Ga naar inhoud

Computer heeel traag en blokkeert


AnnieHanolp
 Delen

Aanbevolen berichten


We zullen eerst eens kijken of malware aan de basis ligt van je probleem door onderstaande uit te voeren.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Hammoudane at 2013-09-06 19:00:01

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 118 GB (40%) free of 292 GB

Total RAM: 894 MB (13% free)

info.txt logfile of random's system information tool 1.09 2013-09-06 18:50:33

======Uninstall list======

-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"

-->"C:\Program Files\HP Games\Arctic Quest 2\Uninstall.exe"

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"

-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"

-->"C:\Program Files\HP Games\Build-a-lot\Uninstall.exe"

-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"

-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"

-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"

-->"C:\Program Files\HP Games\FATE\Uninstall.exe"

-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"

-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"

-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"

-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"

-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"

-->"C:\Program Files\HP Games\Mah Jong Adventures\Uninstall.exe"

-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"

-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"

-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"

-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"

-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"

-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"

-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"

-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"

-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"

-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"

-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"

-->"C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"

-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL

ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}

Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -maintain plugin

Adobe Reader X - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA0000000001}

Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe"

AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL

AVG Security Toolbar-->C:\Program Files\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL

Bundled software uninstaller-->"C:\Users\Hammoudane\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" /initurl http://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A3AD381D-848C-4478-80DC-228E37309308}" "1043" "0"

Delta Chrome Toolbar-->"C:\Users\Hammoudane\AppData\Roaming\BabSolution\Shared\GUninstaller.exe" -key "Delta Chrome Toolbar" -rmkey -rmbus "Delta Chrome Toolbar" -ask

Diagnostisch hulpprogramma voor hardware-->C:\Program Files\PC-Doctor for Windows\uninst.exe

Driver Detective-->MsiExec.exe /X{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}

GentiumBasic 1.100-->C:\Program Files\SIL\Fonts\GentiumBasic\Uninstall.exe

Google Chrome-->"C:\Program Files\Google\Chrome\Application\29.0.1547.62\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Earth Plug-in-->MsiExec.exe /X{79361740-EAE3-11E2-9911-B8AC6F98CCE3}

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_714BFB3B4B0991F6.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {99A120B0-F930-3427-A833-FAD753B85527} /parameterfolder Client

HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}\setup.exe -runfromtemp -l0x0409

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}\setup.exe" -l0x9 -removeonly

HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}

HP Demo-->MsiExec.exe /X{48BF4489-0C58-4E80-BB17-94A673CE310A}

HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}\setup.exe" -l0x9 -removeonly

HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat

HP Recovery Manager RSS-->MsiExec.exe /X{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}

HP Total Care Advisor-->MsiExec.exe /X{f32502b5-5b64-4882-bf61-77f23edcac4f}

HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}

HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}

iLivid-->"C:\Users\Hammoudane\AppData\Local\iLivid\uninstall.exe"

iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}

Java 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}

Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}

LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall

Lexmark X1100 Series-->C:\Program Files\Lexmark X1100 Series\Install\x86\Uninst.exe

LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}

McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"

MCCI®Firmware Update Driver for MTK-->MsiExec.exe /I{13E92303-C1AC-4012-9E22-54EACBF54888}

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0413-0000-0000000FF1CE}" "{D3B92058-CF96-445F-A297-F7ED19C4E841}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0413-0000-0000000FF1CE}" "{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" "1043" "0"

Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}

Microsoft Office Groove MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}

Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD}

Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.)-->C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\GC\uninstall.exe /UN=GC /PID=LVD2-DTX

Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)-->C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\uninstall.exe /UN=IE /PID=LVD2-DTX

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"

Norton Safe Web Lite-->C:\Program Files\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\1.2.0.7\InstStub.exe /X /ARP

Norton Security Scan-->C:\PROGRA~1\NORTON~1\Engine\301~1.8\InstWrap.exe

NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI

OpenOffice.org 3.0-->MsiExec.exe /I{A7E1477E-810A-4185-BD9E-1A803498EFB3}

OptimizerPro1-->C:\PROGRA~2\INSTAL~1\OPTIMI~1\Setup.exe /remove /q0

Plants vs. Zombies-->C:\Program Files\PopCap Games\Plants vs. Zombies\PopUninstall.exe "C:\Program Files\PopCap Games\Plants vs. Zombies\Install.log"

Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall

PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

PremierOpinion-->C:\Program Files\PremierOpinion\pmropn.exe -bootremove -uninst:PremierOpinion

Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}

Qtrax Player-->MsiExec.exe /X{89505A66-35F0-4401-B3AD-D077051F8698}

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

Registry Mechanic 10.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{73CC972E-6ABF-456B-9E1E-BADC0E65B57A}" "1043" "0"

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F0CF1EB7-3E57-4F85-843F-B3C79088510D}" "1043" "0"

Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3F1B010E-91E7-45A2-845E-A8132972C01E}" "1043" "0"

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{89F78B33-4282-4698-844D-E306D4260C02}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{CC39BA1F-7A25-440C-86A7-77E35D8CC88C}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{9FF4E0C9-11BB-4B32-AC5E-EAB896CB4216}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A5E549EB-FDD3-4CD1-8163-50D429A36516}" "1043" "0"

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{280E2D43-11CC-4ADE-A171-9286CCB5412B}" "1043" "0"

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{77AA05C3-6499-49F2-801D-55BD0E587579}" "1043" "0"

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BC3AD7F4-A075-4C9E-A33A-0FA4F8EBCA96}" "1043" "0"

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{0690E5CB-319C-4FA5-8513-2E255BBB29B9}" "1043" "0"

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F8243081-3FB0-4EE8-9B2A-6F7D70AF5269}" "1043" "0"

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP

Speccy-->"C:\Program Files\Speccy\uninst.exe"

SweetIM Bundle by SweetPacks-->"C:\Program Files\sweetpacks bundle uninstaller\uninstaller.exe" "/appName=SweetIM Bundle by SweetPacks" "/linkurl=http://lp.sweetim.com/SweetPacksBundleUninstaller" "/sweettext=SweetIM (SweetIM for Messenger, Toolbar, Update Manager)"

SweetIM for Messenger 3.7-->MsiExec.exe /X{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

SweetPacks Updater-->"C:\Windows\system32\WNLT\Installation\uninstaller.exe"

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1043" "0"

Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1043" "0"

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1043" "0"

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1043" "0"

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{AC5C66AB-7561-4D7E-9EAD-0204DE4EEC9B}" "1043" "0"

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{7222F8D5-AE5D-4DE3-83CD-1AD949342001}" "1043" "0"

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}" "1043" "0"

Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1043" "0"

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1043" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{007CC0F3-15DE-426D-95B5-B019FCEF58CE}" "1043" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C4F26A9B-B121-4135-8084-A0D9C780C7C8}" "1043" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{460FF681-BC66-4C38-99DF-7012E03F1EBA}" "1043" "0"

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}" "1043" "0"

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1043" "0"

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1043" "0"

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}" "1043" "0"

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BA610006-2C39-4419-9834-CF61AB24810A}" "1043" "0"

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{4358BF13-DD13-41F8-82C1-7EE267FD290B}" "1043" "0"

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F1CBE095-403D-466D-BB13-B185A5F33231}" "1043" "0"

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{B4E24FDD-4879-4915-B52B-0A5202F1D94E}" "1043" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1043" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{C13E779A-0B50-420A-90FB-FDB1F9D846AD}" "1043" "0"

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}" "1043" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1043" "0"

VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}

VLC media player 2.0.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe

WebCake 3.00-->C:\PROGRA~2\TARMAI~1\{C4ED7~1\Setup.exe /remove /q0

Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live aanmeldhulp-->MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}

Windows Live Call-->MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E}

Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}

Windows Live Family Safety-->MsiExec.exe /X{CAEB2BE8-EF9E-4BFE-8165-3B54B62AF6CF}

Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}

Windows Live Messenger-->MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A}

Windows Live Movie Maker-->MsiExec.exe /X{32061277-9F45-4C3B-8299-D106D5A502ED}

Windows Live Photo Gallery-->MsiExec.exe /X{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}

Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}

Windows Live Writer-->MsiExec.exe /X{35CA031C-D3CD-4A28-8D9B-C71466C4F045}

WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: AVG Anti-Virus Free

AS: AVG Anti-Virus Free (disabled)

AS: Windows Defender

======System event log======

Computer Name: PC_van_Hammouda

Event Code: 6008

Message: De vorige afsluiting van het systeem om 21:34:45 op 1/12/2012 is onverwacht gebeurd.

