reva
-
Items
27 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door reva
-
-
Beste kweezie wabbit
Alvast bedankt voor deze guidance. In bijlage de printscreen van het schijfbeheer. Ondertussen merk ik ook dat er misschien wat veel HD foto's op de harde schijf staan en dat de tweede 'D' eigenlijk een deel is van de 'C'
-
[ATTACH]35623[/ATTACH] Log in bijlage
-
-
Log tekst in bijlage
-
Beste,Ik denk dat er malware op mijn laptop zit. De harde schijf komt voller en voller zonder dat ik (bewust) iets download. Nu is het zo ver dat de C vol is. Dit geeft uiteraard problemen voor het openen van verschillende vensters en tijdelijk bestanden.De 2de schijf heeft nog een capaciteit van 100 GIG (van de 180).Wat te doen?
-
Beste Jion,
Ontzettend bedankt voor je hulp!!
Reva
-
Gelukt.
Jre6 is weg en ProductR ook.
Enkel de Norton/Symantec is nog gebleven.
Misschien is het een idee om deze ook te verwijderen en te vervangen door en up-to-date versie van een AVG? Of misschien is er een andere virusscanner die performanter is?
Prettige avond toegewesnt in ieder geval!
-
Java is weg dus dan kan ik de nieuwe versie installeren.
Ik heb 2 logs gekregen, maar heb het laten draaien toen ik elders bezig was dus weet niet welkje je nodig hebt. Ik gok op deze:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Els at 2014-02-19 16:49:16
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 37 GB (45%) free of 82 GB
Total RAM: 3066 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:50:32, on 19/02/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetI.exe
C:\Users\Els\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\Els & Reinout\Desktop\RSIT.exe
C:\Program Files\trend micro\Els.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11568 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]
{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Program Files\SiteFinder\SiteFinder.dll [2014-01-22 366592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
"Skytel"=C:\Windows\Skytel.exe [2008-04-21 1826816]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-07 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-07 92704]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-09-01 858632]
"eRecoveryService"= []
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-12-03 3625984]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-22 107112]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-28 134808]
"ExtraFilmHemmaAgent"=C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"AirPort Base Station Agent"=C:\Program Files\AirPort\APAgent.exe [2009-11-11 771360]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-12-03 2938880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.IV41"=IR41_32.AX
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-19 16:49:17 ----D---- C:\Program Files\trend micro
2014-02-19 16:49:16 ----D---- C:\rsit
2014-02-19 16:21:11 ----D---- C:\Program Files\VS Revo Group
2014-02-19 14:46:28 ----D---- C:\Program Files\Common Files\Adobe
2014-02-19 12:34:19 ----D---- C:\Program Files\CCleaner
2014-02-19 09:43:26 ----A---- C:\DelFix.txt
2014-02-18 15:17:59 ----SHD---- C:\$RECYCLE.BIN
2014-02-18 15:15:04 ----A---- C:\Windows\zoek-delete.exe
2014-02-18 15:15:03 ----D---- C:\Windows\Temp
2014-02-18 14:59:40 ----D---- C:\zoek_backup
2014-02-17 15:23:43 ----D---- C:\ProgramData\TEMP
2014-02-17 15:18:24 ----D---- C:\Program Files\SiteFinder
2014-02-13 23:33:03 ----A---- C:\Windows\system32\vbscript.dll
2014-02-13 23:33:03 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-13 23:33:03 ----A---- C:\Windows\system32\ieui.dll
2014-02-13 23:33:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-13 23:33:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-13 23:33:02 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-13 23:33:01 ----A---- C:\Windows\system32\wininet.dll
2014-02-13 23:33:01 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 23:33:01 ----A---- C:\Windows\system32\jscript.dll
2014-02-13 23:33:00 ----A---- C:\Windows\system32\url.dll
2014-02-13 23:33:00 ----A---- C:\Windows\system32\iertutil.dll
2014-02-13 23:32:59 ----A---- C:\Windows\system32\urlmon.dll
2014-02-13 23:32:59 ----A---- C:\Windows\system32\ieframe.dll
2014-02-13 23:32:58 ----A---- C:\Windows\system32\mshtml.dll
