Ga naar inhoud

Windows verkenner


finniebox
 Delen

Aanbevolen berichten

als ik ops windows verkenner op deze plek (staat aangegeven op afbeelding Imageshack - 0jnk.png ) staat er windows verkenner reageert niet meer en het is geen malware denk ik want dat heb ik al gescand als ik sfc /scannow doe in cmd /k komt er uiteindelijk dit (staat op dit plaatje Imageshack - aksu.png ) ik wil dit zo graag mogelijk oplossen zonder windows opnieuw te installeren alvast bedankt

post-45109-1417705535,4155_thumb.jpg

post-45109-1417705535,4472_thumb.jpg

aangepast door finniebox
Link naar reactie
Delen op andere sites



Misschien toch best ook even controleren op malware en virussen.

Voer onderstaande uit:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Misschien toch best ook even controleren op malware en virussen.

Voer onderstaande uit:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

dit is de inhoud van de log

Logfile of random's system information tool 1.09 (written by random/random)

Run by Finn at 2013-09-08 11:34:58

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 128 GB (51%) free of 250 GB

Total RAM: 8191 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:35:09, on 8-9-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Finn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (file missing)

O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1329758275-923032009-2089121907-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1329758275-923032009-2089121907-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AutoKMS - Unknown owner - C:\Windows\AutoKMS\AutoKMS.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11167 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

taskeng.exe {63ED9015-C65F-4269-A428-7324691B5B39}

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"

"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"

C:\Windows\SysWOW64\PnkBstrA.exe

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"

"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl

"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"

WLIDSvcM.exe 2476

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

atieclxx

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session

"taskhost.exe"

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp

"C:\Windows\system32\Dwm.exe"

\??\C:\Windows\system32\conhost.exe "1470691417277861732719348343251264411231733411-10277288221492168649-422225866

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"

"C:\Program Files (x86)\Steam\Steam.exe" -silent

"C:\Windows\System32\StikyNot.exe"

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

explorer.exe

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="732.0.683416429\2141219229" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0601 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2018 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.2.1035042450\532628909" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.3.2035448064\2039927123" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --lang=nl --channel="732.7.1087623147\1655075637" /prefetch:-390060480

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/ManualResetProfile/Enable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.18.371577342\1332341933" /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/ManualResetProfile/Enable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="732.29.372271576\358857864" /prefetch:673131151

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Users\Finn\Desktop\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\AutoKMS.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\

{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-17 10134560]

"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-12-21 6326448]

"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ASRockOCTuner"= []

"zASRockInstantBoot"= []

"ASRockIES"= []

"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-08-28 1811880]

"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]

C:\Program Files (x86)\Clownfish\Clownfish.exe [2013-07-02 1276152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]

C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]

C:\Users\Finn\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-05-22 740712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

C:\Users\Finn\AppData\Roaming\Spotify\Spotify.exe [2013-07-09 4640768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Users\Finn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-07-09 1104384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"Starter"=C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe []

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-08 11:34:58 ----D---- C:\rsit

2013-09-08 11:34:58 ----D---- C:\Program Files\trend micro

2013-09-07 14:54:57 ----D---- C:\ProgramData\GFACE

2013-09-05 18:28:43 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-08-30 11:54:05 ----D---- C:\Program Files (x86)\Environment Simulating Studio

2013-08-29 18:08:32 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2

2013-08-29 17:55:50 ----D---- C:\Program Files (x86)\Cheat Engine 6.3

2013-08-26 13:03:26 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys

2013-08-26 13:03:06 ----DC---- C:\Windows\system32\DRVSTORE

2013-08-26 13:03:06 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys

2013-08-25 21:30:08 ----D---- C:\Users\Finn\AppData\Roaming\Opera Software

2013-08-25 21:30:06 ----D---- C:\Program Files (x86)\Opera

2013-08-25 18:21:09 ----D---- C:\Users\Finn\AppData\Roaming\Tunngle

2013-08-14 17:41:04 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-08-14 17:41:04 ----A---- C:\Windows\system32\ieui.dll

2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-08-14 17:41:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-08-14 17:41:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-14 17:41:03 ----A---- C:\Windows\system32\iesysprep.dll