Record Number: 580591

Source Name: EventLog

Time Written: 20121202084139.000000-000

Event Type: Fout

User:

Computer Name: PC_van_Hammouda

Event Code: 6009

Message: Microsoft ® Windows ® 6.00. 6001 Service Pack 1 Multiprocessor Free.

Record Number: 580592

Source Name: EventLog

Time Written: 20121202084139.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 6005

Message: De Event Log-service is gestart.

Record Number: 580593

Source Name: EventLog

Time Written: 20121202084139.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 6013

Message: Het systeem is 34 seconden in gebruik.

Record Number: 580594

Source Name: EventLog

Time Written: 20121202084139.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 6013

Message: Het systeem is 8361 seconden in gebruik.

Record Number: 580595

Source Name: EventLog

Time Written: 20121202110027.000000-000

Event Type: Informatie

User:

=====Application event log=====

Computer Name: PC_van_Hammouda

Event Code: 8219

Message: De tijdslimiet is overschreden tijdens het uitbreiden van de bestandsspecificatie \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8\Windows\softwaredistribution\Download\*.*. Dit werd gedaan voor abonnee WUA.

Bewerking:

OnPostSnapshot-gebeurtenis

PostSnapshot-gebeurtenis

Context:

Uitvoeringscontext: Shadow Copy Optimization Writer

Uitvoeringscontext: Writer

Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}

Naam van schrijver: Shadow Copy Optimization Writer

Instantie-id van schrijver: {089210b6-ce9e-47ca-9678-cbb6cb9abb37}

Record Number: 149903

Source Name: VSS

Time Written: 20130906163147.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 8219

Message: De tijdslimiet is overschreden tijdens het uitbreiden van de bestandsspecificatie \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8\Windows\softwaredistribution\*.*. Dit werd gedaan voor abonnee WUA.

Bewerking:

OnPostSnapshot-gebeurtenis

PostSnapshot-gebeurtenis

Context:

Uitvoeringscontext: Shadow Copy Optimization Writer

Uitvoeringscontext: Writer

Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}

Naam van schrijver: Shadow Copy Optimization Writer

Instantie-id van schrijver: {089210b6-ce9e-47ca-9678-cbb6cb9abb37}

Record Number: 149904

Source Name: VSS

Time Written: 20130906163147.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 8224

Message: De VSS-service is vanwege een time-out voor niet actief afgesloten.

Record Number: 149905

Source Name: VSS

Time Written: 20130906163526.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Hammouda

Event Code: 1010

Message: De verzamelprocedure voor de EmdCache-service in DLL-bestand C:\Windows\system32\emdmgmt.dll heeft een uitzondering gegenereerd of een ongeldige status teruggezonden. Prestatiemetergegevens die zijn teruggezonden door het item-DLL-bestand worden niet teruggezonden naar het gegevensblok. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de uitzonderingscode of statuscode.

Record Number: 149906

Source Name: Microsoft-Windows-Perflib

Time Written: 20130906164352.000000-000

Event Type: Fout

User:

Computer Name: PC_van_Hammouda

Event Code: 5

Message: Unsupported service control request (see data below)

Record Number: 149907

Source Name: LightScribeService

Time Written: 20130906165026.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: PC_van_Hammouda

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_HAMMOUDA$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x278

Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:

Netwerkadres: -

Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 221905

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130829200042.039799-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Hammouda

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_HAMMOUDA$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x278

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 221906

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130829200042.039799-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Hammouda

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 221907

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130829200042.039799-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Hammouda

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_HAMMOUDA$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: Hammoudane

Accountdomein: PC_van_Hammouda

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x2d4

Procesnaam: C:\Windows\System32\winlogon.exe

Netwerkgegevens:

Netwerkadres: 127.0.0.1

Poort: 0

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 221908

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130829210118.559799-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Hammouda

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_HAMMOUDA$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 7

Nieuwe aanmelding:

Beveiligings-id: S-1-5-21-2510180107-2633095666-4145995738-1000

Accountnaam: Hammoudane

Accountdomein: PC_van_Hammouda

Aanmeldings-id: 0x1230e2a

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x2d4

Naam proces: C:\Windows\System32\winlogon.exe

Netwerkgegevens:

Naam van werkstation: PC_VAN_HAMMOUDA

Netwerkadres van bron: 127.0.0.1

Poort van bron: 0

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: User32

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 221909

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20130829210118.559799-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ZipGenius 6\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=6b02

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"OnlineServices"=Online Services