2014-02-13 22:35:57 ----A---- C:\Windows\system32\msxml3.dll
======List of files/folders modified in the last 1 month======
2014-02-19 16:49:17 ----RD---- C:\Program Files
2014-02-19 16:24:30 ----SHD---- C:\Windows\Installer
2014-02-19 16:24:30 ----HD---- C:\Config.Msi
2014-02-19 16:24:30 ----D---- C:\Program Files\Common Files
2014-02-19 16:24:14 ----D---- C:\Windows\System32
2014-02-19 16:23:09 ----SHD---- C:\System Volume Information
2014-02-19 16:19:49 ----D---- C:\ProgramData\Adobe
2014-02-19 16:18:20 ----SD---- C:\Users\Els\AppData\Roaming\Microsoft
2014-02-19 16:18:20 ----D---- C:\Users\Els\AppData\Roaming\Adobe
2014-02-19 14:46:28 ----D---- C:\Program Files\Adobe
2014-02-19 14:45:32 ----D---- C:\Windows\Prefetch
2014-02-19 12:34:21 ----D---- C:\Windows\system32\Tasks
2014-02-18 22:43:33 ----A---- C:\Windows\win.ini
2014-02-18 15:16:33 ----D---- C:\Windows
2014-02-18 15:11:06 ----D---- C:\Windows\Tasks
2014-02-18 15:04:28 ----HD---- C:\ProgramData
2014-02-17 15:37:07 ----D---- C:\ProgramData\tmp
2014-02-17 15:22:19 ----D---- C:\Users\Els\AppData\Roaming\Skype
2014-02-17 15:15:05 ----RD---- C:\Users
2014-02-17 15:09:25 ----A---- C:\Windows\system32\lsprst7.dll
2014-02-17 13:23:58 ----D---- C:\Windows\inf
2014-02-17 13:23:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-14 20:27:32 ----RSD---- C:\Windows\assembly
2014-02-14 20:27:32 ----D---- C:\Windows\Microsoft.NET
2014-02-14 20:11:39 ----D---- C:\Windows\system32\migration
2014-02-14 20:11:37 ----D---- C:\Program Files\Internet Explorer
2014-02-13 23:43:31 ----D---- C:\Windows\winsxs
2014-02-13 23:39:23 ----D---- C:\Windows\system32\MRT
2014-02-13 23:37:21 ----A---- C:\Windows\system32\mrt.exe
2014-02-13 23:33:57 ----D---- C:\Windows\system32\catroot
2014-02-13 23:33:36 ----D---- C:\Windows\system32\catroot2
2014-02-09 20:51:29 ----D---- C:\ProgramData\hps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2008-12-03 43184]
R0 hotcore3;hotcore3; C:\Windows\system32\drivers\hotcore3.sys [2007-11-06 39472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2012-09-17 376480]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2007-11-06 131672]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2007-11-06 32080]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-05-09 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-05-09 8704]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2008-04-25 146688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-09-01 21264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-01 106656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-05-09 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-05-09 208896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130708.002\NAVENG.SYS [2013-06-17 93272]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20130708.002\NAVEX15.SYS [2013-06-17 1611992]
R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-07 44064]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-07 7545824]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-12-04 109744]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-09 661504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 rt2500usb;DWL-G122(rev.
USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\rt2500usb.sys [2005-03-12 243456]S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 BcmSqlStartupSvc;Opstartservice voor SQL Server voor Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-11-28 30872]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-12-03 3435008]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-07 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SQLBrowser;SQL Server-browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-11-28 1962136]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-05-09 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-27 194032]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-11-28 122008]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
-----------------EOF-----------------
-
Bijlage vergeten
-
Java vormt een problem, als ik het wil verwijderen, blijft het gewoon stan in de lijst van programma's. Het is ook meer 1 bestand, ik vind er geen andere (zie bijlage). Zal ik de nieuwe versie installeren?
