Ga naar inhoud

PC draait niet goed


magy
 Delen

Aanbevolen berichten

Goeiemorgen vrienden,

sinds gisteren heb ik problemen met het openen en blokkeren van pagina's ... hier een logbestand:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:20:56, on 21/05/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16576)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Backup\Annette\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Nederland

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27G135V005SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU\..\Run: [skyDrive] "C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [HijackThis startup scan] C:\Backup\Annette\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HijackThis.exe /startupscan

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {34DC66DB-E913-40A1-A2DD-53A1B9E90CAC} (Mail Migration) - https://col0-sec.mail.live.com/mail/resources/MailMigrationTool.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553543500} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: DSUDiskOptimizer - Systweak Inc., (www.systweak.com) - C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 13746 bytes

Dank bij voorbaat :hmmmm:

Link naar reactie
Delen op andere sites


Vermits het probleem pas sinds gisteren is opgedoken, zou je best eerst - vóór we iets anders proberen - gebruikmaken van de mogelijkheid van systeemherstel. Ga terug naar een herstelpunt van 2 dagen of meer geleden, herstel de PC naar die toestand ... en zo zou je (mogelijk) in één klap verlost kunnen zijn van het probleem.

Link naar reactie
Delen op andere sites


Goeieavond, na systeemherstel nog problemen, zoals IE reageert niet ed, zie nieuw logje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:19:03, on 21/05/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16576)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Backup\Annette\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Nederland

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN27G135V005SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU\..\Run: [skyDrive] "C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {34DC66DB-E913-40A1-A2DD-53A1B9E90CAC} (Mail Migration) - https://col0-sec.mail.live.com/mail/resources/MailMigrationTool.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553543500} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: DSUDiskOptimizer - Systweak Inc., (www.systweak.com) - C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 13715 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
    • Running processes
    • Installed Programs
    • Firefox Look
    • Chrome Look
    • Firefox Defaults
    • Reset Chrome
    • IE Defaults
    • Reset Hosts
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Goeiedag,

hey Kape, gisteren via Malware, vond ik virus Aware.agent, heb deze verwijderd! hierbij dat logje van zoek exe. Soms slaat zelfs de aanwijzer tilt, raar !

Zoek.exe Version 4.0.0.2 Updated 21-May-2013

Tool run by Annette on wo 22/05/2013 at 9:07:14,89.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files (x86)\Disk Speedup\DSUDefragSrv64.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

C:\Windows\System32\tcpsvcs.exe

C:\Windows\System32\snmp.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe

C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\DOLBY PCEE4\pcee4.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Backup\Annette\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Windows\system32\notepad.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\taskhost.exe

C:\Users\Annette\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Installed Programs ======================

1912 Titanic Mystery

Acer Backup Manager

Acer Crystal Eye Webcam

Acer ePower Management

Acer eRecovery Management

Acer GameZone Console

Acer Registration

Acer ScreenSaver

Acer Updater

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.5 MUI

AMD APP SDK Runtime

AMD System Monitor

AMD VISION Engine Control Center

ArcSoft PhotoImpression 4

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

ATI Catalyst Install Manager

Backup Manager V3

Bejeweled 2 Deluxe

Belles Beauty Boutique

Big Fish Games: Game Manager

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chicken Invaders 3

clear.fi

clear.fi Client

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Disk Speedup

DJ3525FWUpdateAlert

Dolby Advanced Audio v2

Dream Day First Home

Facebook Messenger 2.1.4814.0

Farm Frenzy 3 Ice Age

Flip Words

Fooz Kids

Fooz Kids Platform

Galapago

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HP Deskjet 3520 series Basissoftware van het apparaat

HP Deskjet 3520 series Help

HP Deskjet 3520 series Productverbeteringsonderzoek

HP Deskjet 3520 series Setup Guide

HP FWUpdateEDO2

HP Photo Creations

HP Update

HPDiagnosticAlert

HPSSupply

Identity Card

InstantPhotoSketch 2.0

Junk Mail filter update

Launch Manager

Malwarebytes Anti-Malware versie 1.70.0.1100

MediaEspresso

Messenger Plus for Skype

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Antimalware Service NL-NL Language Pack

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Dutch) 2010

Microsoft Office Excel MUI (Dutch) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Dutch) 2010

Microsoft Office Outlook MUI (Dutch) 2010

Microsoft Office PowerPoint MUI (Dutch) 2010

Microsoft Office Proof (Dutch) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proofing (Dutch) 2010

Microsoft Office Publisher MUI (Dutch) 2010

Microsoft Office Shared 32-bit MUI (Dutch) 2010

Microsoft Office Shared MUI (Dutch) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Dutch) 2010