"Platform"=HPD

"PCBRAND"=Presario

"MSWorksProductCode"={5158F1F5-FA1B-4D49-B546-55A5004B89BD}

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Ok, ik heb speccy en hijack alvast ook al gedaan

http://speccy.piriform.com/results/X2ifHlwTTeRIm3sWLEivRuk

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:30:58, on 6/09/2013

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.19088)

Boot mode: Normal

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\System32\jmdp\stij.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\PremierOpinion\pmropn.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\hp\support\hpsysdrv.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\SweetIM\Messenger\SweetIM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Users\Hammoudane\AppData\Roaming\Betcat\WebCakeDesktop.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = trooner.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1a7f91c20000000000000023543b2515&tlver=1.4.19.19&affID=19404

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - *{038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file)

R3 - URLSearchHook: (no name) - *{b317125e-2f10-4388-bf1f-2c31c6cd89ed} - (no file)

R3 - URLSearchHook: (no name) - *{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - (no file)

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WI9130~1\Datamngr\BROWSE~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Bcool - {CACEAF84-876E-8C70-E430-23D73FDC358E} - C:\ProgramData\Bcool\bhoclass.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\coIEPlg.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\coIEPlg.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msikkj32.dll,nWUiFyxJ

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\Hammoudane\AppData\Roaming\Betcat\WebCakeDesktop.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Startup: OpenOffice.org 3.0 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {C42B23DF-334C-4AD0-9AB4-91FF53D04239} (AbImporter Class) - http://v.netlogstatic.com/v4.00/2563//s/m/oz/OzDesktopImporter.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: PremierOpinion - VoiceFive, Inc. - C:\Program Files\PremierOpinion\pmservice.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Hammoudane\AppData\Local\Torch\Update\TorchCrashHandler.exe

O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

O23 - Service: WebCake Desktop Updater - cake bake - C:\Program Files\WBDesktop.Updater.1.0.0.16.exe

--

End of file - 14844 bytes

Link naar reactie
Delen op andere sites


Ik ga wel even kijken, kan even duren.

- - - Updated - - -

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    
    
    emptyclsid;
    {CCC7A320-B3CA-4199-B1A6-9F516DD69829};c
    {0974BA1E-64EC-11DE-B2A5-E43756D89593};c
    {30F9B915-B755-4826-820B-08FBA6BD249D};c
    {038cb5c7-48ea-4af9-94e0-a1646542e62b};c
    {b317125e-2f10-4388-bf1f-2c31c6cd89ed};c
    {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1};c
    {87775fdb-6972-41f9-ae51-8326e38cb206};c
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm;
    
    
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.4 Updated 31-08-2013

Tool run by Hammoudane on vr 06/09/2013 at 20:38:39,05.

Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Hammoudane\Downloads\zoek.exe [script inserted]

==== System Restore Info ======================

6/09/2013 20:45:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b317125e-2f10-4388-bf1f-2c31c6cd89ed} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b317125e-2f10-4388-bf1f-2c31c6cd89ed} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{38A91FD4-7A1F-4CF5-B241-D7B501DAF1CF} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7402} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\*{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\*{b317125e-2f10-4388-bf1f-2c31c6cd89ed} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\*{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0974BA1E-64EC-11DE-B2A5-E43756D89593} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\WebCake Desktop Updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ibupdaterservice deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Hammoudane\AppData\Roaming\Mozilla\Firefox\Profiles\0

---- Lines 5090395ed5620@5090395ed5659.com removed from prefs.js ----

---- Lines 5090395ed5620@5090395ed5659.com modified from prefs.js ----

---- Lines 5090395ed5620@5090395ed5659.com removed from user.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- Lines OneClickDownload removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20130609_2054_.backup

prefs_20130609_2054_.backup

ProfilePath: C:\Users\Hammoudane\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- Lines 5090395ed5620@5090395ed5659.com removed from prefs.js ----

---- Lines 5090395ed5620@5090395ed5659.com modified from prefs.js ----

---- Lines 5090395ed5620@5090395ed5659.com removed from user.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- Lines OneClickDownload removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20130609_2054_.backup

prefs_20130609_2054_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Program Files\Mozilla Firefox\user.js" deleted

"C:\Users\Hammoudane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk" deleted

"C:\Users\Hammoudane\Downloads\SoftonicDownloader_for_easy-video-splitter.exe" deleted

"C:\Windows\System32\dmwu.exe" deleted

"C:\Windows\System32\Tasks\DSite" deleted

"C:\Users\Public\sdelevURL.tmp" deleted

"C:\Users\Hammoudane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk" deleted