2013-08-14 17:41:03 ----A---- C:\Windows\system32\iesetup.dll

2013-08-14 17:41:03 ----A---- C:\Windows\system32\iernonce.dll

2013-08-14 17:41:03 ----A---- C:\Windows\system32\ie4uinit.exe

2013-08-14 17:41:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-08-14 17:41:02 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-08-14 17:41:02 ----A---- C:\Windows\system32\msfeeds.dll

2013-08-14 17:41:02 ----A---- C:\Windows\system32\jscript.dll

2013-08-14 17:41:02 ----A---- C:\Windows\system32\iertutil.dll

2013-08-14 17:41:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-08-14 17:41:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-08-14 17:41:01 ----A---- C:\Windows\system32\urlmon.dll

2013-08-14 17:41:01 ----A---- C:\Windows\system32\jscript9.dll

2013-08-14 17:41:00 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-08-14 17:41:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-08-14 17:41:00 ----A---- C:\Windows\system32\wininet.dll

2013-08-14 17:41:00 ----A---- C:\Windows\system32\jsproxy.dll

2013-08-14 17:40:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-08-14 17:40:58 ----A---- C:\Windows\system32\mshtml.dll

2013-08-14 17:40:58 ----A---- C:\Windows\system32\ieframe.dll

2013-08-14 17:40:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-08-14 17:37:02 ----D---- C:\Windows\system32\MRT

2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-08-14 15:35:04 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-14 15:35:04 ----A---- C:\Windows\system32\wintrust.dll

2013-08-14 15:35:04 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-14 15:35:04 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-14 15:35:04 ----A---- C:\Windows\system32\crypt32.dll

2013-08-14 15:34:54 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-14 15:34:54 ----A---- C:\Windows\system32\tzres.dll

2013-08-14 15:34:45 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-14 15:34:45 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-14 15:34:45 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-14 15:34:45 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-14 15:34:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-08-14 15:34:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\user.exe

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-08-14 15:34:40 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-08-14 15:34:40 ----A---- C:\Windows\system32\wow64.dll

2013-08-14 15:34:40 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-08-14 15:34:40 ----A---- C:\Windows\system32\ntdll.dll

2013-08-14 15:34:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-08-14 15:33:57 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-08-14 11:00:59 ----D---- C:\Program Files (x86)\Saints Row The Third

2013-08-12 20:34:43 ----D---- C:\Users\Finn\AppData\Roaming\Malwarebytes

2013-08-12 20:32:52 ----D---- C:\ProgramData\Malwarebytes

2013-08-12 20:32:51 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-12 20:32:51 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-08-12 20:32:16 ----D---- C:\ProgramData\Spybot - Search & Destroy

2013-08-12 20:31:44 ----A---- C:\Windows\system32\sdnclean64.exe

2013-08-12 20:31:41 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-09 20:01:55 ----D---- C:\Program Files (x86)\VirtualDJ

2013-08-09 19:41:08 ----A---- C:\Windows\Animated Wallpaper Maker Uninstaller.exe

2013-08-09 19:41:07 ----D---- C:\Program Files (x86)\Animated Wallpaper Maker

2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll

2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvopencl.dll

2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll

2013-08-09 17:26:25 ----A---- C:\Windows\SYSWOW64\NvIFR.dll

2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvwgf2umx.dll

2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvopencl.dll

2013-08-09 17:26:25 ----A---- C:\Windows\system32\nvoglv64.dll

2013-08-09 17:26:25 ----A---- C:\Windows\system32\NvIFR64.dll

2013-08-09 17:26:25 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\NvFBC.dll

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcuda.dll

2013-08-09 17:26:24 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\NvFBC64.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvd3dumx.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuvid.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuvenc.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcuda.dll

2013-08-09 17:26:24 ----A---- C:\Windows\system32\nvcompiler.dll

2013-08-09 17:25:52 ----D---- C:\NvidiaLogging

2013-08-09 17:25:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll

2013-08-09 17:25:11 ----A---- C:\Windows\system32\nvaudcap64v.dll

2013-08-09 17:25:11 ----A---- C:\Windows\system32\drivers\nvvad64v.sys

======List of files/folders modified in the last 1 month======

2013-09-08 11:34:59 ----D---- C:\Windows\Temp

2013-09-08 11:34:58 ----RD---- C:\Program Files

2013-09-08 10:55:03 ----D---- C:\Program Files (x86)\Steam

2013-09-08 10:30:23 ----D---- C:\Windows\system32\config

2013-09-08 10:22:36 ----D---- C:\Windows\System32

2013-09-08 10:22:35 ----D---- C:\Windows\inf

2013-09-08 10:22:35 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-09-08 10:15:37 ----D---- C:\ProgramData\NVIDIA

