013-09-18 16:39:12 -------- d-----w- C:\Program Files (x86)\trend micro
2013-08-31 19:23:33 -------- d-----w- C:\Program Files (x86)\TeamViewer
2013-08-31 19:03:30 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-08-31 18:58:36 -------- d-----w- C:\Program Files (x86)\Common Files\DESIGNER
2013-08-31 18:54:39 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
======= C: =====
====== C:\Users\Media\AppData\Roaming ======
2013-09-19 05:45:04 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps
2013-09-14 08:49:19 -------- d-----w- C:\Users\Media\AppData\Local\ElevatedDiagnostics
2013-09-02 09:44:58 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2013-09-02 09:44:58 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2013-08-31 19:25:01 -------- d-----w- C:\Users\Media\AppData\Roaming\TeamViewer
2013-08-31 18:51:52 -------- d-----w- C:\Users\Media\AppData\Local\Microsoft Help
2013-08-28 19:29:01 C13C58A2FDE273FD136FCBDF55BF4144 8388608 ----a-w- C:\windows\serviceprofiles\Localservice\AppData\Local\~FontCache-S-1-5-21-4166548073-3268256846-919994225-1001.dat
====== C:\Users\Media ======
2013-09-18 16:59:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Media\Desktop\RSITx64.exe
2013-09-18 16:43:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Media\Desktop\RSIT.exe
2013-09-02 09:26:00 -------- d-----w- C:\ProgramData\HP
2013-08-31 19:03:28 -------- d-----r- C:\Users\Media\SkyDrive
2013-08-31 19:02:54 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-08-31 18:59:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-08-31 18:51:46 -------- d-----w- C:\ProgramData\Microsoft Help
2013-08-31 18:45:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
====== C: exe-files ==
2013-09-18 16:59:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Media\Desktop\RSITx64.exe
2013-09-18 16:43:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Media\Desktop\RSIT.exe
2013-09-18 16:42:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\beheerder.exe
2013-09-18 16:42:49 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C65QWLHX\RSITx64.exe
2013-09-18 16:39:13 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\beheerder.exe
2013-09-18 16:38:51 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YN0YF5X\RSIT.exe
2013-09-15 14:50:58 C89FAB42CD5FD672506031D941529A74 439488 ----a-w- C:\Windows\System32\WerFault.exe
2013-09-15 14:50:58 3631AE3089DE4FAA50D3BD62E370299E 385768 ----a-w- C:\Windows\SysWOW64\WerFault.exe
2013-09-15 14:50:57 9A218BB2D3EC7CAAC84351D59204013A 77312 ----a-w- C:\Windows\System32\openfiles.exe
2013-09-15 14:50:56 499403FAB514EF7C468F1E9157F8F7BA 67072 ----a-w- C:\Windows\SysWOW64\openfiles.exe
2013-09-14 09:07:00 061A977C920FBE4BF71FF47C966DDDCA 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
2013-09-14 09:06:57 4DD390AE1E1AD7EE02EFBB40FFBFE353 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-09-14 09:06:48 2C1C2A1AAB6B364AD4C10D71BFF91B28 59416 ----a-w- C:\Windows\System32\wuauclt.exe
2013-09-14 09:06:47 FAC41DA4259549C5468AFC1FA53CED3A 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2013-09-14 09:06:47 6925399CDC69C6DC9C829DAFF9F85681 40448 ----a-w- C:\Windows\System32\wuapp.exe
2013-09-14 09:05:56 ECC765E9B81567B977FAFEB0E30FA281 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-09-14 09:05:55 FAA0282FF13ECFB8B620E01619703850 51712 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-09-14 09:05:55 E386800116A8DCE3AD797F34A6126081 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-09-14 08:58:13 3BDBB0CBFB27FEF51B7574676D1C9F6A 201360 ----a-w- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
2013-09-14 08:42:42 6F79432464144A5BDF6762B84ED692E0 546488 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE
2013-09-14 08:42:42 2397335B96874586BE176F4FBC633875 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE
2013-09-14 08:42:41 DDC947E5F1F3DCBBFF0988700BB25A1D 207528 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOXMLED.EXE
2013-09-14 08:42:41 D0612E74E65324E73E15DA88FFB64340 3685544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\XLICONS.EXE
2013-09-14 08:42:41 3184B091BE16E28627924BE6E94CF443 3015336 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WORDICON.EXE
2013-09-14 08:42:41 1862F316B09C2B00D677504A3D4F0168 838352 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2013-09-14 08:42:34 F113F6FC9A2839F83E6A91210C973C8C 6807768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2013-09-14 08:42:34 28A4EBE46B9D523C017CEC0F4DEEAC4F 78576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2013-09-14 08:42:33 14D9D7D87ACA5382D07253774E057474 3748008 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ACCICONS.EXE
