reva

Gelukt. Bedankt kweezie wabbit!

Beste kweezie wabbit Alvast bedankt voor deze guidance. In bijlage de printscreen van het schijfbeheer. Ondertussen merk ik ook dat er misschien wat veel HD foto's op de harde schijf staan en dat de tweede 'D' eigenlijk een deel is van de 'C'

[ATTACH]35623[/ATTACH] Log in bijlage AdwCleaner[S0].txt

In bijlage de log en 2 verkregen foutmeldingen zoek-results.txt

Log tekst in bijlage log.txt

Beste,Ik denk dat er malware op mijn laptop zit. De harde schijf komt voller en voller zonder dat ik (bewust) iets download. Nu is het zo ver dat de C vol is. Dit geeft uiteraard problemen voor het openen van verschillende vensters en tijdelijk bestanden.De 2de schijf heeft nog een capaciteit van 100 GIG (van de 180).Wat te doen?

Beste Jion, Ontzettend bedankt voor je hulp!! Reva

Gelukt. Jre6 is weg en ProductR ook. Enkel de Norton/Symantec is nog gebleven. Misschien is het een idee om deze ook te verwijderen en te vervangen door en up-to-date versie van een AVG? Of misschien is er een andere virusscanner die performanter is? Prettige avond toegewesnt in ieder geval!