Adobe is geen probleem.
Norton Antivirus vindt ik ook niet terug in de lijst. Enkel de symantec welke laatste datum 13/07/2013 is.
-
Log van checkup:
Results of screen317's Security Check version 0.99.79
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 6 Update 24
Java version out of Date!
Adobe Reader 8 Adobe Reader out of Date!
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.107
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Symantec AntiVirus DefWatch.exe
Symantec AntiVirus Rtvscan.exe
Symantec AntiVirus VPTray.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
- - - Updated - - -
Hierbij de log van CCleaner:
Ja HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe
Ja HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Ja HKLM:Run AirPort Base Station Agent Apple Inc. "C:\Program Files\AirPort\APAgent.exe"
Ja HKLM:Run APSDaemon Apple Inc. "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Ja HKLM:Run BkupTray NewTech Infosystems, Inc "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
Ja HKLM:Run ccApp Symantec Corporation "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
Ja HKLM:Run ePower_DMC Acer Inc. C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
Ja HKLM:Run eRecoveryService
Ja HKLM:Run ExtraFilmHemmaAgent "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
Ja HKLM:Run HP Software Update Hewlett-Packard Co. C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Ja HKLM:Run IAAnotif Intel Corporation C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
Ja HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Ja HKLM:Run LManager Dritek System Inc. C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
Ja HKLM:Run NvCplDaemon Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
Ja HKLM:Run NvMediaCenter Microsoft Corporation RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
Ja HKLM:Run PLFSetI C:\Windows\PLFSetI.exe
Ja HKLM:Run ProductReg Acer "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
Ja HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Ja HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe
Ja HKLM:Run Skytel Realtek Semiconductor Corp. Skytel.exe
Ja HKLM:Run SunJavaUpdateSched Sun Microsystems, Inc. "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Ja HKLM:Run SynTPEnh Synaptics, Inc. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Ja HKLM:Run vptray Symantec Corporation C:\PROGRA~1\SYMANT~1\VPTray.exe
Ja HKLM:Run Windows Defender Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Ja HKLM:Run ZPdtWzdVitaKey MC3000 Arachnoid Biometrics Identification Group Corp. "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
Ja Startup Common BTTray.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Ja Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
-
Goede morgen,
Hierbij het logje van de Delfix: # DelFix v10.6 - Logfile created 19/02/2014 at 09:43:26
# Updated 11/11/2013 by Xplode
# Username : Els - PC_VAN_ELS
# Operating System : Windows Vista Business Service Pack 2 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : D:\Els \Desktop\adwcleaner.exe
Deleted : D:\Els \Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #312 [Windows Update | 12/10/2013 22:34:28]
Deleted : RP #313 [installed QuickTime | 01/10/2014 21:04:33]
Deleted : RP #314 [Windows Update | 01/15/2014 20:28:57]
Deleted : RP #315 [Windows Update | 02/13/2014 22:32:05]
Deleted : RP #316 [zoek.exe restore point | 02/18/2014 14:03:17]
New restore point created !
########## - EOF - ##########
Ik zie in de log dat er een nieuw restore point gemaakt is, hoe kan dat restore point teruggevonden worden in nood?
De ProductR heb ik niet gevonden in de lijst van geïnstalleerde programma's tenzij het de Acer eRecovery is (zie printscreen). Wel staat er nog in de lijst de FindRight. Kan ik die hier ook verwijderen?
De Virusscanner is Symantec maar die heb ik enkele dagen geleden nog naar updates laten zoeken. Geen idee of het een betalende versie was. Welke virusscanner zou je aanraden om te installeren aangezien deze niet up-to-date is?
