Colleke
-
Items
31 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Colleke
-
Zeer traag werkende laptop
Colleke reageerde op Colleke's topic in Archief Bestrijding malware & virussen
C:\AdwCleaner\AdwCleaner[C1].txt - [8138 bytes] - [22/04/2016 20:55:41] C:\AdwCleaner\AdwCleaner[s1].txt - [9754 bytes] - [22/04/2016 20:48:58] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8284 bytes] ##########AdwCleanerC1.txt -
Zeer traag werkende laptop
Colleke reageerde op Colleke's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Geert on do 21/04/2016 at 19:34:06,77. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Geert\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 21/04/2016 19:36:23 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\ScanSoft deleted successfully C:\PROGRA~2\Babylon deleted successfully C:\Users\Geert\AppData\Roaming\PeerNetworking deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2DE4F85C-3F78-457B-B630-9746CE39A505} deleted successfully HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 Objects\{11111111-1111-1111-1111-110011501160}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnUpdater"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Deleting Files \ Folders ====================== C:\Program Files\ScanSoft not found C:\Program Files\Ask.com deleted C:\Program Files\MLPS deleted C:\Program Files\Mozilla Firefox\user.js deleted C:\Program Files\Uninstall Information\ib_uninst_0 deleted C:\Program Files\Uninstall Information\ib_uninst_349 deleted C:\Program Files\Uninstall Information\ib_uninst_398 deleted C:\Program Files\Uninstall Information\ib_uninst_527 deleted C:\Program Files\SamsungPrinterLiveUpdateInstaller deleted C:\Program Files\Savings Sidekick deleted C:\Users\Geert\AppData\Roaming\Babylon deleted C:\PROGRA~2\Ask deleted C:\PROGRA~2\InstallBrainService deleted C:\Users\Geert\AppData\Local\APN deleted C:\Users\Geert\AppData\Local\Savings Sidekick deleted C:\Windows\System32\Tasks\Browser Manager deleted C:\Users\Geert\Downloads\IdealStandard_E5041-E5042_price-list-drawing_5f1e051c37251094bcd5997b81dcd01a.gif deleted C:\Users\Geert\Downloads\IdealStandard_V3906_product-sheet_86c9c484e6fa15dca81ca5b2cc55e426.pdf deleted C:\Users\Geert\AppData\LocalLow\AskToolbar deleted C:\Windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Geert\g2ax_customer_downloadhelper_win32_x86.exe deleted "C:\Users\Geert\AppData\Local\{B07B8557-BCB7-4728-9E99-D8ECAF19C41B}" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Geert\AppData\Local\Temp ==== 2016-04-20 17:49:38 F1E090F4D1F10A7ABE586D49012DBD52 739904 ----a-w- C:\Users\Geert\AppData\Local\Temp\jre-8u91-windows-au.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2016-04-21 07:36:02 F321650316B2AB7D5562705B5AF71A89 501760 ----a-w- C:\Windows\System32\kerberos.dll 2016-04-19 18:29:25 95BCEF4C0F685CDADDD6F3C143DC7FE6 1253376 ----a-w- C:\Windows\System32\msxml3.dll 2016-04-19 18:26:32 50C22CD47F6E7A3A2BEEC05580AB210F 206336 ----a-w- C:\Windows\System32\ncrypt.dll 2016-04-19 18:26:18 EE38397559808BE103EA5D1E790F4B97 72704 ----a-w- C:\Windows\System32\secur32.dll 2016-04-19 18:26:17 23FF265796AE724D41832CA95195A144 57344 ----a-w- C:\Windows\System32\samlib.dll 2016-04-19 18:26:15 0F16F94B10EE0246E51B92CC75ECB1EB 486912 ----a-w- C:\Windows\System32\samsrv.dll 2016-04-19 18:26:13 0975988CB3B7B6CE00DDFFC00D485930 1259520 ----a-w- C:\Windows\System32\lsasrv.dll 2016-04-19 18:24:15 7FA44D16D6F5471B586693552C6E1258 2048 ----a-w- C:\Windows\System32\tzres.dll 2016-04-19 17:04:35 27FA730227F9BAE751277BEFADE66FDB 1316864 ----a-w- C:\Windows\System32\ole32.dll 2016-04-19 17:04:34 A14BE5B772474BD68734EFA0F9426134 1208568 ----a-w- C:\Windows\System32\ntdll.dll 2016-04-19 17:04:34 09DEC1D7DB89FAC3719DCF0AF7CD363F 894976 ----a-w- C:\Windows\System32\kernel32.dll 2016-04-19 17:02:06 DF9F45804C71EF831A309233F0649D14 180224 ----a-w- C:\Windows\System32\msorcl32.dll 2016-04-19 17:02:05 A978034EB69D0D6683FFF03D11D33682 105472 ----a-w- C:\Windows\System32\mtxoci.dll 2016-04-19 17:01:29 935F004EBD0AF2B59AC7BFCF54DD7DDD 2070016 ----a-w- C:\Windows\System32\win32k.sys 2016-04-19 14:55:06 62F04451011BF49AF9D68FCD40A9D8F8 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2016-04-19 14:55:02 FB95C4EE795477F15816EB88EB97DAEE 11776 ----a-w- C:\Windows\System32\mshta.exe 2016-04-19 14:55:02 B960F75D0FF99BB25CFAA3395ECA0570 1140224 ----a-w- C:\Windows\System32\urlmon.dll 2016-04-19 14:55:02 B42F7A5BE1172033091225D005054A8B 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2016-04-19 14:55:01 D61BCA3E64C4A0976E0CA9964AFEA7C6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-04-19 14:55:01 C1A9525FF0BEF206F95BEF525D8E0EAC 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2016-04-19 14:55:01 B12C304FD2A16FF1C0FA538723ACCC14 