Java is weg dus dan kan ik de nieuwe versie installeren. Ik heb 2 logs gekregen, maar heb het laten draaien toen ik elders bezig was dus weet niet welkje je nodig hebt. Ik gok op deze: Logfile of random's system information tool 1.09 (written by random/random) Run by Els at 2014-02-19 16:49:16 Microsoft® Windows Vista™ Business Service Pack 2 System drive C: has 37 GB (45%) free of 82 GB Total RAM: 3066 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:50:32, on 19/02/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16533) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\System32\rundll32.exe C:\Windows\PLFSetI.exe C:\Users\Els\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Symantec AntiVirus\VPTray.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\AirPort\APAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE D:\Els & Reinout\Desktop\RSIT.exe C:\Program Files\trend micro\Els.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_Win32.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11568 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128] {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Program Files\SiteFinder\SiteFinder.dll [2014-01-22 366592] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512] "ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312] "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040] "Skytel"=C:\Windows\Skytel.exe [2008-04-21 1826816] "ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-07 13543968] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-07 92704] "PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704] "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-09-01 858632] "eRecoveryService"= [] "ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-12-03 3625984] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-22 107112] "vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-28 134808] "ExtraFilmHemmaAgent"=C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe [] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152] "AirPort Base Station Agent"=C:\Program Files\AirPort\APAgent.exe [2009-11-11 771360] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-12-03 2938880] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "VIDC.IV41"=IR41_32.AX "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-19 16:49:17 ----D---- C:\Program Files\trend micro 2014-02-19 16:49:16 ----D---- C:\rsit 2014-02-19 16:21:11 ----D---- C:\Program Files\VS Revo Group 2014-02-19 14:46:28 ----D---- C:\Program Files\Common Files\Adobe 2014-02-19 12:34:19 ----D---- C:\Program Files\CCleaner 2014-02-19 09:43:26 ----A---- C:\DelFix.txt 2014-02-18 15:17:59 ----SHD---- C:\$RECYCLE.BIN 2014-02-18 15:15:04 ----A---- C:\Windows\zoek-delete.exe 2014-02-18 15:15:03 ----D---- C:\Windows\Temp 2014-02-18 14:59:40 ----D---- C:\zoek_backup 2014-02-17 15:23:43 ----D---- C:\ProgramData\TEMP 2014-02-17 15:18:24 ----D---- C:\Program Files\SiteFinder 2014-02-13 23:33:03 ----A---- C:\Windows\system32\vbscript.dll 2014-02-13 23:33:03 ----A---- C:\Windows\system32\mshtmled.dll 2014-02-13 23:33:03 ----A---- C:\Windows\system32\ieui.dll 2014-02-13 23:33:02 ----A---- C:\Windows\system32\msfeeds.dll 2014-02-13 23:33:02 ----A---- C:\Windows\system32\jsproxy.dll 2014-02-13 23:33:02 ----A---- C:\Windows\system32\ieUnatt.exe 2014-02-13 23:33:01 ----A---- C:\Windows\system32\wininet.dll 2014-02-13 23:33:01 ----A---- C:\Windows\system32\jscript9.dll 2014-02-13 23:33:01 ----A---- C:\Windows\system32\jscript.dll 2014-02-13 23:33:00 ----A---- C:\Windows\system32\url.dll 2014-02-13 23:33:00 ----A---- C:\Windows\system32\iertutil.dll 2014-02-13 23:32:59 ----A---- C:\Windows\system32\urlmon.dll 2014-02-13 23:32:59 ----A---- C:\Windows\system32\ieframe.dll 2014-02-13 23:32:58 ----A---- C:\Windows\system32\mshtml.dll 2014-02-13 22:35:57 ----A---- C:\Windows\system32\msxml3.dll ======List of files/folders modified in the last 1 month====== 2014-02-19 16:49:17 ----RD---- C:\Program Files 2014-02-19 16:24:30 ----SHD---- C:\Windows\Installer 2014-02-19 16:24:30 ----HD---- C:\Config.Msi 2014-02-19 16:24:30 ----D---- C:\Program Files\Common Files 2014-02-19 16:24:14 ----D---- C:\Windows\System32 2014-02-19 16:23:09 ----SHD---- C:\System Volume Information 2014-02-19 16:19:49 ----D---- C:\ProgramData\Adobe 2014-02-19 16:18:20 ----SD---- C:\Users\Els\AppData\Roaming\Microsoft 2014-02-19 16:18:20 ----D---- C:\Users\Els\AppData\Roaming\Adobe 2014-02-19 14:46:28 ----D---- C:\Program Files\Adobe 2014-02-19 14:45:32 ----D---- C:\Windows\Prefetch 2014-02-19 12:34:21 ----D---- C:\Windows\system32\Tasks 2014-02-18 22:43:33 ----A---- C:\Windows\win.ini 2014-02-18 15:16:33 ----D---- C:\Windows 2014-02-18 15:11:06 ----D---- C:\Windows\Tasks 2014-02-18 15:04:28 ----HD---- C:\ProgramData 2014-02-17 15:37:07 ----D---- C:\ProgramData\tmp 2014-02-17 15:22:19 ----D---- C:\Users\Els\AppData\Roaming\Skype 2014-02-17 15:15:05 ----RD---- C:\Users 2014-02-17 15:09:25 ----A---- C:\Windows\system32\lsprst7.dll 2014-02-17 13:23:58 ----D---- C:\Windows\inf 2014-02-17 13:23:58 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-14 20:27:32 ----RSD---- C:\Windows\assembly 2014-02-14 20:27:32 ----D---- C:\Windows\Microsoft.NET 2014-02-14 20:11:39 ----D---- C:\Windows\system32\migration 2014-02-14 20:11:37 ----D---- C:\Program Files\Internet Explorer 2014-02-13 23:43:31 ----D---- C:\Windows\winsxs 2014-02-13 23:39:23 ----D---- C:\Windows\system32\MRT 2014-02-13 23:37:21 ----A---- C:\Windows\system32\mrt.exe 2014-02-13 23:33:57 ----D---- C:\Windows\system32\catroot 2014-02-13 23:33:36 ----D---- C:\Windows\system32\catroot2 2014-02-09 20:51:29 ----D---- C:\ProgramData\hps ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2008-12-03 43184] R0 hotcore3;hotcore3; C:\Windows\system32\drivers\hotcore3.sys [2007-11-06 39472] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120] R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2012-09-17 376480] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672] R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144] R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448] R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744] R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2007-11-06 131672] R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2007-11-06 32080] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-05-09 12672] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-05-09 8704] R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-04-25 146688] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-09-01 21264] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-01 106656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-05-09 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-05-09 208896] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296] R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130708.002\NAVENG.SYS [2013-06-17 93272] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130708.002\NAVEX15.SYS [2013-06-17 1611992] R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-07 44064] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-07 7545824] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-12-04 109744] R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-09 661504] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BthPort;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208] S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936] S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 rt2500usb;DWL-G122(rev. USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\rt2500usb.sys [2005-03-12 243456] S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 BcmSqlStartupSvc;Opstartservice voor SQL Server voor Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624] R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-11-28 30872] R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840] R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-12-03 3435008] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-07 196608] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 SQLBrowser;SQL Server-browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880] R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-11-28 1962136] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-05-09 386560] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-27 194032] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384] -----------------EOF-----------------

