Ga naar inhoud

Acer start niet meer op


Suzanne-

Aanbevolen berichten

Zoek.exe Version 4.0.0.4 Updated 14-September-2013Tool run by Suzanne on di 17-09-2013 at 18:32:08,72.Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\Suzanne\AppData\Local\Temp\Rar$EXa0.468\zoek.exe [script inserted] ==== System Restore Info ======================17-9-2013 18:39:27 Zoek.exe System Restore Point Created Succesfully.==== Creating Sample_17-09-2013_1915.zip ====================== Process chrome.exe killedCopied file C:\ProgramData\lsass.exe to sample\lsass.exesample\lsass.exe renamed to 51138BEEA3E2C21EC44D0932C71762A8C:\Users\Public\Desktop\sample_17-09-2013_1915.zip created successfully==== Deleting CLSID Registry Keys ======================HKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully==== Deleting CLSID Registry Values ======================HKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{296AA17D-C89E-4242-A5A4-44BFE76914A2} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{296AA17D-C89E-4242-A5A4-44BFE76914A2} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully==== Installed Programs ======================æTorrent Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer Registration Acer ScreenSaver Acer Updater Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.0) MUI Adobe Shockwave Player 11.6 Agatha Christie - Death on the Nile Alcor Micro USB Card Reader Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver avast Free Antivirus AVG Security Toolbar Backup Manager V3 Bejeweled 2 Deluxe BitGuard BitTorrent Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Tool Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 4.0 Canon MP495 series MP Drivers Canon My Printer Canon Solution Menu EX CCleaner Chuzzle Deluxe clear.fi clear.fi Client Crazy Chicken Kart 2 DAEMON Tools Lite De SimsT 3 De SimsT 3 Jaargetijden De SimsT 3 Na Middernacht De SimsT 3 Wereldavonturen Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition eBay Worldwide Evernote v. 4.5.1 Facebook Video Calling 1.2.0.287 FATE Final Drive: Nitro Fooz Kids Fooz Kids Platform Gebruikersregistratie voor Canon MP495 series Giant Savings Google Chrome Google Update Helper Hard Truck 18 Wheels of Steel HiJackThis Hotspot Shield 3.09 Identity Card iLivid Insaniquarium Deluxe Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 7 Update 5 JavaFX 2.1.1 Jewel Match 3 Jewel Quest Solitaire John Deere Drive Green Junk Mail filter update Launch Manager ManyCam 3.0.91 (remove only) Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works 2003 Setup starten Microsoft WSE 3.0 Runtime More Games from Acer Games MSVCRT Mystery of Mortlake Mansion MyWinLocker MyWinLocker 4 MyWinLocker Suite newsXpresso Norton Online Backup NTI Media Maker 9 OpenOffice.org 3.4.1 Penguins Picasa 3 Plants vs. Zombies - Game of the Year Pokki Pokki Download Helper Polar Bowler PriceGong 2.6.4 Realtek High Definition Audio Driver Roller Coaster Tycoon 3 Platinum - CarlesNeo Search-Results Toolbar Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Shredder SkypeT 6.3 Slingo Deluxe Softonic toolbar on IE Speccy Spotify swMSM Synaptics Pointing Device Driver Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Torchlight Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life WebCake 3.00 Wedding Dash Welcome Center WildTangent Games App (Acer Games) Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Upload Tool WinRAR 4.11 (64-bit) Zuma Deluxe ==== Deleting Services ========================== Registry Fix Code ======================Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"bProtector Start Page"=-==== Deleting Files \ Folders ======================"C:\ProgramData\dsgsdgdsgdsgw.pad" deleted"C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted"C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted"C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk" deleted"C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk" deleted"C:\Windows\wininit.ini" deleted"C:\user.js" deleted"C:\Users\Suzanne\Desktop\CyberLink_YouCam_Downloader.exe" deleted"C:\ProgramData\lsass.exe" deleted"C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe" deleted"C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll" deleted"C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll" deleted"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" deleted"C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe" deleted"C:\Program Files (x86)\Hotspot Shield\bin\HssSrvlib.dll" deleted"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" not deleted"C:\Program Files (x86)\Hotspot Shield\bin\zlib1.dll" deleted"C:\Program Files (x86)\Hotspot Shield\bin\lang\gui-eng.dll" deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\bl" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.settings" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\dm" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\uninstall.exe" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\00" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\01" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\02" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\03" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\10" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\11" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\12" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\13" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\20" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\21" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\22" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\23" not deleted"C:\Program Files (x86)\Softonic" deleted"C:\Program Files (x86)\Search Results Toolbar" not deleted"C:\Program Files (x86)\Giant Savings" deleted"C:\Program Files (x86)\WebCake" deleted"C:\Program Files (x86)\PriceGong" deleted"C:\Program Files (x86)\Hotspot Shield" not deleted"C:\Program Files (x86)\Conduit" deleted"C:\Users\Suzanne\AppData\Roaming\WebCake" deleted"C:\Users\Suzanne\AppData\Roaming\Babylon" deleted"C:\Users\Suzanne\AppData\Roaming\File Scout" deleted"C:\ProgramData\Browser Manager" not deleted"C:\ProgramData\Ask" deleted"C:\ProgramData\APN" deleted"C:\ProgramData\boost_interprocess" deleted"C:\ProgramData\IBUpdaterService" deleted"C:\ProgramData\InstallMate" deleted"C:\ProgramData\Tarma