Laptop Medion Vista van 2010

[Lutty2520]

Goedenavond kan er mij iemand helpen aub?

Mijn Laptop valt regelmatig uit, ik heb gelezen dat het kan komen van de ventilator. Hoe kom ik te weten of het daaraan ligt?

Nog een tweede vraagje kan ik hier een hijack this plaatsen en hoe aub.

Vriendelijke groetjes en tot hoors:-)

[clarkie]

Voer de twee onderstaande zaken eens uit:

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

---

---

Download en installeer Speccy.

Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware.

Meer info over deze procedure lees je HIER.

[Lutty2520]

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 18:28:30, on 22/02/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Opera\opera.exe

C:\Windows\system32\taskeng.exe

C:\Users\Lutty\Documents\zoek.exe

C:\Users\Lutty\AppData\Local\Temp\RarSFX0\zoek.com

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe

C:\Windows\system32\mshta.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = Welcome to Internet Explorer 9

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\MobileWiFi\MobileWiFi

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--

End of file - 8447 bytes

Is het zo in orde?

Lutty

[Lutty2520]

http://speccy.piriform.com/results/7kLTfGkyU6qG5CAPb3ESXwm

Is dit zo oke?

Lutty

[clarkie]

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je Hijackthis logje.

Kan je wel nog een nieuw speccy logje maken wanneer de laptop langer in gebruik is want jouw logje is gemaakt nadat de laptop 8min op stond.

Via het logje kunnen we nakijken welke temperaturen je hardware haalt maar best dus dat je laptop enige tijd in gebruik is.

[juisterr]

Het logje lijkt me schoon.

Probeer dit eens.

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  emptyclsid;
  firefoxlook; 
  Chromelook; 
  autoclean; 
  iedefaults; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

[Lutty2520]

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Lutty on wo 14/08/2013 at 21:08:49,40.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Lutty\Downloads\zoek.exe [Quick Scan] [Auto Clean]

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "3ef9625b0000000000000016eacf9136");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15847");

user_pref("extensions.delta.vrsn", "1.8.21.5");

user_pref("extensions.delta.vrsni", "1.8.21.5");

user_pref("extensions.delta.vrsnTs", "1.8.21.516:25:33");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=119357&tt=gc_");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines securedsearch removed from prefs.js ----

user_pref("browser.startup.homepage", "http://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=99555750464A8EA5CF307151D91A13D4");

---- Lines securedsearch modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines SecureSearch removed from prefs.js ----

user_pref("browser.search.selectedEngine", "SecureSearch");

---- Lines SecureSearch modified from prefs.js ----

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 1);

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

user_20131408_2113_.backup

prefs_20131408_2113_.backup

prefs_20132202_1824_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\searchplugins\delta.xml" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\searchplugins\babylon.xml" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\Users\Lutty\Downloads\SoftonicDownloader_voor_ad-aware.exe" deleted

"C:\Windows\System32\Tasks\DSite" deleted

"C:\Windows\tasks\DSite.job" deleted

"C:\Windows\system32\roboot.exe" deleted

"C:\Windows\System32\SET3BDC.tmp" deleted

"C:\Windows\System32\SET692F.tmp" deleted

"C:\Windows\System32\SET6CCB.tmp" deleted

"C:\Windows\System32\SETA343.tmp" deleted

"C:\Windows\System32\SETA4AA.tmp" deleted

"C:\Windows\System32\SETA71E.tmp" deleted

"C:\Windows\System32\SETA7E9.tmp" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\searchplugins\babylon.xml" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\searchplugins\askcom.xml" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\searchplugins\Search_Results.xml" deleted

"C:\Program Files\MyPC Backup" deleted

"C:\Users\Lutty\AppData\Roaming\Babylon" deleted

"C:\Users\Lutty\AppData\Roaming\DSite" deleted

"C:\Users\Lutty\AppData\Roaming\Systweak" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Trymedia" deleted

"C:\Users\Lutty\AppData\Local\PackageAware" deleted

"C:\Users\Lutty\AppData\LocalLow\searchresultstb" deleted

"C:\Users\Lutty\AppData\LocalLow\Delta" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\staged" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\ffxtlbr@babylon.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-09 04:54:46 06F6157BB950921D39872CEA98756DCB 224413056 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Lutty\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-08-01 09:51:58 498BD12B38B549887D9E856EB734354E 106928 ----a-w- C:\Windows\System32\GEARAspi.dll