Bijlage vergeten PC Help.docx

Java vormt een problem, als ik het wil verwijderen, blijft het gewoon stan in de lijst van programma's. Het is ook meer 1 bestand, ik vind er geen andere (zie bijlage). Zal ik de nieuwe versie installeren? Adobe is geen probleem. Norton Antivirus vindt ik ook niet terug in de lijst. Enkel de symantec welke laatste datum 13/07/2013 is.

Log van checkup: Results of screen317's Security Check version 0.99.79 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 24 Java version out of Date! Adobe Reader 8 Adobe Reader out of Date! Google Chrome 32.0.1700.102 Google Chrome 32.0.1700.107 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Symantec AntiVirus DefWatch.exe Symantec AntiVirus Rtvscan.exe Symantec AntiVirus VPTray.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` - - - Updated - - - Hierbij de log van CCleaner: Ja HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe Ja HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Ja HKLM:Run AirPort Base Station Agent Apple Inc. "C:\Program Files\AirPort\APAgent.exe" Ja HKLM:Run APSDaemon Apple Inc. "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" Ja HKLM:Run BkupTray NewTech Infosystems, Inc "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" Ja HKLM:Run ccApp Symantec Corporation "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" Ja HKLM:Run ePower_DMC Acer Inc. C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe Ja HKLM:Run eRecoveryService Ja HKLM:Run ExtraFilmHemmaAgent "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" Ja HKLM:Run HP Software Update Hewlett-Packard Co. C:\Program Files\HP\HP Software Update\HPWuSchd2.exe Ja HKLM:Run IAAnotif Intel Corporation C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe Ja HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe" Ja HKLM:Run LManager Dritek System Inc. C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Ja HKLM:Run NvCplDaemon Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup Ja HKLM:Run NvMediaCenter Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit Ja HKLM:Run PLFSetI C:\Windows\PLFSetI.exe Ja HKLM:Run ProductReg Acer "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" Ja HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\QTTask.exe" -atboottime Ja HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe Ja HKLM:Run Skytel Realtek Semiconductor Corp. Skytel.exe Ja HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. "C:\Program Files\Common Files\Java\Java Update\jusched.exe" Ja HKLM:Run SynTPEnh Synaptics, Inc. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Ja HKLM:Run vptray Symantec Corporation C:\PROGRA~1\SYMANT~1\VPTray.exe Ja HKLM:Run Windows Defender Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCui.exe -hide Ja HKLM:Run ZPdtWzdVitaKey MC3000 Arachnoid Biometrics Identification Group Corp. "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show Ja Startup Common BTTray.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Ja Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