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2016-04-19 14:55:01 82DC9484318346679083716C50191BBA 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2016-04-19 14:55:00 BCAC4522554A85D266D6DC83B2E25765 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2016-04-19 14:55:00 4075A76FF501A9D9AE54A4E78F82A91D 1804800 ----a-w- C:\Windows\System32\iertutil.dll 2016-04-19 14:55:00 19FDBE2995B1EFA68BBEEB88BA6B0AF3 231936 ----a-w- C:\Windows\System32\url.dll 2016-04-19 14:54:59 EE5BCB206136E8C4B9A9898809DD8143 9753600 ----a-w- C:\Windows\System32\ieframe.dll 2016-04-19 14:54:59 9AC0B7CE169F703FA95148B76DA4128A 354304 ----a-w- C:\Windows\System32\dxtmsft.dll 2016-04-19 14:54:57 B4F0580786BEB44A7F39CA23E33FC590 1129984 ----a-w- C:\Windows\System32\wininet.dll 2016-04-19 14:54:57 5B5E38F2F1453834DB8FF27E48E4F8A7 424960 ----a-w- C:\Windows\System32\vbscript.dll 2016-04-19 14:54:52 AF661E55EBC3634FDC90D9CB61E1898D 176640 ----a-w- C:\Windows\System32\ieui.dll 2016-04-19 14:54:52 47C20EB9B1BDCB7BCD397FA29F40F50F 223744 ----a-w- C:\Windows\System32\dxtrans.dll 2016-04-19 14:54:51 887F9DDE0014787F69595694160B0807 367616 ----a-w- C:\Windows\System32\html.iec 2016-04-19 14:54:50 E248C677CC8C4E9DF1A82F684EFAC2E0 718848 ----a-w- C:\Windows\System32\jscript.dll 2016-04-19 14:54:50 34F70F99DF12F939E78D8C15F09CAB6B 72704 ----a-w- C:\Windows\System32\mshtmled.dll 2016-04-19 14:54:49 71F586526F70898280DF44699027F829 12841472 ----a-w- C:\Windows\System32\mshtml.dll 2016-04-19 14:54:48 BCA8FA2367DC9D6109F511D7141C3B10 1815552 ----a-w- C:\Windows\System32\jscript9.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-04-20 17:52:32 -------- dc----w- C:\Program Files\Common Files\Java 2016-04-19 18:48:19 -------- dc----w- C:\Program Files\Speccy 2016-04-19 18:00:50 -------- dc----w- C:\Program Files\trend micro 2016-03-29 13:39:16 -------- dc----w- C:\Program Files\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Geert\AppData\Roaming ====== 2016-04-20 17:52:21 -------- d-----w- C:\Users\Geert\AppData\Roaming\Sun 2016-04-19 19:14:16 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2016-04-19 18:48:55 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2016-03-29 13:39:32 -------- d-----w- C:\Users\Geert\AppData\Roaming\Mozilla 2016-03-29 13:39:32 -------- d-----w- C:\Users\Geert\AppData\Local\Mozilla ====== C:\Users\Geert ====== 2016-04-20 17:52:21 -------- d-----w- C:\Users\Geert\.oracle_jre_usage 2016-04-20 17:29:33 0CB6F89AFC44CECD411191296383A85B 738368 ----a-w- C:\Users\Geert\Downloads\chromeinstall-8u91.exe 2016-04-19 18:58:20 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Geert\Downloads\spsetup129 (2).exe 2016-04-19 18:58:05 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Geert\Downloads\spsetup129 (1).exe 2016-04-19 18:48:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2016-04-19 18:38:40 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Geert\Downloads\spsetup129.exe 2016-04-19 17:58:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT (5).exe 2016-04-19 17:58:33 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT (4).exe 2016-04-19 17:55:33 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT (3).exe 2016-04-19 17:54:06 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT (2).exe 2016-04-19 17:53:46 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT (1).exe 2016-04-19 17:49:01 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Geert\Downloads\RSIT.exe ====== C: exe-files == 2016-04-20 17:51:21 6C58D1081EC589813A197E81CA5CB85C 159296 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\unpack200.exe 2016-04-20 17:51:21 1F3D5C9A2D230CDE5B2120AA0F3721B6 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\tnameserv.exe 2016-04-20 17:51:20 76E017B33C2C0F72CBBDB77251B00658 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\rmid.exe 2016-04-20 17:51:20 56B31942246558D41498912CA9868DF2 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\servertool.exe 2016-04-20 17:51:20 2C02E97DF732010028B565DA92F3CB0F 51776 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\ssvagent.exe 2016-04-20 17:51:20 1CB2916C0CC541F2A4AC28DAC03F1833 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\rmiregistry.exe 2016-04-20 17:51:19 BA45896DE4744CC7AB7EAECF59D6758C 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\orbd.exe 2016-04-20 17:51:19 AFB89E0B881A2F9F0135AB8984B9FC53 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\pack200.exe 2016-04-20 17:51:19 38E67313028C22B78E26D7860494015E 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\policytool.exe 2016-04-20 17:51:17 D8065554BA4D664A55F57F76E1B4F9E3 77888 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jp2launcher.exe 2016-04-20 17:51:17 D26A12768BFA19B5565F82DF16B85192 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\kinit.exe 2016-04-20 17:51:17 B6AAFABF90E5FE4683690793F2963388 