====== C:\Windows\system32\drivers =====

2013-08-01 09:52:06 185ADA973B5020655CEE342059A86CBB 26840 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

====== C:\Windows\Tasks ======

2013-08-14 19:07:31 3117CBBAAF073C705E16B7F91FF17FF7 2966 ----a-w- C:\Windows\system32\Tasks\{7561B11A-7331-4D8E-9198-A9BE1BCD9F03}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C: =====

====== C:\Users\Lutty\AppData\Roaming ======

2013-07-27 08:17:03 0BE991E5089C94B755B8C444DA6DAB89 75 ----a-w- C:\users\Lutty\AppData\Roaming\WB.CFG

====== C:\Users\Lutty ======

2013-08-14 14:07:42 8AEB5D7CF5182094977760A765FA5B01 5126104 ----a-w- C:\Users\Lutty\Downloads\spsetup122 (1).exe

2013-08-14 13:59:41 8AEB5D7CF5182094977760A765FA5B01 5126104 ----a-w- C:\Users\Lutty\Downloads\spsetup122.exe

2013-08-11 08:13:42 214591D03A6838A8F54FE7ACA0661237 104 ----a-w- C:\Users\Lutty\Internet - Snelkoppeling.lnk

2013-08-01 13:18:00 7631D5A57627F22C412C6010E264D1C6 846 ----a-w- C:\Users\Lutty\Week 70 71.lnk

2013-07-28 20:54:00 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Pluchke\ntuser.pol

2013-07-18 18:04:31 B220016FC8919F58EA1BA7F5CD69397C 900 ----a-w- C:\Users\Lutty\Week 68 69 Snelkoppeling.lnk

====== C: exe-files ==

2013-08-14 14:07:42 8AEB5D7CF5182094977760A765FA5B01 5126104 ----a-w- C:\Users\Lutty\Downloads\spsetup122 (1).exe

2013-08-14 13:59:41 8AEB5D7CF5182094977760A765FA5B01 5126104 ----a-w- C:\Users\Lutty\Downloads\spsetup122.exe

2013-08-13 17:14:58 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files\Google\Update\Install\{B23AECF9-7389-48BF-B281-FD72DE7AAD8C}\28.0.1500.95_28.0.1500.72_chrome_updater.exe

2013-08-13 17:14:58 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe

2013-08-11 08:12:22 6A22D2ABDD6969D78C2C8ADA0BC3C83C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IY32XTE.exe

2013-08-11 08:06:26 B917E7B8A85F0668E4920FF52A76E8FB 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IQ5IH6G.exe

2013-08-11 08:06:23 2FE5DA8681C15B723A09F3B5365550AD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IJKW075.exe

2013-08-11 08:06:20 86E02866E21956E46637294193B43D52 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IERMYUV.exe

2013-08-11 08:06:15 8EAA8BB323E01A4D726F42D81035016B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IIAUCW4.exe

2013-08-11 08:06:07 FC855417EFDE8DD72265A272C7E684C8 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$I0URHJA.exe

=== C: other files ==

2013-08-14 19:09:07 90A594537C3731C9A3AB3B540868B60B 346 ----a-w- C:\Users\Lutty\AppData\Local\Temp\drives.vbs

2013-08-11 09:26:14 83336DEEB678A7813B3A29573A0D1AA5 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4200065788-2244337797-1109055521-1000\$IDR1JQK.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Search Protection"="C:\ProgramData\Search Protection\SearchProtection.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ehTray.exe"

"hkey"="HKCU"

"command"="C:\\Windows\\ehome\\ehTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Desktop Search"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ISUSPM"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LanguageShortcut"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\PowerDVD\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileBroadband]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MobileBroadband"

"hkey"="HKLM"

"command"="C:\\Program Files\\Vodafone\\Vodafone Mobile Broadband\\Bin\\MobileBroadband.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MSC"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mwlDaemon"

"hkey"="HKLM"

"command"="C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvCplDaemon"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvMediaCenter"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RemoteControl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\PowerDVD\\PDVDServ.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="RtHDVCpl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skytel"

"hkey"="HKLM"