2013-09-14 08:42:32 497DEBEBBA706CCAE0F1BD1D43B29643 39584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2013-09-14 08:42:29 F73E72DE442F118D081014CC372944FA 5087448 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2013-09-14 08:42:26 FB9B36CCAEFD0FDF3B6870E53E35C314 9555120 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE
2013-09-14 08:42:24 86C011087ED4D9853CECCC693176ED07 870064 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2013-09-14 08:42:23 E16447D89D8066015010B6D7F1F8486F 470248 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2013-09-14 08:42:20 82B1B67470FFFFD5486C83FD5FA2CC58 3509416 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PPTICO.EXE
2013-09-14 08:42:19 6903BBB85C71CF1E5352B0639FA97222 150704 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\FLTLDR.EXE
2013-09-14 08:42:18 182286F7EE5EF6F4864371D07FA4F426 614568 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOICONS.EXE
2013-09-14 08:41:58 1C5F89669D9D195A3E9F7AAB7C1E1A7D 1044696 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2013-09-14 08:41:47 E43AD66EDF07399F66C3B6130DE33A11 700064 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSQRY32.EXE
2013-09-14 08:41:47 C6097243BBA87FB798BAC6FF8994F72D 496832 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE
2013-09-14 08:41:47 861DD7274480B782C6A3F123760832E8 476888 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE
2013-09-14 08:41:47 52ED1725CA65B2713EC3F52A388F3694 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE
2013-09-14 08:41:47 389B14BAC1D0A49B33B7C5ECE72CD8CC 87240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\NAMECONTROLSERVER.EXE
2013-09-14 08:41:47 07245A105A257115635B8C09170DBD57 448704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
2013-09-14 08:41:46 F88CE944D57F4727A6FA18E04904DD22 21859488 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2013-09-14 08:41:46 DC88760773FBDF2812EA4C1C4E5AE396 513776 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2013-09-14 08:41:46 896D3EF1C9BA3089F5976C8AB66FD16C 4522688 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE
2013-09-14 08:41:45 E8F3CFCE8B89634943AC0ED079EAB146 1026728 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\misc.exe
2013-09-14 08:41:45 CC19FCF35342B5EDF5AFD719282D4A43 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2013-09-14 08:41:44 4A6140C9ABE4FA190A10B82535CF2943 524488 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE
2013-09-14 08:40:47 7F513E38241DB19F9B51328D011B431D 564432 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe
2013-09-14 08:39:22 EF1811431151E4EFE7DEFD223F6F7096 18679976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
2013-09-14 08:39:17 2DFEA365269145BDE624707E2883A41F 158896 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
2013-09-14 08:39:16 2071F96525AAAB5F1AF83476E6E09548 1745064 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE
2013-09-14 08:39:13 3BB985BCA0274C3038712B48E295BCD7 15505576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE
2013-09-14 08:38:55 F9790151CA310BB021D108FAA662719D 1923232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2013-09-14 08:38:52 1576951AE4C59D99FC1B69ED1BDB724C 10756264 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE
2013-09-14 08:38:50 3F30A754E2A30B47AEF0D9CFA5BADD62 25594016 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
2013-09-14 08:38:32 596BD140FAD2C3ED1D207DA242D8D381 933544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE
=== C: other files ==
2013-09-17 20:44:46 A842B48277A2D8645A37B9F596838D2A 1230 ----a-w- C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YL39729R\flXHR[1].vbs
2013-09-17 18:26:06 95125CDB81059005550903555D37CFE6 79979 ----a-w- C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YL39729R\nos[2].zip
2013-09-15 14:50:58 09039F3D5A23483010AA6F5FE388F3C4 327512 ----a-w- C:\Windows\System32\Drivers\Classpnp.sys
2013-09-15 14:50:57 FC2B8B06BDBD3B6457F5A3DA9AD2410E 120144 ----a-w- C:\Windows\System32\Drivers\msgpioclx.sys
2013-09-15 14:50:57 F58B030A0664385C707B8C1C63682041 195416 ----a-w- C:\Windows\System32\Drivers\sdbus.sys
2013-09-15 14:50:57 DD7B107B2BB3EE845F57315EF4ECAC9A 125784 ----a-w- C:\Windows\System32\Drivers\dumpsd.sys
2013-09-15 14:50:57 BFC7FE4AAEB61317A921871B4085EF4B 119040 ----a-w- C:\Windows\System32\Drivers\USBSTOR.SYS
2013-09-15 14:50:57 630555943E5A3FE21010CE91EC7FC84F 341504 ----a-w- C:\Windows\System32\Drivers\HdAudio.sys
2013-09-15 14:50:57 3F1F31883EAC9DDDF836ACC6D1DAC36C 96512 ----a-w- C:\Windows\System32\Drivers\wfplwfs.sys
2013-09-15 14:50:57 25C50F4EDF70D0A831E0566BD181CCF2 321536 ----a-w- C:\Windows\System32\Drivers\udfs.sys
2013-09-14 09:06:47 FAEF4C245BE832DB41B15DAAC336AFB7 58200 ----a-w- C:\Windows\System32\Drivers\dam.sys
2013-09-14 09:05:38 947B40E8199C16F0E62EABC312813DF7 4038144 ----a-w- C:\Windows\System32\win32k.sys
==== Startup Registry Enabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ToshibaDynamicIconUtility"="C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"TPUReg(x86)"="C:\Program Files\TOSHIBA\Password Utility\TosPU.exe /Retimes"