2013-09-07 15:23:41 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-09-07 15:23:41 ----D---- C:\Windows\SYSWOW64\en-US

2013-09-07 15:23:41 ----D---- C:\Windows\SysWOW64

2013-09-07 15:23:41 ----D---- C:\Program Files\Internet Explorer

2013-09-07 15:23:41 ----D---- C:\Program Files (x86)\Internet Explorer

2013-09-07 14:54:57 ----HD---- C:\ProgramData

2013-09-07 14:49:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-09-06 19:23:39 ----D---- C:\Users\Finn\AppData\Roaming\uTorrent

2013-09-06 19:18:37 ----RD---- C:\Program Files (x86)

2013-09-06 16:31:06 ----A---- C:\Windows\ntbtlog.txt

2013-09-06 16:21:32 ----SHD---- C:\System Volume Information

2013-09-05 19:27:49 ----D---- C:\Windows\Prefetch

2013-09-05 16:22:43 ----RSD---- C:\Windows\assembly

2013-09-03 19:49:40 ----SHD---- C:\Windows\Installer

2013-09-03 19:49:37 ----RD---- C:\Program Files (x86)\Skype

2013-09-03 17:02:33 ----SD---- C:\ProgramData\Microsoft

2013-09-03 16:59:16 ----D---- C:\Windows\system32\catroot2

2013-09-02 10:18:08 ----D---- C:\Users\Finn\AppData\Roaming\XBMC

2013-08-29 17:19:35 ----D---- C:\Windows

2013-08-29 15:31:41 ----D---- C:\Users\Finn\AppData\Roaming\.minecraft

2013-08-28 14:48:30 ----D---- C:\ProgramData\Microsoft Help

2013-08-27 13:34:27 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe

2013-08-26 19:14:33 ----D---- C:\Windows\rescache

2013-08-26 13:11:16 ----D---- C:\Windows\system32\DriverStore

2013-08-26 13:11:16 ----D---- C:\Windows\system32\catroot

2013-08-26 13:11:03 ----D---- C:\Windows\system32\drivers

2013-08-26 12:42:13 ----D---- C:\Users\Finn\AppData\Roaming\BSplayer

2013-08-25 21:48:57 ----D---- C:\Users\Finn\AppData\Roaming\Spotify

2013-08-25 18:21:59 ----RSD---- C:\Windows\Fonts

2013-08-25 17:25:26 ----D---- C:\Program Files (x86)\NVIDIA Corporation

2013-08-14 20:06:39 ----D---- C:\Windows\Microsoft.NET

2013-08-14 17:56:34 ----D---- C:\Windows\winsxs

2013-08-14 17:54:26 ----D---- C:\Windows\system32\nl-NL

2013-08-14 17:54:23 ----D---- C:\Windows\AppPatch

2013-08-14 17:36:55 ----A---- C:\Windows\system32\MRT.exe

2013-08-14 15:00:07 ----D---- C:\Windows\Minidump

2013-08-12 20:32:19 ----D---- C:\Windows\system32\Tasks

2013-08-11 21:01:16 ----D---- C:\ProgramData\Package Cache

2013-08-09 19:41:07 ----D---- C:\Program Files (x86)\Common Files

2013-08-09 17:25:29 ----D---- C:\Program Files\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-12-21 57904]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-23 283200]

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-12-21 150616]

R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-12-21 59440]

R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-12-21 190232]

R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-12-21 213416]

R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-10-28 215104]

R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\DRIVERS\FLxHCIh.sys [2010-10-28 81984]

R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-17 2298400]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-05-14 39712]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]

S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]

S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-07-04 131856]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

S3 winusb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\winusb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 2470736]

R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14984480]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-14 76888]

R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560]

R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688]

R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-08-28 563624]

S2 AutoKMS;AutoKMS; C:\Windows\AutoKMS\AutoKMS.exe [2013-06-26 732160]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-14 257416]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21 116648]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-05 117656]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-22 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Hoi,

  1. Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

autoclean;
startupall;
filesrcm;
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection];r64
C:\Users\Finn\AppData\Roaming\Search Protection;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"ASRockOCTuner"=-;r
"zASRockInstantBoot"=-;r
"ASRockIES"=-;r
uninstall-list;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

[*]Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht.