Goede morgen, Hierbij het logje van de Delfix: # DelFix v10.6 - Logfile created 19/02/2014 at 09:43:26 # Updated 11/11/2013 by Xplode # Username : Els - PC_VAN_ELS # Operating System : Windows Vista Business Service Pack 2 (32 bits) ~ Removing disinfection tools ... Deleted : C:\AdwCleaner Deleted : C:\zoek-results.log Deleted : D:\Els \Desktop\adwcleaner.exe Deleted : D:\Els \Desktop\zoek.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Cleaning system restore ... Deleted : RP #312 [Windows Update | 12/10/2013 22:34:28] Deleted : RP #313 [installed QuickTime | 01/10/2014 21:04:33] Deleted : RP #314 [Windows Update | 01/15/2014 20:28:57] Deleted : RP #315 [Windows Update | 02/13/2014 22:32:05] Deleted : RP #316 [zoek.exe restore point | 02/18/2014 14:03:17] New restore point created ! ########## - EOF - ########## Ik zie in de log dat er een nieuw restore point gemaakt is, hoe kan dat restore point teruggevonden worden in nood? De ProductR heb ik niet gevonden in de lijst van geïnstalleerde programma's tenzij het de Acer eRecovery is (zie printscreen). Wel staat er nog in de lijst de FindRight. Kan ik die hier ook verwijderen? De Virusscanner is Symantec maar die heb ik enkele dagen geleden nog naar updates laten zoeken. Geen idee of het een betalende versie was. Welke virusscanner zou je aanraden om te installeren aangezien deze niet up-to-date is? Bedankt voor je hulp! PC Help.docx

Hierbij de log van AdwaCleaner: AdwCleaner v3.019 - Report created 18/02/2014 at 16:26:34 # Updated 17/02/2014 by Xplode # Operating System : Windows Vista Business Service Pack 2 (32 bits) # Username : Els - PC_VAN_ELS # Running from : D:\Els Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95BE02D8-68E8-4537-940F-B6EF6032803F} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95BE02D8-68E8-4537-940F-B6EF6032803F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Optimizer Pro v3.2 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\UpdaterEX Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16533 -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2098 octets] - [18/02/2014 16:15:57] AdwCleaner[s0].txt - [2090 octets] - [18/02/2014 16:26:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2150 octets] ########## - - - Updated - - - Ik had nog een vraagje. Telkens de computer opstart geeft hij volgende 2 meldingen. Wat kan ik hier aan doen? Zie bijlage PC HELP2.docx