"C:\Users\Hammoudane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{23B17526-C8D2-4D28-BAB6-5AA52DF554B9}.job" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{A3CDEA6E-F6FA-4BD9-BB7B-7CDC99596E55}.job" deleted

"C:\Windows\system32\Tasks\EPUpdater" deleted

"C:\Windows\system32\tasks\QtraxPlayer" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{23B17526-C8D2-4D28-BAB6-5AA52DF554B9}.job" deleted

"C:\Windows\tasks\OptimizerPro1UpdaterTask{A3CDEA6E-F6FA-4BD9-BB7B-7CDC99596E55}.job" deleted

"C:\Windows\tasks\WxDFastUpdaterTask{D700D7C1-1F00-4CF7-869F-E361D2D24DDE}.job" deleted

"C:\user.js" deleted

"C:\Windows\system32\roboot.exe" deleted

"C:\Windows\system32\ImHttpComm.dll" deleted

"C:\Windows\system32\dmwu.exe" deleted

"C:\Windows\System32\ConduitEngine.tmp" deleted

"C:\Program Files\PremierOpinion\pmls.dll" deleted

"C:\Program Files\PremierOpinion\pmropn.exe" deleted

"C:\Program Files\PremierOpinion\pmservice.exe" deleted

"C:\Users\Hammoudane\AppData\Roaming\Betcat\WebCakeDesktop.exe" deleted

"C:\ProgramData\Wincert\win32cert.dll" deleted

"C:\ProgramData\Wincert\win32prop.dll" deleted

"C:\Windows\System32\jmdp\lmrn.dll" deleted

"C:\Windows\System32\jmdp\sqlite3.dll" deleted

"C:\Windows\System32\jmdp\stij.exe" deleted

"C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll" deleted

"C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe" deleted

"C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgArchive.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgFlashPlayer.dll" deleted

"C:\Program Files\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgMsnAuto.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgMsnMessengerAdapter.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgSweetIM.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files\SweetIM\Messenger\msvcr71.dll" not deleted

"C:\Program Files\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Users\Hammoudane\AppData\Roaming\Betcat\dat\Desktop.OS.dll" deleted

"C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe" deleted

"C:\Users\Hammoudane\AppData\Roaming\Bandoo" deleted

"C:\ProgramData\Bcool" deleted

"C:\ProgramData\wxDownload" deleted

"C:\Program Files\Movies Toolbar" not deleted

"C:\Program Files\Bandoo" deleted

"C:\Program Files\Betcat" deleted

"C:\Program Files\Search Results Toolbar" deleted

"C:\Program Files\ShoppingReport" deleted

"C:\Program Files\Windows Searchqu Toolbar" deleted

"C:\Program Files\Optimizer Pro" deleted

"C:\Program Files\PremierOpinion" not deleted

"C:\Program Files\WebCake" deleted

"C:\Program Files\sweetpacks bundle uninstaller" deleted

"C:\Program Files\WhiteSmoke" deleted

"C:\Program Files\BrowserCompanion" deleted

"C:\Program Files\SweetIM" not deleted

"C:\Program Files\Conduit" deleted

"C:\Program Files\ConduitEngine" deleted

"C:\Program Files\Common Files\Wondershare" deleted

"C:\found.000" deleted

"C:\Users\Hammoudane\AppData\Roaming\Betcat" deleted

"C:\Users\Hammoudane\AppData\Roaming\WebCake" deleted

"C:\Users\Hammoudane\AppData\Roaming\Web Cake" deleted

"C:\Users\Hammoudane\AppData\Roaming\BabSolution" deleted

"C:\Users\Hammoudane\AppData\Roaming\Babylon" deleted

"C:\Users\Hammoudane\AppData\Roaming\Registry Mechanic" deleted

"C:\Users\Hammoudane\AppData\Roaming\Bandoo" deleted

"C:\Users\Hammoudane\AppData\Roaming\DSite" deleted

"C:\Users\Hammoudane\AppData\Roaming\Systweak" deleted

"C:\Users\Hammoudane\AppData\Roaming\OpenCandy" deleted

"C:\Users\Hammoudane\Qtrax" deleted

"C:\ProgramData\Browser Manager" deleted

"C:\ProgramData\Ask" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\Datamngr" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Wincert" deleted