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\keytool.exe 2016-04-20 17:51:17 2EBB23647400B52B56815FEBC59DCCF7 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\ktab.exe 2016-04-20 17:51:17 2ABC222E2C3E728136516D6390BDF447 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\klist.exe 2016-04-20 17:51:16 DE2D3B374C6EFA769028B811A1203FB1 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jjs.exe 2016-04-20 17:51:14 D117B71E46E9156F1C88146E6F5EDB03 191552 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javaw.exe 2016-04-20 17:51:14 CCCE1ACFFBFCB34B5F3CD157A78522F8 68672 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe 2016-04-20 17:51:14 28AC474C021D764DF31736CB9B47DD88 191040 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\java.exe 2016-04-20 17:51:14 0BA64EAF4F4080DA2FB79DCC05CB2A14 268352 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javaws.exe 2016-04-20 17:51:13 AFD756C629D5527D1CFE3BE9D6EBB416 30784 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jabswitch.exe 2016-04-20 17:51:13 09EABD6F36ECC85644DCE5C3BD709F29 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\java-rmi.exe 2016-04-19 18:00:51 9A2347903D6EDB84C10F288BC0578C1C 388608 -c--a-w- C:\Program Files\trend micro\Geert.exe 2016-04-19 14:55:05 8784A951253723B318DABE02E10E631D 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-04-19 14:55:02 93B5982552DE463C297F5D444760183C 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2016-04-19 14:55:00 C089892C9F9D2630585E14D8335411FB 474624 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-04-19 14:54:58 596E41110232A86D73E3E2EBF8B9FC41 758512 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-04-18 20:10:26 F4FF5B6ABB94537232B49ADDB8D87EE1 1581016 ----a-w- C:\Users\Geert\AppData\Local\Google\Chrome\User Data\SwReporter\6.48.4\software_reporter_tool.exe === C: other files == 2016-04-20 17:51:21 CB600FFB53D99A9B07EB870111BA7470 14130 ----a-w- C:\Program Files\Java\jre1.8.0_91\lib\deploy\ffjcext.zip ==== Orphaned Tasks deleted from Registry ====================== Browser Manager deleted Scheduled Update for Ask Toolbar deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "TPFNF7"="C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r" "TPWAUDAP"="C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe" "SmartAudio"="C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c" "TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" "LPManager"="C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe" "AMSG"="C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup" "ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" "ACWlIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe" "PMHandler"="C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "StatusAlerts"="C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CameraApplicationLauncher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CameraApplicationLauncher" "hkey"="HKLM" "command"="C:\\Program Files\\Lenovo\\Camera Center\\bin\\CameraApplicationLaunchpadLauncher.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Logitech Vid" "hkey"="HKCU" "command"="\"C:\\Program Files\\Logitech\\Vid HD\\Vid.exe\" -bootmode" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LWS" "hkey"="HKLM" "command"="C:\\Program Files\\Logitech\\LWS\\Webcam Software\\LWS.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Message Center Plus] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Message Center Plus" "hkey"="HKLM" "command"="C:\\Program Files\\LENOVO\\Message Center Plus\\MCPLaunch.exe /start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Bluetooth.lnk" "backup"="C:\\Windows\\pss\\Bluetooth.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\Lenovo\\BLUETO~1\\BTTray.exe " "item"="Bluetooth" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 13:34] C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [11/11/2011 20:12] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/08/2015 19:48] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/08/2015 19:48] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Ad-Aware Update (Daily 1)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Ad-Aware Update (Daily 2)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Ad-Aware Update (Daily 3)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Ad-Aware Update (Daily 4)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Ad-Aware Update (Weekly)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\Google Software Updater" [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HPLJCustParticipation" ["C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe"] "C:\Windows\system32\tasks\User_Feed_Synchronization-{37AA65E8-0AC0-44D3-BF90-2732BD0CE5B7}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [08/08/2009 