Bedankt voor je hulp!
-
Hierbij de log van AdwaCleaner:
AdwCleaner v3.019 - Report created 18/02/2014 at 16:26:34
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista Business Service Pack 2 (32 bits)
# Username : Els - PC_VAN_ELS
# Running from : D:\Els Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95BE02D8-68E8-4537-940F-B6EF6032803F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95BE02D8-68E8-4537-940F-B6EF6032803F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Optimizer Pro v3.2
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16533
-\\ Google Chrome v32.0.1700.107
[ File : C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2098 octets] - [18/02/2014 16:15:57]
AdwCleaner[s0].txt - [2090 octets] - [18/02/2014 16:26:34]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2150 octets] ##########
- - - Updated - - -
Ik had nog een vraagje. Telkens de computer opstart geeft hij volgende 2 meldingen. Wat kan ik hier aan doen? Zie bijlage
-
Beste Jion,
Dank voor je snlle reactie. Zoek.exe uitgevoerd en heb de indruk dat de ads al verdwenen zijn na de opstart.
Hieronder het logje:
Zoek.exe v5.0.0.0 Updated 17-February-2014
Tool run by Els on di 18/02/2014 at 15:02:25,09.
Microsoft® Windows Vista™ Business 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: D:\Els\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
18/02/2014 15:03:39 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\Program Files\Hewlett-Packard deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\SimilarSites deleted successfully
C:\PROGRA~2\ZoomBrowser deleted successfully
C:\Users\Els\AppData\Roaming\Lite deleted successfully
C:\Users\Els\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\Els\AppData\Roaming\SimilarSites deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update FindRight deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update FindRight deleted successfully
==== Deleting Files \ Folders ======================
C:\Users\Els\AppData\Roaming\ZoomBrowser EX deleted
C:\Users\Els\AppData\Roaming\UpdaterEX deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive Backup 8.51 Professional Trial deleted
C:\Windows\WININIT.INI deleted
C:\Windows\system32\tasks\UpdaterEX deleted
C:\Windows\tasks\UpdaterEX.job deleted
"C:\Program Files\FindRight\updateFindRight.exe" deleted
"C:\Program Files\FindRight\bin\utilFindRight.exe" deleted
"C:\Program Files\FindRight" not deleted
"C:\Program Files\FindRight\bin" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Els\AppData\Local\Temp ====
2014-02-17 14:18:22 E6BB491A120A0668A551A8C2ED2FEE4F 6602128 ----a-w- C:\Users\Els\AppData\Local\Temp\{ED672FF5-E1A3-471A-8124-59923E343BFF}\setup.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2014-02-13 22:33:04 ED39F048755DBFC0B15757277989DA7E 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-13 22:33:03 EE988079D0D36275A9F7532CE3C59CDF 73216 ----a-w- C:\Windows\System32\mshtmled.dll
2014-02-13 22:33:03 5702CB3B97F38A29BBFEE33F65306D98 421376 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-13 22:33:03 02D6B948B7FF88D63CB03DC8E8D3EEBD 176640 ----a-w- C:\Windows\System32\ieui.dll
2014-02-13 22:33:02 638E9F4DFA736B2B9ACE968A67CC04BD 65536 ----a-w- C:\Windows\System32\jsproxy.dll
2014-02-13 22:33:02 155B87F83221CA75C2530EA816402145 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-13 22:33:02 12F815B1E3F6E2BBE2A2FAC621719876 607744 ----a-w- C:\Windows\System32\msfeeds.dll
2014-02-13 22:33:01 DBD6B166FCBC3175F51C2A1F5D9D99FE 717824 ----a-w- C:\Windows\System32\jscript.dll
2014-02-13 22:33:01 679EAED8E703235BA81AA2E58F4E2D16 1129472 ----a-w- C:\Windows\System32\wininet.dll
2014-02-13 22:33:01 4C6EE95535AA0B5C408DDC2D52DE4CA0 1806848 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-13 22:33:00 254C01E33A4ED7E20B80546B6236280E 231936 ----a-w- C:\Windows\System32\url.dll
2014-02-13 22:33:00 23C9B050C0390C01A158BDED210B8576 1796096 ----a-w- C:\Windows\System32\iertutil.dll
2014-02-13 22:32:59 7E9A2766BF1B413FC7343CE23AEE0924 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-13 22:32:59 602CA05F0ED9E648DA287CA38FAE8EE4 9739264 ----a-w- C:\Windows\System32\ieframe.dll
2014-02-13 22:32:59 116E809E91545A7C1CEA3B191566C6B1 1105408 ----a-w- C:\Windows\System32\urlmon.dll