Installer" deleted"C:\ProgramData\Babylon" deleted"C:\Users\Suzanne\AppData\Local\iLivid" deleted"C:\Users\Suzanne\AppData\Local\CRE" deleted"C:\Users\Suzanne\AppData\Local\APN" deleted"C:\Users\Suzanne\AppData\Local\Babylon" deleted"C:\Users\Suzanne\AppData\Local\Giant Savings" deleted"C:\Users\Suzanne\AppData\Local\Conduit" deleted"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield" deleted"C:\Users\Suzanne\AppData\LocalLow\searchresultstb" deleted"C:\Users\Suzanne\AppData\LocalLow\ilividtoolbarguid" deleted"C:\Users\Suzanne\AppData\LocalLow\ilividtoolbarguid" deleted"C:\Users\Suzanne\AppData\LocalLow\Softonic" deleted"C:\Users\Suzanne\AppData\LocalLow\phpnuke" deleted"C:\Users\Suzanne\AppData\LocalLow\FileConverter_1.4" deleted"C:\Users\Suzanne\AppData\LocalLow\DataMngr" deleted"C:\Users\Suzanne\AppData\LocalLow\PriceGong" deleted"C:\Users\Suzanne\AppData\LocalLow\Conduit" deleted"C:\Windows\SysWow64\searchplugins" deleted"C:\Windows\SysWow64\Extensions" deleted"C:\Program Files (x86)\Search Results Toolbar\Datamngr" not deleted"C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64" not deleted"C:\Program Files (x86)\Hotspot Shield\bin" not deleted"C:\Program Files (x86)\Hotspot Shield\hsswd" not deleted"C:\Program Files (x86)\Hotspot Shield\HssWPR" not deleted"C:\Program Files (x86)\Hotspot Shield\bin\lang" not deleted"C:\Program Files (x86)\Hotspot Shield\hsswd\default" not deleted"C:\Program Files (x86)\Hotspot Shield\HssWPR\conf" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}" not deleted"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings" not deleted==== Files Recently Created / Modified ============================ C:\Windows ========== C:\Users\Suzanne\AppData\Local\Temp ========== Java Cache =========== C:\Windows\SysWOW64 =========== C:\Windows\SysWOW64\drivers =========== C:\Windows\Sysnative =========== C:\Windows\Sysnative\drivers =====2013-09-03 17:04:23 5E75CA03513BF7563F9A6AFCBDC47AC2 49872 ----a-w- C:\Windows\Sysnative\drivers\lfqmsshu.sys2013-08-21 14:08:00 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys2013-08-21 14:07:58 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys====== C:\Windows\Tasks ======2013-09-14 18:21:43 F0E1929518F0D547DC9D32BED4873161 3420 ----a-w- C:\Windows\Sysnative\Tasks\BitGuard====== C:\Windows\Temp ============= C:\Program Files =====2013-08-29 11:39:13 -------- d-----w- C:\Program Files\Speccy======= C:\Program Files (x86) =====2013-08-29 11:47:58 -------- d-----w- C:\Program Files (x86)\Trend Micro======= C: =========== C:\Users\Suzanne\AppData\Roaming ======2013-09-14 18:23:05 -------- d-----w- C:\Users\Suzanne\AppData\Local\avgchrome2013-09-14 18:21:18 -------- d-----w- C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard2013-08-28 17:41:14 F84E6B79B6F46AE44A78958B161FC299 8388608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-S-1-5-21-2206691725-1079391299-2408798529-1000.dat2013-08-21 13:59:30 2C729E7446C0CD9F651D9BD9F51C96BD 648436 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-System.dat====== C:\Users\Suzanne ======2013-09-14 18:20:54 -------- d-----w- C:\ProgramData\BitGuard====== C: exe-files ==2013-09-14 18:21:18 7F8BECFB26F2655E281406C6C341F416 3029472 ----a-w- C:\ProgramData\BitGuard\2.6.1673.238\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\uninstall.exe2013-09-14 18:21:09 7F8BECFB26F2655E281406C6C341F416 3029472 ----a-w- C:\ProgramData\BitGuard\2.6.1673.238\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\BitGuard.exe2013-09-10 18:20:26 CB139AE37B93E21CD858D748B3DF0EEA 34509664 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_chrome_installer.exe=== C: other files ==2013-09-17 17:15:27 D92EF83B560C2C682F3C5EC7406B3F0A 20424 ----a-w- C:\Users\Public\Desktop\sample_17-09-2013_1915.zip==== Startup Registry Enabled ======================[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"[HKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Run]"ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO""Facebook Update"="C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver""GameTracker"="C:\Program Files (x86)\GameTracker\GTLite.exe""BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED""Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun""Spotify Web Helper"="C:\Users\Suzanne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe""Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun""Spotify"="C:\Users\Suzanne\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart""Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband"[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]"mctadmin"="C:\Windows\System32\mctadmin.exe""IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]"mctadmin"="C:\Windows\System32\mctadmin.exe""IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"[HKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Application Restart #6"="C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session""Application Restart #4"="C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session"[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe""BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k""LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe""SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe""avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui""CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon""SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe""vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe""BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices""DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE"[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO""Facebook Update"="C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver""GameTracker"="C:\Program Files (x86)\GameTracker\GTLite.exe""BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED""Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun""Spotify Web Helper"="C:\Users\Suzanne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe""Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun""Spotify"="C:\Users\Suzanne\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart""Pokki"="C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband"[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Application Restart #6"="C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session""Application Restart #4"="C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session"==== Startup Registry Enabled x64 ======================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="C:\Windows\system32\igfxtray.exe""Persistence"="C:\Windows\system32\igfxpers.exe""RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s""Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe""CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon""SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "==== Startup Registry Disabled x64 ======================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run""item"="Adobe ARM""hkey"="HKLM""command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="AmIcoSinglun64""hkey"="HKLM""command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService]"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run""item"="ArcadeMovieService""hkey"="HKLM""command"="\"C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\""[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="DAEMON Tools Lite""hkey"="HKCU""command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="HotKeysCmds""hkey"="HKLM""command"="C:\\Windows\\system32\\hkcmd.exe"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ManyCam]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="ManyCam""hkey"="HKCU""command"="\"C:\\Program Files (x86)\\ManyCam\\Bin\\ManyCam.exe\" /silent"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="msnmsgr""hkey"="HKCU""command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pokki]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="Pokki""hkey"="HKCU""command"="\"C:\\Users\\Suzanne\\AppData\\Local\\Pokki\\v0.260.6.332\\pokki.exe\""[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="Sidebar""hkey"="HKCU""command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="Spotify""hkey"="HKCU""command"="\"C:\\Users\\Suzanne\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run""item"="Spotify Web Helper""hkey"="HKCU""command"="\"C:\\Users\\Suzanne\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""==== Startup Folders ======================2013-01-23 19:11:11 1328 ----a-w- C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk2012-11-12 15:24:29 1243 ----a-w- C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk==== Task Scheduler Jobs ======================C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job --a------ C:\Windows\TEMP\D23D6244-D8CA-41C9-9E75-B3F134C79DD1.exe []C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\0AD3FB29-9651-4761-8915-86C000E5BA86.exe []C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2206691725-1079391299-2408798529-1000Core.job --a------ C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-01-2013 21:09]C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2206691725-1079391299-2408798529-1000UA.job --a------ C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-01-2013 21:09]C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-08-2012 21:22]C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-08-2012 21:22]==== Chrome Look ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsbkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx[]cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Suzanne\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\WebCakeLayers.crx[03-08-2013 20:16]hgfgfchdnkmpdcadgmfgcglocdbkehjo - C:\Users\Suzanne\AppData\Local\CRE\hgfgfchdnkmpdcadgmfgcglocdbkehjo.crx[]ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Suzanne\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.3.0.11\avg.crx[26-06-2013 18:08]ndkhncnongaclekkbelchmeafffimifj - C:\Users\Suzanne\AppData\Local\Giant Savings\Chrome\Giant Savings.crx[]HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensionscjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Suzanne\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]hgfgfchdnkmpdcadgmfgcglocdbkehjo - C:\Users\Suzanne\AppData\Local\CRE\hgfgfchdnkmpdcadgmfgcglocdbkehjo.crx[]ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Suzanne\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]PriceGong - Suzanne - Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojokWeb Cake - Suzanne - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffhDoodle Jump - Suzanne - Default\Extensions\hgfgfchdnkmpdcadgmfgcglocdbkehjoWebcam Toy - Suzanne - Default\Extensions\lfbgimoladefibpklnfmkpknadbkladeAVG Secure Search - Suzanne - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofGiant Savings - Suzanne - Default\Extensions\ndkhncnongaclekkbelchmeafffimifj==== Chrome Fix ======================C:\Program Files (x86)\WebCakeLayers.crx deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.apps.conduit.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bittorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adobe-photoshop-cs2.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adobe-photoshop.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hotspot-shield.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_instagrille.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_medal-of-honor-allied-assault.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onsoftware.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_picmonkey-extension.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_skype.nl.softonic.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_rss2search.com_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bkomkajifikmkfnjgphkjcfeepbnojok_0.localstorage deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bkomkajifikmkfnjgphkjcfeepbnojok_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfgfchdnkmpdcadgmfgcglocdbkehjo deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hgfgfchdnkmpdcadgmfgcglocdbkehjo_0.localstorage deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hgfgfchdnkmpdcadgmfgcglocdbkehjo_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndkhncnongaclekkbelchmeafffimifj_0.localstorage deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndkhncnongaclekkbelchmeafffimifj_0.localstorage-journal deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ndkhncnongaclekkbelchmeafffimifj_0 deleted successfullyC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully==== Set IE to Default ======================Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://www.google.nl/"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not foundNew Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://www.google.nl/"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"==== All HKCU SearchScopes ======================HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found"{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={60FC0440-725B-4BE1-A7CA-7B236D4A5737}&mid=ae6e7e5239e347d09e0439d3c90d9dc9-7e189952288cd6ae228b2eb1d10eaa59852233b4〈=nl&ds=st011&pr=sa&d=2012-09-26"==== Deleting CLSID Registry Keys ======================HKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011441179} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011441179} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfullyHKEY_USERS\S-1-5-21-2206691725-1079391299-2408798529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfullyHKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110011441179} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011441179} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1631550F-191D-4826-B069-D9439253D926} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully==== Deleting CLSID Registry Values ======================HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{f34c9277-6577-4dff-b2d7-7d58092f272f} deleted successfully==== Deleting Registry Keys ======================HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hgfgfchdnkmpdcadgmfgcglocdbkehjo deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj deleted successfullyHKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfullyHKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hgfgfchdnkmpdcadgmfgcglocdbkehjo deleted successfullyHKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully==== HijackThis Entries ======================R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PC Helpforum - Gratis hulp bij computer problemen - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dllO3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dllO4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exeO4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -kO4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiO4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logonO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesO4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXEO4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTOO4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserverO4 - HKCU\..\Run: [GameTracker] C:\Program Files (x86)\GameTracker\GTLite.exeO4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZEDO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Suzanne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskbandO4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunO4 - HKCU\..\Run: [spotify] "C:\Users\Suzanne\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostartO4 - HKCU\..\RunOnce: [Application Restart #6] C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-sessionO4 - HKCU\..\RunOnce: [Application Restart #4] C:\Users\Suzanne\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Suzanne\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-sessionO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')O4 - Startup: Facebook Messenger.lnk = Suzanne\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exeO4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO20 - AppInit_DLLs: c:\progra~3\bitguard\261673~1.238\{61d8b~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1673.238\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\BitGuard.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exeO23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exeO23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (file missing)O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE (file missing)O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXEO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exeO23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeO23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)==== Empty IE Cache ======================C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\fbwuser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Suzanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTSTM3IZ will be deleted at reboot==== Empty FireFox Cache ======================No FireFox Profiles found==== Empty Chrome Cache ======================C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at rebootC:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully==== Empty All Flash Cache ======================Flash Cache Emptied Successfully==== Empty All Java Cache ======================No Java Cache Found==== After Reboot ========================== Empty Temp Folders ======================C:\Windows\Temp successfully emptiedC:\Users\Suzanne\AppData\Local\Temp successfully emptied==== Empty Recycle Bin ======================C:\$RECYCLE.BIN successfully emptied==== Deleting Files / Folders ======================"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\bl" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.settings" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\dm" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\uninstall.exe" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\00" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\01" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\02" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\03" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\10" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\11" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\12" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\13" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\20" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\21" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\22" not found"C:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\traking_settings\23" not found"C:\Program Files (x86)\Search Results Toolbar" not found"C:\Program Files (x86)\Hotspot Shield" not found"C:\ProgramData\Browser Manager" not found"C:\Users\Suzanne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTSTM3IZ" not found==== EOF on di 17-09-2013 at 22:44:52,49 ======================zo goed?

Link naar reactie
Delen op andere sites

Start 51a612a8b27e2-Zoek.pngZoek.exe nogmaals met het onderstaande script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
     
    AVG Security Toolbar;u
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
    "DATAMNGR"=-;r
    "vProt"=-;r
    C:\PROGRA~2\SEARCH~1;f
    startupall; 
    filesrcm;
    installedprogs;
    autoclean;
    hijackthis;
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.