Beste Jion, Dank voor je snlle reactie. Zoek.exe uitgevoerd en heb de indruk dat de ads al verdwenen zijn na de opstart. Hieronder het logje: Zoek.exe v5.0.0.0 Updated 17-February-2014 Tool run by Els on di 18/02/2014 at 15:02:25,09. Microsoft® Windows Vista™ Business 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: D:\Els\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 18/02/2014 15:03:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Hewlett-Packard deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\SimilarSites deleted successfully C:\PROGRA~2\ZoomBrowser deleted successfully C:\Users\Els\AppData\Roaming\Lite deleted successfully C:\Users\Els\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Els\AppData\Roaming\SimilarSites deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update FindRight deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update FindRight deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Els\AppData\Roaming\ZoomBrowser EX deleted C:\Users\Els\AppData\Roaming\UpdaterEX deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive Backup 8.51 Professional Trial deleted C:\Windows\WININIT.INI deleted C:\Windows\system32\tasks\UpdaterEX deleted C:\Windows\tasks\UpdaterEX.job deleted "C:\Program Files\FindRight\updateFindRight.exe" deleted "C:\Program Files\FindRight\bin\utilFindRight.exe" deleted "C:\Program Files\FindRight" not deleted "C:\Program Files\FindRight\bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Els\AppData\Local\Temp ==== 2014-02-17 14:18:22 E6BB491A120A0668A551A8C2ED2FEE4F 6602128 ----a-w- C:\Users\Els\AppData\Local\Temp\{ED672FF5-E1A3-471A-8124-59923E343BFF}\setup.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-02-13 22:33:04 ED39F048755DBFC0B15757277989DA7E 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-02-13 22:33:03 EE988079D0D36275A9F7532CE3C59CDF 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-02-13 22:33:03 5702CB3B97F38A29BBFEE33F65306D98 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-02-13 22:33:03 02D6B948B7FF88D63CB03DC8E8D3EEBD 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-02-13 22:33:02 638E9F4DFA736B2B9ACE968A67CC04BD 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2014-02-13 22:33:02 155B87F83221CA75C2530EA816402145 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-13 22:33:02 12F815B1E3F6E2BBE2A2FAC621719876 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-02-13 22:33:01 DBD6B166FCBC3175F51C2A1F5D9D99FE 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-02-13 22:33:01 679EAED8E703235BA81AA2E58F4E2D16 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-02-13 22:33:01 4C6EE95535AA0B5C408DDC2D52DE4CA0 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2014-02-13 22:33:00 254C01E33A4ED7E20B80546B6236280E 231936 ----a-w- C:\Windows\System32\url.dll 2014-02-13 22:33:00 23C9B050C0390C01A158BDED210B8576 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-02-13 22:32:59 7E9A2766BF1B413FC7343CE23AEE0924 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-02-13 22:32:59 602CA05F0ED9E648DA287CA38FAE8EE4 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2014-02-13 22:32:59 116E809E91545A7C1CEA3B191566C6B1 1105408 ----a-w- C:\Windows\System32\urlmon.dll 2014-02-13 22:32:58 8CD5CA15064C3E47B4F246F98558E2DD 12345344 ----a-w- C:\Windows\System32\mshtml.dll 2014-02-13 21:35:57 BA53A05A630D4B8B5DA5427E4C633479 1248768 ----a-w- C:\Windows\System32\msxml3.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2014-01-19 16:50:30 7FCE42D3AF2B2004E11EACEA63D013EA 2988 ----a-w- C:\Windows\system32\Tasks\{A2CA9C1B-5975-40BA-8150-B149F6E10370} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-17 14:18:48 -------- d-----w- C:\Program Files\FindRight 2014-02-17 14:18:24 -------- d-----w- C:\Program Files\SiteFinder 2014-01-19 16:42:04 -------- d-----w- C:\Program Files\Common Files\Skype 2014-01-19 16:42:03 -------- d-----r- C:\Program Files\Skype ======= C: ===== ====== C:\Users\Els\AppData\Roaming ====== 2014-02-17 14:20:58 5D40970ECBBB82B9BACBA83334A5B260 29 ----a-w- C:\Users\Els\AppData\Roaming\WB.CFG 2014-01-19 16:42:10 -------- d-----w- C:\Users\Els\AppData\Roaming\Skype ====== C:\Users\Els ====== 2014-02-17 18:01:40 -------- d-----r- C:\Users\Els\Searches 2014-02-17 14:23:43 -------- d-----w- C:\ProgramData\TEMP 2014-02-17 14:17:17 -------- d--h--r- C:\Users\Public\Desktop 2014-02-17 14:15:05 -------- d-----r- C:\Users\Public\Documents 2014-01-19 16:42:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-01-19 16:41:51 -------- d-----w- C:\ProgramData\Skype ====== C: exe-files == 2014-02-17 14:18:26 04B26BADB735C3B9AEB9A14260EDC7E4 48532 ----a-w- C:\Program Files\SiteFinder\sitefinder_uninstaller.exe 2014-02-17 14:18:22 E6BB491A120A0668A551A8C2ED2FEE4F 6602128 ----a-w- C:\Users\Els\AppData\Local\Temp\{ED672FF5-E1A3-471A-8124-59923E343BFF}\setup.exe 2014-02-13 22:33:02 D550A9F48525C99174B17F669FD72C6D 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-02-13 22:33:02 155B87F83221CA75C2530EA816402145 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-13 22:33:00 48600DAC5AF3A53B6F430528209E4830 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="RtHDVCpl.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" "Skytel"="Skytel.exe" "ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit" "PLFSetI"="C:\Windows\PLFSetI.exe" "LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" "ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe show" "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" "ExtraFilmHemmaAgent"="C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "AirPort Base Station Agent"="C:\Program Files\AirPort\APAgent.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Folders ====================== 2008-12-03 19:37:13 797 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk 2009-08-30 15:33:17 1976 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/05/2013 20:47] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/05/2013 20:47] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\{A2CA9C1B-5975-40BA-8150-B149F6E10370}" ["C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [02/09/2009 18:30] ==== Chrome Look ====================== Docs - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" "Default_Page_URL"="iGoogle Redirect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Yahoo UK" "Default_Page_URL"="Yahoo UK" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Start Page"="https://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully HKEY_CLASSES_ROOT\CLSID\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Els\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Els\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=7 2980566 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Els\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Els\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Program Files\FindRight" not found ==== EOF on di 18/02/2014 at 15:17:52,63 ======================