2014-02-13 22:32:58 8CD5CA15064C3E47B4F246F98558E2DD 12345344 ----a-w- C:\Windows\System32\mshtml.dll
2014-02-13 21:35:57 BA53A05A630D4B8B5DA5427E4C633479 1248768 ----a-w- C:\Windows\System32\msxml3.dll
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
2014-01-19 16:50:30 7FCE42D3AF2B2004E11EACEA63D013EA 2988 ----a-w- C:\Windows\system32\Tasks\{A2CA9C1B-5975-40BA-8150-B149F6E10370}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-02-17 14:18:48 -------- d-----w- C:\Program Files\FindRight
2014-02-17 14:18:24 -------- d-----w- C:\Program Files\SiteFinder
2014-01-19 16:42:04 -------- d-----w- C:\Program Files\Common Files\Skype
2014-01-19 16:42:03 -------- d-----r- C:\Program Files\Skype
======= C: =====
====== C:\Users\Els\AppData\Roaming ======
2014-02-17 14:20:58 5D40970ECBBB82B9BACBA83334A5B260 29 ----a-w- C:\Users\Els\AppData\Roaming\WB.CFG
2014-01-19 16:42:10 -------- d-----w- C:\Users\Els\AppData\Roaming\Skype
====== C:\Users\Els ======
2014-02-17 18:01:40 -------- d-----r- C:\Users\Els\Searches
2014-02-17 14:23:43 -------- d-----w- C:\ProgramData\TEMP
2014-02-17 14:17:17 -------- d--h--r- C:\Users\Public\Desktop
2014-02-17 14:15:05 -------- d-----r- C:\Users\Public\Documents
2014-01-19 16:42:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-01-19 16:41:51 -------- d-----w- C:\ProgramData\Skype
====== C: exe-files ==
2014-02-17 14:18:26 04B26BADB735C3B9AEB9A14260EDC7E4 48532 ----a-w- C:\Program Files\SiteFinder\sitefinder_uninstaller.exe
2014-02-17 14:18:22 E6BB491A120A0668A551A8C2ED2FEE4F 6602128 ----a-w- C:\Users\Els\AppData\Local\Temp\{ED672FF5-E1A3-471A-8124-59923E343BFF}\setup.exe
2014-02-13 22:33:02 D550A9F48525C99174B17F669FD72C6D 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-02-13 22:33:02 155B87F83221CA75C2530EA816402145 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-13 22:33:00 48600DAC5AF3A53B6F430528209E4830 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe"
"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
"Skytel"="Skytel.exe"
"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE"
"ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe show"
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe"
"ExtraFilmHemmaAgent"="C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"AirPort Base Station Agent"="C:\Program Files\AirPort\APAgent.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
==== Startup Folders ======================
2008-12-03 19:37:13 797 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
2009-08-30 15:33:17 1976 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/05/2013 20:47]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/05/2013 20:47]
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\{A2CA9C1B-5975-40BA-8150-B149F6E10370}" ["C:\Program Files\Internet Explorer\iexplore.exe" Download Skype op uw computer ? Mac, Windows, Linux ? Skype]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [02/09/2009 18:30]
==== Chrome Look ======================
Docs - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Els\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
"Default_Page_URL"="iGoogle Redirect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Yahoo UK"
"Default_Page_URL"="Yahoo UK"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"
"Start Page"="https://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"
"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-297045743-149010601-2998572624-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C774641-5504-46A8-B63F-6715AE3FE376} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Els\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Els\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Els\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=26 folders=7 2980566 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Els\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Els\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Els\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\FindRight" not found
==== EOF on di 18/02/2014 at 15:17:52,63 ======================
-
Beste helpforum,
Sinds enkele dagen krijgen we allerhande reklame en rare zoekresultaten bij een opdracht in Google. Ik zag dat er iemand een gelijkaardig probleem had op dit deel van het forum en het zou gaan om 'Findright' invoegtoepassing in internet explorer.