Microsoft Security Client

Microsoft Security Client NL-NL Language Pack

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft_VC100_CRT_SP1_x64

Microsoft_VC100_CRT_SP1_x86

Movie Maker

MSVC80_x64_v2

MSVC80_x86_v2

MSVC90_x64

MSVC90_x86

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyWinLocker

MyWinLocker 4

MyWinLocker Suite

newsXpresso

Nokia Connectivity Cable Driver

Nokia Suite

NTI Media Maker 9

PC Connectivity Solution

Photo Common

Photo Gallery

Picasa 3

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RegClean Pro

Sectra CD Viewer System Components

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition

Shop for HP Supplies

Shredder

SkypeT 6.3

Sprill and Ritchie

Synaptics Pointing Device Driver

Systweak Photoalbum

Systweak PhotoStudio 2.0

TeamViewer 7

Uninstall Dual Mode Camera

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition

Welcome Center

Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)

Windows 7 Upgrade Advisor

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Fotogalleri

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.11 (64-bit)

World of Goo

Yahoo Software Update

==== FireFox Fix ======================

Deleted from C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:

Added to C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines funmoods removed from user.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- Lines OneClickDownload removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20132205_0919_.backup

ProfilePath: C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0

user.js not found

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20132205_0919_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\System32\roboot64.exe deleted successfully

C:\Windows\System32\sasnative64.exe deleted successfully

==== Deleting Files \ Folders ======================

"C:\Windows\SysNative\roboot64.exe" not found

"C:\Windows\SysNative\sasnative64.exe" not found

"C:\Program Files (x86)\GUTBE9E.tmp" deleted

"C:\Users\Annette\AppData\Local\funmoods-speeddial.crx" deleted

"C:\Windows\tasks\RegClean Prosch.job" deleted

"C:\Windows\tasks\RegClean Pro_DEFAULT.job" deleted

"C:\Windows\tasks\RegClean Pro_UPDATES.job" deleted

"C:\Program Files (x86)\GUMBE9D.tmp" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted

"C:\Program Files (x86)\RegClean Pro" deleted

"C:\Program Files (x86)\AddLyrics" deleted

"C:\Program Files (x86)\1ClickDownload" deleted

"C:\Program Files (x86)\AddLyrics" deleted

"C:\Program Files (x86)\OApps" deleted

"C:\Program Files (x86)\Ask.com" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Users\Annette\AppData\Roaming\Babylon" deleted

"C:\Users\Annette\AppData\Roaming\Systweak" deleted

"C:\Users\Annette\AppData\Roaming\OpenCandy" deleted

"C:\Users\Annette\AppData\Roaming\Media Finder" deleted

"C:\Users\Annette\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com" deleted

"C:\ProgramData\Systweak" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro" deleted

"C:\Users\Annette\AppData\Local\CRE" deleted

"C:\Users\Annette\AppData\LocalLow\PriceGong" deleted

"C:\Users\Annette\AppData\LocalLow\Conduit" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted

"C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\ffxtlbr@funmoods.com" deleted

"C:\Users\Annette\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Annette\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-05-15 13:05:17 49834B94A8E8383B700EDDEF46C2AE6A 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-05-15 13:05:17 28AEB03752D716BF149DBC93A9ACC17E 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-05-15 13:05:13 DFDBC397D0DDBD1AFA3CB400D4C003A9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-05-15 13:05:12 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-05-15 13:05:12 52AA8A8DA4175580F365D275EB53DBE3 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-05-15 13:05:12 3CC9825BFFE7B7429C8B79B0395ACDA8 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-05-15 13:05:12 366D8EA2ADCBA228C9487BC6D2427DDC 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-05-15 13:05:11 F59A16A9418044C1D505C53DA370B099 2046976 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-05-15 13:05:09 65C95886E1B17001ADDF163AC18C5525 1130496 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-05-15 13:05:08 0142341520F0A0F2B0E312335B96705B 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-05-15 13:05:07 C9A062F32FF600C96795B43CD9A53151 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-05-15 13:05:05 5ABB3F36AF17007F33FA275E96A2C95E 1767424 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-05-15 13:05:05 03180AFD271BFD88813F428421BC4A1A 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-05-15 13:05:02 7A468BC721C1D34E60389D3F2F87BBEA 14323712 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-05-15 13:04:57 D5E5A86F49ACC11768D8339094C3AFD8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-05-15 06:50:15 E904178851A6A44BFA97E064EF779E9D 1796096 ----a-w- C:\Windows\SysWOW64\authui.dll

2013-05-15 06:50:15 565D78187494FB5F08B5A52DEB2AEA7A 12872704 ----a-w- C:\Windows\SysWOW64\shell32.dll