"TPUReg"="C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe"
"TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h"
"Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"FromDocToPDF Home Page Guard 64 bit"="C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe "
"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe "
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]
fjoijdanhaiflhibkljeklcghcmmfffh - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[12-09-2013 17:26]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MyWebSearch Home Page"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="QVO6"
"Start Page"="QVO6"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="QVO6"
"Start Page"="QVO6"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{3185FE08-DDF2-42C9-8392-B032526A579F}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Google"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{3185FE08-DDF2-42C9-8392-B032526A579F} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4166548073-3268256846-919994225-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3185FE08-DDF2-42C9-8392-B032526A579F} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Media\Desktop\Afsluiten.lnk - C:\Windows\System32\shutdown.exe /s /f /t 00
C:\Users\Media\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Manual.lnk - C:\Program Files (x86)\TOSHIBA\Manuals\TREXLauncher.exe Manual
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\20.4.0.40\uistub.exe
C:\Users\Public\Desktop\Recovery Media Creator.lnk - C:\Program Files\TOSHIBA\TOSHIBA Recovery Media Creator\TRMCLcher.exe
C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Media\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Digitaal certificaat voor VBA-projecten.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Mediagalerie.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office 2010 Upload Center.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Microsoft Office Picture Manager.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Office Anytime Upgrade.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\promo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010-hulpprogramma's\Taalvoorkeuren voor Microsoft Office 2010.lnk - C:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Taalvoorkeuren voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\SETLANG.EXE
==== shortcuts in Quick Launch ======================
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Desktop Assist.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Media\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA VIDEO PLAYER.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe
==== shortcuts After Repair ======================
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Media\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\Desk 365" not found
"C:\Program Files (x86)\FromDocToPDF_65" not found
"C:\Program Files (x86)\Desk 365" not found
"C:\Program Files (x86)\FromDocToPDF_65" not found
==== EOF on do 19-09-2013 at 7:57:06,46 ======================
-
kan niets plaatsen ;s
- - - Updated - - -
krijg telkens foutmelding pagina verlaten of op blijven!
-
er is een probleem opgetreden waardoor het programma niet meer werkt,
Internet explorer 8 valt telkens weg, als ik iets aan het terugkijken ben valt internet ineens weg, en krijg ik bovenstaande melding!
heb hijachthis gedaan en krijg het volgende,
Logfile of HijackThis v1.99.1
Scan saved at 22:20:35, on 17-9-2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Running processes:
C:\Program Files (x86)\Desk 365\desk365.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrchMn.exe
C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\program files (x86)\torntv 2\torntv 2-bg.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Media\Documents\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Toolbar BHO - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Search Assistant BHO - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
O3 - Toolbar: FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
O4 - HKLM\..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [iNTERNATIONAL] International
O13 - Gopher Prefix:
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FromDocToPDFService (FromDocToPDF_65Service) - COMPANYVERS_NAME - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll" /prefetch:1 (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - Unknown owner - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe" "C:\Users\Media\AppData\Roaming\WebCake\WebCakeDesktop.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Unknown owner - C:\ProgramData\eSafe\eGdpSvc.exe (file missing)
-
nu op 1 gedruk c:windows en dan?