In bijlage heb ik enkele print-screens bijgevoegd ter info.
Kan er iemand me helpen?
Alvast bedankt
[ATTACH]30427[/ATTACH]
-
Beste,
Ccleaner is gelukt en heeft een beetje plaats kunnen vrijmaken.
De map "mijn documenten" staat al op de D schijf. Zou u me nog kunnen helpen met het juist instellen van een automatisch herstelpunt?
Bedankt
-
Het lukt me zelfs niet om de CCleaner te installeren. Als ik het doel 'Opslaan Als' doe, is er maar een gedeeltelijke versie. Is er een manier om het te omzeilen?
-
Printscreen in bijlage
-
Beste,
Sinds kort krijg ik het bericht dat er onvoldoende schijfruimte beschikbaar is. Nochtans dacht ik geen programma's geïnstalleerd te hebben. Vrij snel na de ingebruikname van de laptop was de harde schijf bijna vol, maar nu dus helemaal. Hierdoor kan er geen back-up meer gemaakt worden en gaat alles zeer traag uiteraard. Kan het een overblijfsel zijn van een vroeger virus?
Heb programma's die ik niet meer gebruikte (zoals google earth) al verwijderd, maar het helpt niet en aan andere durf ik niet aankomen.
Alvast bedankt voor de hulp
Mvg
-
Malwarebytes heeft het desbetreffende kunnen verwijderen. Heb je de log nodig?
Voor de rest heb ik geen problemen meer tegen gekomen.
=> Opgelost ?
Kan ik het zoek.exe programma verwijderen?
Bedankt voor uw en jullie hulp; misschien zouden de moderators toch eens kunnen denken aan een 'donate' button.
-
Telkens ik de computer opstart wordt dit schermpje (zie afbeelding) weergegeven.
Wat doe ik best met het zoek.exe bestandje? In quarantaine plaatsen zoals AVG me aanraadt?
-
Beste Juisterr,
Ik ben geen problemen meer tegen gekomen.
Kan ik op de "opgelost" button klikken denk je?
Er is nog wel een ouder item die bij het opstarten telkens een foutmelding geeft, maak ik daar een aparte vraag voor of zet ik hem hier ook dadelijk neer?