Beste helpforum, Sinds enkele dagen krijgen we allerhande reklame en rare zoekresultaten bij een opdracht in Google. Ik zag dat er iemand een gelijkaardig probleem had op dit deel van het forum en het zou gaan om 'Findright' invoegtoepassing in internet explorer. In bijlage heb ik enkele print-screens bijgevoegd ter info. Kan er iemand me helpen? Alvast bedankt [ATTACH]30427[/ATTACH] Findright 1.docx

Beste, Ccleaner is gelukt en heeft een beetje plaats kunnen vrijmaken. De map "mijn documenten" staat al op de D schijf. Zou u me nog kunnen helpen met het juist instellen van een automatisch herstelpunt? Bedankt

Het lukt me zelfs niet om de CCleaner te installeren. Als ik het doel 'Opslaan Als' doe, is er maar een gedeeltelijke versie. Is er een manier om het te omzeilen?

Printscreen in bijlage

Beste, Sinds kort krijg ik het bericht dat er onvoldoende schijfruimte beschikbaar is. Nochtans dacht ik geen programma's geïnstalleerd te hebben. Vrij snel na de ingebruikname van de laptop was de harde schijf bijna vol, maar nu dus helemaal. Hierdoor kan er geen back-up meer gemaakt worden en gaat alles zeer traag uiteraard. Kan het een overblijfsel zijn van een vroeger virus? Heb programma's die ik niet meer gebruikte (zoals google earth) al verwijderd, maar het helpt niet en aan andere durf ik niet aankomen. Alvast bedankt voor de hulp Mvg

Malwarebytes heeft het desbetreffende kunnen verwijderen. Heb je de log nodig? Voor de rest heb ik geen problemen meer tegen gekomen. => Opgelost ? Kan ik het zoek.exe programma verwijderen? Bedankt voor uw en jullie hulp; misschien zouden de moderators toch eens kunnen denken aan een 'donate' button.

Telkens ik de computer opstart wordt dit schermpje (zie afbeelding) weergegeven. Wat doe ik best met het zoek.exe bestandje? In quarantaine plaatsen zoals AVG me aanraadt?

Beste Juisterr, Ik ben geen problemen meer tegen gekomen. Kan ik op de "opgelost" button klikken denk je? Er is nog wel een ouder item die bij het opstarten telkens een foutmelding geeft, maak ik daar een aparte vraag voor of zet ik hem hier ook dadelijk neer?