2013-05-15 06:50:15 1F05F5A16881CD928C82D53CEFCF4477 180224 ----a-w- C:\Windows\SysWOW64\shdocvw.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-05-15 13:05:18 9B2BB51ED6D28860A48CFF46FD6D3DC1 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-05-15 13:05:15 FE6CB2001A8C2A85B617CD3FC85D8242 526336 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-05-15 13:05:14 42758AF68D3C4912C8D8A18088AD2555 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-05-15 13:05:13 97588F2871E1FE8E3EB57B17B98DF03B 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-05-15 13:05:12 EC6E8273B6CB79CA5B7B00CA82D1FCEE 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-05-15 13:05:12 A197763AA7487807279AB61CD6835CEF 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-05-15 13:05:12 168602AB16D30D5D6E091CA609FC7E75 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-05-15 13:05:11 9D6B9124B582F0FBF275B434CE5A672C 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-05-15 13:05:11 7DAA72F6C30D81EE31EC2BDC90054326 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-05-15 13:05:09 E34F0440799F9A0F9DC4265F4ADA75C1 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-05-15 13:05:08 772EC073332D1BA2DBEC32C6D063811A 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-05-15 13:05:07 2C96C695B6015042AC867EA419A45C20 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-05-15 13:05:05 254502230F2259D255D4149C235173B1 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-05-15 13:05:04 27A9000C534AA9BADC9EE74940F50C6D 2242048 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-05-15 13:04:59 C56EF4C50A1FEED0CC9B7AE068CBBBBB 19231232 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-05-15 13:04:58 7F4F74880E0B586EB7A9E225C34B1296 15404032 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-05-15 06:50:29 943F527DF79E6B400104341AA7023C75 144384 ----a-w- C:\Windows\Sysnative\cdd.dll

2013-05-15 06:50:19 1BFC94665BCA35F9001ADC7BFB167C63 14172672 ----a-w- C:\Windows\Sysnative\shell32.dll

2013-05-15 06:50:16 3EF480BFED1B5947A32585E30A58D4ED 1930752 ----a-w- C:\Windows\Sysnative\authui.dll

2013-05-15 06:50:15 E948D1D42DC68923ABD75EEB5BCCD1D3 111448 ----a-w- C:\Windows\Sysnative\consent.exe

2013-05-15 06:50:15 9D2A2369AB4B08A4905FE72DB104498F 70144 ----a-w- C:\Windows\Sysnative\appinfo.dll

2013-05-15 06:50:15 22A0AE97360C1B146FDD9AA55AC0E989 197120 ----a-w- C:\Windows\Sysnative\shdocvw.dll

2013-05-15 06:50:01 FE90B750AB808FB9DD8FBB428B5FF83B 230400 ----a-w- C:\Windows\Sysnative\wwansvc.dll

2013-05-15 06:50:01 30B1489F2DCD8DC1AB6BB60CA6093615 48640 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll

2013-05-15 06:49:59 A11523523B31086DD760C0189C763359 3153920 ----a-w- C:\Windows\Sysnative\win32k.sys

====== C:\Windows\Sysnative\drivers =====

2013-05-20 12:30:50 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ssadadb_01005.Wdf

2013-05-15 06:50:29 AF2E16242AA723F68F461B6EAE2EAD3D 983400 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

2013-05-15 06:50:29 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys

2013-04-24 00:02:04 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-05-19 12:39:45 -------- d-----w- C:\Program Files (x86)\LSHunter.TV

======= C: =====

====== C:\Users\Annette\AppData\Roaming ======

2013-05-21 19:27:49 -------- d-----w- C:\users\DefaultAppPool\AppData\Local\Temp

2013-05-20 18:04:03 -------- d-----w- C:\users\Annette\AppData\Local\Diagnostics

2013-05-20 12:48:49 -------- d-----w- C:\users\Annette\AppData\Local\ElevatedDiagnostics

2013-05-19 12:39:45 -------- d-----w- C:\users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV

2013-05-07 21:22:57 -------- d-----w- C:\users\Annette\AppData\Locallow\IAC

====== C:\Users\Annette ======

====== C: exe-files ==

2013-05-22 06:44:46 77CCA90491A85817258F20E378AE4E05 2277712 ----a-w- C:\Users\Annette\AppData\Local\Temp\7zS5361\DeviceManager\DeviceManager.exe

2013-05-22 06:44:46 7428960C3DA5A4D4E2BB077A511AF803 3941200 ----a-w- C:\Users\Annette\AppData\Local\Temp\7zS5361\HPDiagnosticCoreUI.exe

2013-05-16 15:50:33 313830D1ADE4B6F63DBF109E63644D37 1770160 ----a-w- C:\Users\Annette\AppData\Local\Temp\25E023E0-BAB0-7891-B4D0-9EE749E26C77\Latest\MyBabylonTB.exe