"command"="Skytel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spyware Doctor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spyware Doctor"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SynTPEnh"

"hkey"="HKLM"

"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\toolbar_eula_launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="toolbar_eula_launcher"

"hkey"="HKLM"

"command"="C:\\Program Files\\GoogleEULA\\EULALauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tsnp2uvc]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="tsnp2uvc"

"hkey"="HKLM"

"command"="C:\\Windows\\tsnp2uvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UCam_Menu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UCam_Menu"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\HomeCinema\\YouCam\" update \"Software\\CyberLink\\YouCam\\2.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Windows Defender"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="WMPNSCFG"

"hkey"="HKCU"

"command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yontoo Desktop]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Yontoo Desktop"

"hkey"="HKCU"

"command"="\"C:\\Users\\Lutty\\AppData\\Roaming\\Yontoo\\YontooDesktop.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"ICSDCLT"="C:\\Windows\\rundll32.exe C:\\Windows\\system32\\icsdclt.dll,ICSClient"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12/06/2013 18:53]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/05/2011 22:44]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/05/2011 22:44]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

- Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- New Tab - %ProfilePath%\extensions\{3247D0F1-1E1E-43ED-94E5-7E40F54E1C83}

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

ACEF2CBC1032BC14D112EB4494537DA5 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\{3247D0F1-1E1E-43ED-94E5-7E40F54E1C83}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\adawaretb\chrome-newtab-search.crx[]

Google Docs - Lutty - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Lutty - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Lutty - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Lutty - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Pixlr-o-matic - Lutty - Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj

Gmail - Lutty - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.babylon.com/?affID=119357&tt=gc_&babsrc=HP_ss_din2g&mntrId=3EF90016EACF9136"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.be/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_nl"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=X6nocJFdiShyxjPIp4Ff-ZnV10Q?q={searchTerms}"

{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} Bing Url="http://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lutty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Pluchke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lutty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Lutty\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Pluchke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Lutty\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lutty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on wo 14/08/2013 at 21:19:25,96 ======================

[Lutty2520]

http://speccy.piriform.com/results/SzVcfdmIBLOYSsFyo4yVp0j

[juisterr]

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht.

[Lutty2520]

# AdwCleaner v2.306 - Verslag gemaakt op 15/08/2013 om 17:17:43

# Geactualiseerd op 19/07/2013 door Xplode

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

# Gebruiker : Lutty - LUTTY

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Lutty\Downloads\AdwCleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijderd : C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml

Map Verwijderd : C:\Program Files\registry mechanic

Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\585388d0b23ee913

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\adawaretb

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong

Sleutel Verwijderd : HKCU\Software\BabSolution

Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar

Sleutel Verwijderd : HKCU\Software\ilivid

Sleutel Verwijderd : HKCU\Software\IM

Sleutel Verwijderd : HKCU\Software\ImInstaller

Sleutel Verwijderd : HKCU\Software\InstallCore

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchCore for Browsers

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKCU\Software\SearchCore for Browsers

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKLM\SOFTWARE\585388d0b23ee913

Sleutel Verwijderd : HKLM\Software\Babylon

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2724386

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2727678

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijderd : HKLM\Software\Conduit

Sleutel Verwijderd : HKLM\Software\DataMngr

Sleutel Verwijderd : HKLM\Software\iLividSRTB

Sleutel Verwijderd : HKLM\Software\ImInstaller

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1d575a3306271ecdf72a2148d0b60f15

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1e51f85eba74646fe9f5e88b4f1b595b

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5f79cbba6cbd36b86b391709c45f3a36

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\920be7335951e221f433bc7c18826895

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d8f31a842ec4b76cc970f1646dac551f

Sleutel Verwijderd : HKLM\Software\systweak

Sleutel Verwijderd : HKLM\Software\Tarma Installer

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16502

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v16.0.2 (nl)

File : C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Lutty\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

File : C:\Users\Pluchke\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Opera v [Onmogelijk de versie te verkrijgen]

File : C:\Users\Lutty\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] De file bevat geen enkele ongeoorloofde invoer.

File : C:\Users\Pluchke\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [5594 octets] - [15/08/2013 17:17:43]

########## EOF - C:\AdwCleaner[s1].txt - [5654 octets] ##########