sample_25-04-2013_1654.zip downloaden

Uitkomst log: Zoek.exe Version 4.0.0.2 Updated 23-04-2013 Tool run by Alpitec on do 25-04-2013 at 16:52:30,15. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected ==== Creating Sample_25-04-2013_1654.zip ====================== Copied file C:\Users\Alpitec\7295175.exe to sample Copied file C:\Users\Alpitec\8213399.exe to sample sample\7295175.exe renamed to C4956DECEAEE9945A98D55B329FFEDEA sample\8213399.exe renamed to C4956DECEAEE9945A98D55B329FFEDEA C:\Users\Public\Desktop\sample_25-04-2013_1654.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3062237543-739346878-37038767-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9999A076-A9E2-4C99-8A2B-632FC9429223} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Alpitec\7295175.exe" deleted "C:\Users\Alpitec\8213399.exe" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Alpitec\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-04-25 14:02:46 D98766E896871A5F47A6A7056CFFD179 140200 ---ha-w- C:\Windows\System32\mlfcache.dat 2013-04-25 13:42:07 D0F47BFDDE810912F65E079B5956D6C7 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2013-04-25 12:23:53 CA1D2DD8785327AA6E658ED665AB2A7E 810 ----a-w- C:\Windows\System32\.crusader 2013-04-25 12:23:53 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe ====== C:\Windows\system32\drivers ===== 2013-04-24 06:54:37 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-11 01:18:40 1647C720358DCC98ACF51E597C461C4D 302368 ----a-w- C:\Windows\System32\drivers\avgtdix.sys 2013-04-10 12:58:27 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys ====== C:\Windows\Tasks ====== 2013-04-25 13:45:48 7AEB4E4F143E29768A85893B7D2195E3 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-04-25 14:11:43 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2013-04-25 13:55:54 -------- d-----w- C:\Program Files\Bonjour 2013-04-25 13:54:22 -------- d-----w- C:\Program Files\QuickTime 2013-04-25 13:48:07 -------- d-----w- C:\Program Files\Secunia 2013-04-25 12:12:06 -------- d-----w- C:\Program Files\HitmanPro ======= C: ===== ====== C:\Users\Alpitec\AppData\Roaming ====== 2013-04-25 14:11:51 -------- d-----w- C:\users\Alpitec\AppData\Roaming\Mozilla 2013-04-25 14:11:51 -------- d-----w- C:\users\Alpitec\AppData\Local\Mozilla 2013-04-25 13:48:15 -------- d-----w- C:\users\Alpitec\AppData\Local\Secunia PSI ====== C:\Users\Alpitec ====== 2013-04-25 14:11:44 -------- d-----w- C:\ProgramData\Mozilla 2013-04-25 13:54:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2013-04-25 12:12:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-04-25 12:10:44 -------- d-----w- C:\ProgramData\HitmanPro 2013-04-16 14:26:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-03-28 08:32:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth ====== C: exe-files == 2013-04-25 14:27:22 846AD66CBD2CE60B7A0F16CA3FFCC254 78333952 ----a-w- C:\Program Files\Secunia\PSI\SUA\5c1fe18a4d235a338af9372b647cfcd738b0c260\iTunes_10.7_32-bit_SPS.exe 2013-04-25 14:26:58 846AD66CBD2CE60B7A0F16CA3FFCC254 78333952 ----a-w- C:\Windows\Temp\Secunia PSI Agent\iTunes_10.7_32-bit_SPS.exe 2013-04-25 14:11:46 ACB7A097779ADEBD53CD8155BFEEF522 105964 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2013-04-25 14:11:44 7EDBBB9351A38C6BB0FE98CFD44DB430 115608 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2013-04-25 13:55:31 F64ED2E0CF4F82F5F8CCEEBCD6B828FC 103272 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2013-04-25 13:55:31 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2013-04-25 13:55:31 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2013-04-25 13:55:31 2842F93E0B8EEE31CCC29C44BBE131B1 130408 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2013-04-25 13:55:31 004E16C7DCA3FB38896478DDCC4F00F0 59392 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2013-04-25 13:52:31 D572C48968E5F32C6DC895DE24F408D2 38501744 ----a-w- C:\Users\Alpitec\AppData\Local\Temp\60377607-a0fb-49b0-adba-9c435df33687\SafariSetup.exe 2013-04-25 13:52:09 086A13FDE91C3C53BC34073C0FE63456 40437664 ----a-w- C:\Users\Alpitec\AppData\Local\Temp\60377607-a0fb-49b0-adba-9c43232324\QuickTimeInstaller.exe 2013-04-25 13:48:10 DB53DC35AACA5116211C7FBD28FC939E 481003 ----a-w- C:\Program Files\Secunia\PSI\Uninstall.exe 2013-04-25 13:44:39 2E671F9D2193DFFE5F0AFEFC47840BC1 2138352 ----a-w- C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U9738191\install_flashplayer11x32ax_gtbd_chrd_dn_aih[1].exe 2013-04-25 12:23:53 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2013-04-25 12:12:11 E3E45EBFEFA50F14ECD6559BD0FC1F7C 106280 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-04-25 12:12:06 