"C:\ProgramData\SweetIM" deleted

"C:\ProgramData\wxDownload" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Premium" not deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Bcool" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion" deleted

"C:\Users\Hammoudane\AppData\Local\iLivid" deleted

"C:\Users\Hammoudane\AppData\Local\Ilivid Player" deleted

"C:\Users\Hammoudane\AppData\Local\ilividmoviestoolbardla" deleted

"C:\Users\Hammoudane\AppData\Local\CRE" deleted

"C:\Users\Hammoudane\AppData\Local\Wondershare" deleted

"C:\Users\Hammoudane\AppData\Local\Bundled software uninstaller" deleted

"C:\Users\Hammoudane\AppData\Local\PackageAware" deleted

"C:\Users\Hammoudane\AppData\Local\Conduit" deleted

"C:\Users\Hammoudane\AppData\LocalLow\ShoppingReport" deleted

"C:\Users\Hammoudane\AppData\LocalLow\Claro LTD" deleted

"C:\Users\Hammoudane\AppData\LocalLow\Bcool" deleted

"C:\Users\Hammoudane\AppData\LocalLow\searchresultstb" deleted

"C:\Users\Hammoudane\AppData\LocalLow\ilividmoviestoolbardla" deleted

"C:\Users\Hammoudane\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\Hammoudane\AppData\LocalLow\Delta" deleted

"C:\Users\Hammoudane\AppData\LocalLow\DataMngr" deleted

"C:\Users\Hammoudane\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\Hammoudane\AppData\LocalLow\PriceGong" deleted

"C:\Users\Hammoudane\AppData\LocalLow\searchquband" deleted

"C:\Users\Hammoudane\AppData\LocalLow\Conduit" deleted

"C:\Users\Hammoudane\AppData\LocalLow\ConduitEngine" deleted

"C:\Windows\System32\jmdp" deleted

"C:\Windows\System32\ARFC" deleted

"C:\Windows\System32\WNLT" deleted

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" deleted

"C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted

"C:\Users\Hammoudane\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted

"C:\Program Files\Movies Toolbar\Datamngr" not deleted

"C:\Program Files\SweetIM\Messenger" not deleted

"C:\Users\Hammoudane\AppData\Roaming\Betcat\dat" deleted

"C:\ProgramData\Premium\OptimizerPro1" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\HAMMOU~1\AppData\Local\Temp ====

2013-08-30 20:33:22 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Users\HAMMOU~1\AppData\Local\Temp\rtdrvmon.exe

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-09-06 16:41:20 -------- d-----w- C:\Program Files\Speccy

2013-09-06 16:29:12 -------- d-----w- C:\Program Files\Trend Micro

2013-08-16 10:52:55 51992 ----a-w- C:\Program Files\WBDesktop.Updater.1.0.0.16.exe

======= C: =====

====== C:\Users\Hammoudane\AppData\Roaming ======

====== C:\Users\Hammoudane ======

2013-09-06 16:46:49 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Hammoudane\Downloads\RSIT.exe

2013-09-06 16:37:41 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Hammoudane\Downloads\spsetup122.exe

2013-08-31 13:20:11 -------- d-----w- C:\ProgramData\PicBlock

2013-08-27 14:26:12 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Hammoudane\attrib

====== C: exe-files ==

2013-09-06 16:49:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Hammoudane.exe

2013-09-06 14:55:16 514FC42D49F76C16CC1839A6B9D3AC05 1611104 ----a-w- C:\Program Files\Google\Update\Install\{6A070DB1-7384-4421-B44D-E8FEB72CBCD3}\29.0.1547.66_29.0.1547.62_chrome_updater.exe

2013-09-06 14:55:16 514FC42D49F76C16CC1839A6B9D3AC05 1611104 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_29.0.1547.62_chrome_updater.exe

2013-09-03 08:23:37 F722776B89AF7BF68C7FF2B19483DA1F 171088 ----a-w- C:\Users\Hammoudane\AppData\Local\Temp\busB885\CrxUpdater_g.exe

2013-09-03 08:23:37 F722776B89AF7BF68C7FF2B19483DA1F 171088 ----a-w- C:\Users\Hammoudane\AppData\Local\Temp\bus6680\CrxUpdater_g.exe

2013-08-30 20:33:22 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Users\Hammoudane\AppData\Local\Temp\rtdrvmon.exe