2013-05-15 13:05:10 CEA304830B4770BDA3572B87D0841848 775232 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-05-15 13:05:10 AAD90795E84E710543C6C7C2F7048E30 770608 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

=== C: other files ==

2013-05-20 17:45:18 A83CEB851061427B87E68F2BE70CD8DD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1806382238-112727725-3549878023-1001\$IZM78UI.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN27G135V005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"

"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"

"SkyDrive"="C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Facebook Update"="C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart"

"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"MessengerPlusForSkypeService"="C:\Program Files (x86)\Yuna Software\Messenger Plus for Skype\MsgPlusForSkypeService.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN27G135V005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"

"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"

"SkyDrive"="C:\Users\Annette\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Facebook Update"="C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

==== Startup Folders ======================

2012-03-26 21:44:52 1270 ----a-w- C:\users\Annette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/05/2013 15:03]

C:\Windows\tasks\DSU-Optimize.job --a------ C:\Program Files (x86)\Disk Speedup\DSU.exe [20/02/2012 16:34]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1806382238-112727725-3549878023-1001Core.job --a------ C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/03/2013 00:15]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1806382238-112727725-3549878023-1001UA.job --a------ C:\Users\Annette\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/03/2013 00:15]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 20:13]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 20:13]

C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [undertermined Task]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Annette\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

dednnpigldgdbpgcdpfppmlcnnbjciel - C:\Users\Annette\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx[]

kkfggacklibaabdomphfdpcodjgihgon - C:\Program Files (x86)\LSHunter.TV\stv10.crx[]

lpmkgpnbiojfaoklbkpfneikocaobfai - C:\Users\Annette\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx[]

pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Annette\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

fdloijijlkoblmigdofommgnheckmaki - C:\Users\Annette\AppData\Local\funmoods.crx[]

Google Docs - Gast - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gast - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gast - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gast - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - Gast - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Backup.Old.Start Page"="Babylon Search"

"Default_Search_URL"="Upgrade to Google Chrome"

"Default_Page_URL"="Yahoo! Nederland"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page Redirect Cache"="Google"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page Redirect Cache"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="Google"

"Backup.Old.Start Page"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page Redirect Cache"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page Redirect Cache"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{422ED305-2470-43A6-8B8C-7221F8DFB49F}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{0CECE687-3179-4544-87C5-E803F33D8289} Flickr Url="Flickr Search: {searchTerms}"

{0D763CE1-96DA-4A34-817A-DDF503044359} Yahoo//search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10"

{422ED305-2470-43A6-8B8C-7221F8DFB49F} Google Url="{searchTerms} - Google zoeken"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{73ccfd25-abe2-4bdf-ac5d-28a470a4d234} Yahoo//www.ddlstart.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=750&product_id=872&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=BE&install_date=20120704&user_guid=8E9C47F5CD37475F8D60D5CA420F80D1&machine_id=1aee9f71c27113d785f0a34edd37251c&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}"

{7A52E500-A375-2E93-2FF6-0F6113BEE216} Unknown Url="Not_Found"

{B04E25FB-1057-4A22-A6E7-AD525C75E461} Delicious Url="http://delicious.com/search?p={searchTerms}"

{C8C946D4-4559-46FC-A6DA-F72677D0DC7E} Bing Url="{searchTerms} - Bing"

{EEE6C360-6118-11DC-9C72-001320C79847} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7A52E500-A375-2E93-2FF6-0F6113BEE216} deleted successfully

HKEY_USERS\S-1-5-21-1806382238-112727725-3549878023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kkfggacklibaabdomphfdpcodjgihgon deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Annette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Annette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Annette\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Annette\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Annette\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 22/05/2013 at 9:41:27,15 ======================

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites


  • 2 weken later...

Dag vrienden, ik heb meer en meer het probleem, dat mijn pc vastloopt, ik installeerde Max secure die vond deze:

critical/trojan.inject

high/downloader.cmjdown

critical/trojan.generic

ik kan deze niet verwijderen! Het is te betalen! Hoe krijg ik dan alles weg?

Hijack en malware geven die niet aan.. dank

Link naar reactie
Delen op andere sites

Download TDSSKiller en plaats het op je bureaublad.

  • Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.

    [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

    [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

    [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

    [*] Start nu TDSSkiller opnieuw.

    [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

    506423005368c-TDSSkiller%28opties%29.jpg

    [*] Klik op de knop "Start Scan" en volg de instructies.

    • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    • Voeg dit log-bestand toe aan het volgende bericht.

Link naar reactie
Delen op andere sites

  • 1 maand later...
 Delen

×
×
  • Nieuwe aanmaken...