FAEC969501113433B3F38891F3B77A26 9097384 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe === C: other files == 2013-04-25 14:54:40 F004C1CDF62F0C129C57973927322FD3 36936 ----a-w- C:\Users\Public\Desktop\sample_25-04-2013_1654.zip 2013-04-25 14:23:04 A018EFB1FE0F722FF307382791BF3C98 532430 ----a-w- C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi 2013-04-25 14:21:18 07607A3CB349EECCFC7768B5F4F2AAAE 817280 ----a-w- C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2013-04-25 09:14:55 75DCE91C26CF5FB554407ED03CCC73C7 26616 ----a-w- C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U9738191\jw-lite-black[1].zip 2013-04-24 06:54:37 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3062237543-739346878-37038767-1000\Software\Microsoft\Windows\CurrentVersion\Run] "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Run-OSByPetzl"="C:\Program Files\Petzl\OSByPetzl\WinPetzlController.exe" "BrowserChoice"="C:\Windows\System32\browserchoice.exe /run" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "Run-OSByPetzl"="C:\Program Files\Petzl\OSByPetzl\WinPetzlController.exe" "BrowserChoice"="C:\Windows\System32\browserchoice.exe /run" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LosAlamos] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LosAlamos" "hkey"="HKCU" "command"="rundll32.exe C:\\Windows\\system32\\sshnas21.dll,AttachConsoleA" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TOY5KNQ8OC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TOY5KNQ8OC" "hkey"="HKCU" "command"="C:\\Users\\Alpitec\\AppData\\Local\\Temp\\Oh1.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Folders ====================== 2010-03-08 21:54:55 1276 ----a-w- C:\users\Alpitec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-04-25 13:48:09 1060 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [25-04-2013 15:45] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-06-2012 11:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-06-2012 11:34] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default - NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3 2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3 B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3 3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3 C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3 45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3 9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3 8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21 ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11 66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In 69505F9C479C4FF95621C3E1A7B6E5CE - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat D1CC5365F151777DF447242E476796BA - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat A82533DA1C7AFCE542B8E0D2714B8A4A - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 09B4E13D25623D879D35286E2D29FF13 - C:\Users\Alpitec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx[26-07-2012 03:23] ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx[20-04-2012 06:18] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Bing" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Bing" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{B6C5B686-03C4-4754-8BB3-31735A51DD89}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {B6C5B686-03C4-4754-8BB3-31735A51DD89} Google Url="{searchTerms - Google zoeken}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\HitmanPro.lnk - C:\Program Files\HitmanPro\HitmanPro.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {468D22C0-8080-11E2-B86E-B8AC6F98CCE3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk - C:\Program Files\HitmanPro\HitmanPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Verwijder HitmanPro 3.7.lnk - C:\Program Files\HitmanPro\HitmanPro.exe /uninstall C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\RichText.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\PictureViewer.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deïnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\QTPlayer.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe ==== shortcuts in Quick Launch ====================== C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe ==== Empty IE Cache ====================== C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Alpitec\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alpitec\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Alpitec\AppData\Local\Mozilla\Firefox\Profiles\dwsiodp4.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Alpitec\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found