-
ben nu al iets verder kan nu voor repair kiezen of windows opnieuw installeren maar zoals eerder vermeld (liever niet)
maar dan geeft hij aan: which windows installation would you like to log onto
tot cancel press enter
C:\Windows
-
Heb ik gedaan,
heb cd rom erin gedaan en via boot opgestart maar kun je verschillende opties kiezen
f2 of f6 enz maar als ik hem laat doorgaan krijg ik op gegeven moment blauw scherm,
met a problem has been detected and windows has been shut down to prevent damage to your computer,
if this is the first time you ve seen this stop error screen,restart your computer if \this screen appears again follow these steps enz enz....
technical information:
*** stop: 0x0000007B (0xf78D524,0xc0000034,0x000000000, 0x000000000)
-
Gisteravond gewoon laptop gebruikt, vanmorgen wou ik hem opstarten kreeg ik foutmelding.
windows kan niet worden gestart omdat het volgende bestand is beschadigt of niet kan worden gevonden:
\windows\system32\config\system
wil eigenlijk niet opnieuw windows installeren want dan ben ik alles kwijt.
-
heel erg bedankt... is het raadzaam programma's die ik heb gebruikt hiervoor zoals cc cleaner er op te laten staan?
bedankt voor de goede hulp!!
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:47, on 19-9-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\bluemi nk\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={6E6B1165-427F-46CE-9429-495F67A8EB27}&mid=89a7c7772a8847d08db2d15f92bdd37b-66638560042961255e54c028b2d3c369df1d1f09〈=nl&ds=AVG&pr=fr&d=2012-09-09 20:06:17&v=12.2.5.4&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
--
End of file - 6762 bytes
-
zal dit even doen nog.. kan iig wel weer ''gewoon'' op internet komt geen melding voor.
-
kreeg eerst een foutmelding maar daarna gescant dit is het resultaat....
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:05:49, on 19-9-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\bluemi nk\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={6E6B1165-427F-46CE-9429-495F67A8EB27}&mid=89a7c7772a8847d08db2d15f92bdd37b-66638560042961255e54c028b2d3c369df1d1f09〈=en&ds=sy011&pr=sa&d=2012-09-01 23:53:37&v=12.2.0.5&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
--
End of file - 6848 bytes
-
tot zover is alles gelukt hierbij het nieuwe logje!
Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400
Databaseversie: v2012.09.18.06
Windows 7 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 9.0.8112.16421
bluemi nk :: BLUEMINK [administrator]
Realtime bescherming: Uitgeschakeld
18-9-2012 19:54:25
mbam-log-2012-09-18 (19-54-25).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 188557
Verstreken tijd: 7 minuut/minuten, 37 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 1
C:\Users\bluemi nk\AppData\Roaming\hellomoto (Trojan.Ransom.FGen) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 6
C:\RECYCLER\S-1-5-21-2000478354-1715567821-1644491937-1004\Dc8.exe (PUP.SmsPay.pns) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\bluemi nk\AppData\Local\Temp\zoek.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\bluemi nk\2e combofix.exe (PUP.BundleInstaller.BI) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\bluemi nk\Downloads\sopcast.exe (PUP.BundleInstaller.BT) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\bluemi nk\AppData\Roaming\hellomoto\TujP.dat (Trojan.Ransom.FGen) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\bluemi nk\AppData\Roaming\hellomoto\BukF.dat (Trojan.Ransom.FGen) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
hallo heb ook last van het politie virus..
heb op google hijackthis gedownload en dit heb ik opgeslagen (log)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:47, on 17-9-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\bluemi nk\Downloads\HijackThis (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={6E6B1165-427F-46CE-9429-495F67A8EB27}&mid=89a7c7772a8847d08db2d15f92bdd37b-66638560042961255e54c028b2d3c369df1d1f09〈=en&ds=sy011&pr=sa&d=2012-09-01 23:53:37&v=12.2.0.5&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [WcnEapAuthProxy] C:\Users\bluemi nk\AppData\Local\Microsoft\Windows\739\WcnEapAuthProxy.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
--
End of file - 7577 bytes
vraagje ,internet werkt niet na windows opnieuw geinstalleerd is!
in Archief Internet & Netwerk
Geplaatst:
moest als ik op wilde starten ook telkens in veilige modus opstarten ging dus niet vanzelf!