-
-
Uitkomst log:
Zoek.exe Version 4.0.0.2 Updated 23-04-2013
Tool run by Alpitec on do 25-04-2013 at 16:52:30,15.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
==== Creating Sample_25-04-2013_1654.zip ======================
Copied file C:\Users\Alpitec\7295175.exe to sample
Copied file C:\Users\Alpitec\8213399.exe to sample
sample\7295175.exe renamed to C4956DECEAEE9945A98D55B329FFEDEA
sample\8213399.exe renamed to C4956DECEAEE9945A98D55B329FFEDEA
C:\Users\Public\Desktop\sample_25-04-2013_1654.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3062237543-739346878-37038767-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9999A076-A9E2-4C99-8A2B-632FC9429223} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Files \ Folders ======================
"C:\Users\Alpitec\7295175.exe" deleted
"C:\Users\Alpitec\8213399.exe" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Alpitec\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-04-25 14:02:46 D98766E896871A5F47A6A7056CFFD179 140200 ---ha-w- C:\Windows\System32\mlfcache.dat
2013-04-25 13:42:07 D0F47BFDDE810912F65E079B5956D6C7 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-04-25 12:23:53 CA1D2DD8785327AA6E658ED665AB2A7E 810 ----a-w- C:\Windows\System32\.crusader
2013-04-25 12:23:53 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe
====== C:\Windows\system32\drivers =====
2013-04-24 06:54:37 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-11 01:18:40 1647C720358DCC98ACF51E597C461C4D 302368 ----a-w- C:\Windows\System32\drivers\avgtdix.sys
2013-04-10 12:58:27 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys
====== C:\Windows\Tasks ======
2013-04-25 13:45:48 7AEB4E4F143E29768A85893B7D2195E3 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-04-25 14:11:43 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
2013-04-25 13:55:54 -------- d-----w- C:\Program Files\Bonjour
2013-04-25 13:54:22 -------- d-----w- C:\Program Files\QuickTime
2013-04-25 13:48:07 -------- d-----w- C:\Program Files\Secunia
2013-04-25 12:12:06 -------- d-----w- C:\Program Files\HitmanPro
======= C: =====
====== C:\Users\Alpitec\AppData\Roaming ======
2013-04-25 14:11:51 -------- d-----w- C:\users\Alpitec\AppData\Roaming\Mozilla
2013-04-25 14:11:51 -------- d-----w- C:\users\Alpitec\AppData\Local\Mozilla
2013-04-25 13:48:15 -------- d-----w- C:\users\Alpitec\AppData\Local\Secunia PSI
====== C:\Users\Alpitec ======
2013-04-25 14:11:44 -------- d-----w- C:\ProgramData\Mozilla
2013-04-25 13:54:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2013-04-25 12:12:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2013-04-25 12:10:44 -------- d-----w- C:\ProgramData\HitmanPro
2013-04-16 14:26:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-03-28 08:32:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
====== C: exe-files ==
2013-04-25 14:27:22 846AD66CBD2CE60B7A0F16CA3FFCC254 78333952 ----a-w- C:\Program Files\Secunia\PSI\SUA\5c1fe18a4d235a338af9372b647cfcd738b0c260\iTunes_10.7_32-bit_SPS.exe
2013-04-25 14:26:58 846AD66CBD2CE60B7A0F16CA3FFCC254 78333952 ----a-w- C:\Windows\Temp\Secunia PSI Agent\iTunes_10.7_32-bit_SPS.exe
2013-04-25 14:11:46 ACB7A097779ADEBD53CD8155BFEEF522 105964 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe
2013-04-25 14:11:44 7EDBBB9351A38C6BB0FE98CFD44DB430 115608 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
2013-04-25 13:55:31 F64ED2E0CF4F82F5F8CCEEBCD6B828FC 103272 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2013-04-25 13:55:31 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2013-04-25 13:55:31 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2013-04-25 13:55:31 2842F93E0B8EEE31CCC29C44BBE131B1 130408 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2013-04-25 13:55:31 004E16C7DCA3FB38896478DDCC4F00F0 59392 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2013-04-25 13:52:31 D572C48968E5F32C6DC895DE24F408D2 38501744 ----a-w- C:\Users\Alpitec\AppData\Local\Temp\60377607-a0fb-49b0-adba-9c435df33687\SafariSetup.exe
2013-04-25 13:52:09 086A13FDE91C3C53BC34073C0FE63456 40437664 ----a-w- C:\Users\Alpitec\AppData\Local\Temp\60377607-a0fb-49b0-adba-9c43232324\QuickTimeInstaller.exe
2013-04-25 13:48:10 DB53DC35AACA5116211C7FBD28FC939E 481003 ----a-w- C:\Program Files\Secunia\PSI\Uninstall.exe
2013-04-25 13:44:39 2E671F9D2193DFFE5F0AFEFC47840BC1 2138352 ----a-w- C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U9738191\install_flashplayer11x32ax_gtbd_chrd_dn_aih[1].exe
2013-04-25 12:23:53 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2013-04-25 12:12:11 E3E45EBFEFA50F14ECD6559BD0FC1F7C 106280 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe
2013-04-25 12:12:06 FAEC969501113433B3F38891F3B77A26 9097384 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe
=== C: other files ==
2013-04-25 14:54:40 F004C1CDF62F0C129C57973927322FD3 36936 ----a-w- C:\Users\Public\Desktop\sample_25-04-2013_1654.zip
2013-04-25 14:23:04 A018EFB1FE0F722FF307382791BF3C98 532430 ----a-w- C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
2013-04-25 14:21:18 07607A3CB349EECCFC7768B5F4F2AAAE 817280 ----a-w- C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2013-04-25 09:14:55 75DCE91C26CF5FB554407ED03CCC73C7 26616 ----a-w- C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U9738191\jw-lite-black[1].zip
2013-04-24 06:54:37 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3062237543-739346878-37038767-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Run-OSByPetzl"="C:\Program Files\Petzl\OSByPetzl\WinPetzlController.exe"
"BrowserChoice"="C:\Windows\System32\browserchoice.exe /run"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Run-OSByPetzl"="C:\Program Files\Petzl\OSByPetzl\WinPetzlController.exe"
"BrowserChoice"="C:\Windows\System32\browserchoice.exe /run"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LosAlamos]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LosAlamos"
"hkey"="HKCU"
"command"="rundll32.exe C:\\Windows\\system32\\sshnas21.dll,AttachConsoleA"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TOY5KNQ8OC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TOY5KNQ8OC"
"hkey"="HKCU"
"command"="C:\\Users\\Alpitec\\AppData\\Local\\Temp\\Oh1.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
==== Startup Folders ======================
2010-03-08 21:54:55 1276 ----a-w- C:\users\Alpitec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
2013-04-25 13:48:09 1060 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [25-04-2013 15:45]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-06-2012 11:34]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-06-2012 11:34]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Alpitec\AppData\Roaming\Mozilla\Firefox\Profiles\dwsiodp4.default
AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21
ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
69505F9C479C4FF95621C3E1A7B6E5CE - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
D1CC5365F151777DF447242E476796BA - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
A82533DA1C7AFCE542B8E0D2714B8A4A - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
09B4E13D25623D879D35286E2D29FF13 - C:\Users\Alpitec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx[26-07-2012 03:23]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx[20-04-2012 06:18]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Bing"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Bing"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{B6C5B686-03C4-4754-8BB3-31735A51DD89}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
{B6C5B686-03C4-4754-8BB3-31735A51DD89} Google Url="{searchTerms - Google zoeken}"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\HitmanPro.lnk - C:\Program Files\HitmanPro\HitmanPro.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {468D22C0-8080-11E2-B86E-B8AC6F98CCE3}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk - C:\Program Files\HitmanPro\HitmanPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Verwijder HitmanPro 3.7.lnk - C:\Program Files\HitmanPro\HitmanPro.exe /uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\RichText.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\PictureViewer.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deïnstalleren.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\QTPlayer.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk - C:\Program Files\Secunia\PSI\psi_tray.exe
==== shortcuts in Quick Launch ======================
C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk - C:\Windows\Installer\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}\SafariIco.exe
C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Alpitec\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
==== Empty IE Cache ======================
C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Alpitec\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alpitec\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Alpitec\AppData\Local\Mozilla\Firefox\Profiles\dwsiodp4.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Alpitec\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Alpitec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\rt2500usb.sys [2005-03-12 243456]
Malware?
in Archief Bestrijding malware & virussen
Geplaatst:
Gelukt.
Bedankt kweezie wabbit!