=== C: other files ==

==== Firefox Extensions ======================

ProfilePath: C:\Users\Hammoudane\AppData\Roaming\Mozilla\Firefox\Profiles\0

- Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi

==== Firefox Plugins ======================

==== Deleting Files \ Folders ======================

"C:\Users\Hammoudane\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Hammoudane\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx[]

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Hammoudane\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files\BrowserCompanion\blabbers-ch.crx[]

cnnkiplpgphflnkphofpfpmgdlgijhio - C:\ProgramData\Bcool\cnnkiplpgphflnkphofpfpmgdlgijhio.crx[]

dkinklhnkmkhkhofcnapakaoehijaoih - No path found[]

dlnembnfbcpjnepmfjmngjenhhajpdfd - No path found[]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Hammoudane\AppData\Roaming\BabSolution\CR\Delta.crx[]

fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files\WebCakeLayers.crx[05/08/2013 16:33]

jbajpeofkjjeiamcglnmldoboonfkiol - C:\Program Files\Movies Toolbar\Datamngr\chromeExtension.crx[]

jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]

jfcagokicjljbocfhmaglpddhfphdgpd - C:\ProgramData\wxDownload\jfcagokicjljbocfhmaglpddhfphdgpd.crx[]

kfkcangbigakljkjeglcofaomihpejif - No path found[]

kibaojpmcohambhjfgefecjgcafpdoli - C:\ProgramData\Bcool\kibaojpmcohambhjfgefecjgcafpdoli.crx[]

kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\Hammoudane\AppData\Local\Torch\Plugins\TorchPlugin.crx[20/06/2013 16:57]

mkndcbhcgphcfkkddanakjiepeknbgle - C:\Program Files\PremierOpinion\pmcm.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[16/08/2013 12:48]

ndkbkobccppmaijogmlganlchookhcnj - C:\ProgramData\Bcool\ndkbkobccppmaijogmlganlchookhcnj.crx[]

ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\System32\jmdp\SweetNT.crx[]

pmlghpafmmnmmkjdhacccolfgnkiboco - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Hammoudane\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

kfkcangbigakljkjeglcofaomihpejif - No path found[]

YouTube - Hammoudane - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Hammoudane - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Card number - Hammoudane - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage deleted successfully

C:\Users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-394&t=4"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=84&bd=Presario&pf=cndt"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.trooner.com/"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=84&bd=Presario&pf=cndt"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1a7f91c20000000000000023543b2515&tlver=1.4.19.19&affID=19404"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{615487A1-04E1-4022-8343-DC92E24B7A36} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={BEBE1663-B5D4-4BD6-9132-4B2B7DC0109C}&mid=e6efb0e9062fbb86a41c4dd62994924d-7a3944237d566d5f3e22156ff3a3c059840bc1a3〈=us&ds=AVG&pr=fr&d=2011-11-28"

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} Unknown Url="Not_Found"

{C90D878C-1FAF-4909-A6E7-A09B38C07CD8} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CACEAF84-876E-8C70-E430-23D73FDC358E} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CACEAF84-876E-8C70-E430-23D73FDC358E} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{615487A1-04E1-4022-8343-DC92E24B7A36} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C90D878C-1FAF-4909-A6E7-A09B38C07CD8} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{CACEAF84-876E-8C70-E430-23D73FDC358E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CACEAF84-876E-8C70-E430-23D73FDC358E} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2510180107-2633095666-4145995738-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cnnkiplpgphflnkphofpfpmgdlgijhio deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfcagokicjljbocfhmaglpddhfphdgpd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kibaojpmcohambhjfgefecjgcafpdoli deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndkbkobccppmaijogmlganlchookhcnj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hammoudane\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hammoudane\AppData\Local\Temp\Temporary Internet Files(46)\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7H4C0WSG will be deleted at reboot

C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Hammoudane\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\HAMMOU~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\SweetIM\Messenger\msvcr71.dll" not found

"C:\Windows\System32\dmwu.exesearch" not found

"C:\Windows\system32\ImHttpComm.dllsearch" not found

"C:\Windows\system32\dmwu.exesearch" not found

"C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files\Movies Toolbar" not found

"C:\Program Files\PremierOpinion" not found

"C:\Program Files\SweetIM" not found

"C:\ProgramData\Premium" not found

"C:\Users\Hammoudane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7H4C0WSG" not found

==== EOF on vr 06/09/2013 at 21:12:45,31 ======================

- - - Updated - - -

als bijlage

zoek-results.log

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...