14:57] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{b64982b1-d112-42b5-b1e4-d3867c4533f8}"="C:\ProgramData\Browser Manager\2.2.558.175\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Geert\AppData\Roaming\Mozilla\Firefox\Profiles\zc6wg3ci.default F169116C1BA501AB4D0D66D41FF496B5 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat FC5D7AF1FC3A63782E19B375E2312D1C - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 358878E398AB0FB8B1EE176C2E3EDF48 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll - Google Updater AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 0205ADAFFDDF04F0F69200E5CFB5FFD9 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin F8EFDCFC440A420D6C1ECD245AB20207 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Geert\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Geert\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[] Belfius Smart Card Reader Chrome Extension - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Google Docs - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.myway.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.myway.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_immo.trovit.fr_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_immo.trovit.fr_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.horyzon-media.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.horyzon-media.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.travelaudience.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.travelaudience.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsomenoise.cdn01.rambla.be_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsomenoise.cdn01.rambla.be_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-site.soonnight.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-site.soonnight.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.jeep-services.eu_0.localstorage deleted successfully C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.jeep-services.eu_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Page_URL"="http://lenovo.live.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://lenovo.live.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} - No_Url_Value HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - No_Url_Value ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\mozilla\Firefox\Extensions\{b64982b1-d112-42b5-b1e4-d3867c4533f8} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9416A209-B8AD-4FE5-A893-3BDA6E9BDEC5} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\902A6149DA8B5EF48A39B3ADE6B9ED5C deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Geert\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Geert\AppData\Local\Mozilla\Firefox\Profiles\zc6wg3ci.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3842 folders=514 1563589003 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Geert\AppData\Local\Temp will be emptied at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Geert\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on do 21/04/2016 at 20:18:16,66 ====================== zoek-results.txt Zoek-results.log -
Zeer traag werkende laptop
Colleke reageerde op Colleke's topic in Archief Bestrijding malware & virussen
Toen ik volop bezig was met de zaken uit te voeren die je mij mailde, vroeg Windows Update om mijn laptop uit te schakelen. Na het heropstarten moesten er 8 updates worden gedownload. En wonder bij wonder, daarna was het probleem opgelost. CPU verspringt nu voortdurend van 2 % tot 100 %, maar blijft niet meer op 100 % staan. Alles gaat nu weer vlotter. Ik heb namelijk nog 1 probleem. Als ik een site opendoe, blokkeert hij soms en kan ik niets meer doen, totdat alles na enkele minuten opnieuw werkt. Ik vond geen enkele toets 'verwijderen' voor de oude java en heb die geüpdadet. Ik hoop dat dit ok is. Wat betreft de temperatuur van de laptop, de harde schijf en Zoek.exe heb ik niet meer uitgevoerd. Ik weet niet of dit nu nog echt nodig is. Ik zal wel nog de laptop stofvrij maken. De laptop is in feite gekoppeld aan een scherm met afzonderlijk toetsenbord omdat het scherm heel vaak flikkert door een slecht contact. -
Zeer traag werkende laptop
Colleke reageerde op Colleke's topic in Archief Bestrijding malware & virussen
De link van Piriform Speccy: http://speccy.piriform.com/results/D3BD8HDSHBFaZVTULvm3tx3 -
Zeer traag werkende laptop
Colleke reageerde op Colleke's topic in Archief Bestrijding malware & virussen
log.txt Ik heb de 'administrator' door middel van de rechtermuisknop niet gevonden. log.txt -
Beste, Mijn laptop Lenovo met Windows Vista werkt sinds een 14-tal dagen tergend langzaam. De hele morgen is de virusscanner bezig geweest, maar heeft geen virussen gedetecteerd. Mijn CPU-gebruik is 100 % en dat is niet normaal. Wat kan ik doen? Alvast bedankt.