Link naar reactie
Delen op andere sites

Hoi,

  1. Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

autoclean;
startupall;
filesrcm;
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection];r64
C:\Users\Finn\AppData\Roaming\Search Protection;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"ASRockOCTuner"=-;r
"zASRockInstantBoot"=-;r
"ASRockIES"=-;r
uninstall-list;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

[*]Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht.

dit is het logje van zoek:

Zoek.exe Version 4.0.0.4 Updated 07-September-2013

Tool run by Finn on zo 08-09-2013 at 15:55:43,12.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Finn\Desktop\zoek\zoek.exe [script inserted]

==== System Restore Info ======================

8-9-2013 15:56:30 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E9CDFE87-DAD8-4D30-80AC-73815A5DF510} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ASRockOCTuner"=-

"zASRockInstantBoot"=-

"ASRockIES"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]

==== Deleting Files \ Folders ======================

"C:\Users\Finn\AppData\Roaming\Tunngle\Local.key" deleted

"C:\Users\Finn\AppData\Roaming\Tunngle\Local.pub" deleted

"C:\Users\Finn\AppData\Roaming\Tunngle" deleted

"C:\Users\Finn\AppData\Roaming\Search Protection" deleted

"C:\Users\Finn\AppData\Roaming\Search Protection" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\Package Cache" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-09 17:41:08 8EECACB73ABE4C3B5DD79E1E1891FD50 162577 ----a-w- C:\Windows\Animated Wallpaper Maker Uninstaller.exe

====== C:\Users\Finn\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-08-26 11:03:26 68EF855725F65A5C3C24F78D33388F30 238352 ----a-w- C:\Windows\Sysnative\drivers\VBoxDrv.sys

2013-08-26 11:03:06 F3CF9F56C2A8AEB50EB679DC76902BE0 120080 ----a-w- C:\Windows\Sysnative\drivers\VBoxUSBMon.sys

2013-08-14 13:34:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-08-14 13:33:57 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-08-12 18:32:51 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-08-09 15:26:25 7A711D08F1FD1AB8149B6199F84A0EB7 11216160 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2013-08-09 15:25:11 92E4BEE1A9EC0572F794B5BAECC0B599 39712 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys

====== C:\Windows\Tasks ======

2013-08-12 18:32:19 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking

2013-08-10 19:22:35 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{1E557B1C-CD06-47AC-A839-BDBA171E5A1A}

2013-08-10 19:21:27 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{47904C2F-238D-48E6-B710-51BC3C9D9806}

2013-08-10 19:20:56 7373A75F3214ECB6AA17BB843EC9FB52 2960 ----a-w- C:\Windows\Sysnative\Tasks\{08A2EB4A-1B3E-43FA-969F-82264022ADE6}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-09-08 09:34:58 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

2013-08-30 09:54:05 -------- d-----w- C:\Program Files (x86)\Environment Simulating Studio

2013-08-29 16:08:32 -------- d-----w- C:\Program Files (x86)\Euro Truck Simulator 2

2013-08-29 15:55:50 -------- d-----w- C:\Program Files (x86)\Cheat Engine 6.3

2013-08-25 19:30:06 -------- d-----w- C:\Program Files (x86)\Opera

2013-08-14 09:00:59 -------- d-----w- C:\Program Files (x86)\Saints Row The Third

2013-08-12 18:31:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-09 18:01:55 -------- d-----w- C:\Program Files (x86)\VirtualDJ

2013-08-09 17:41:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software

2013-08-09 17:41:07 -------- d-----w- C:\Program Files (x86)\Animated Wallpaper Maker

======= C: =====

====== C:\Users\Finn\AppData\Roaming ======

2013-09-07 12:58:55 DA7C1C4CBA0CDC50E056757D419A3B52 36 ----a-w- C:\users\Finn\AppData\Roaming\mbam.context.scan

2013-09-05 14:23:19 -------- d-----w- C:\users\Finn\AppData\Local\EdgeOfReality

2013-09-02 14:05:14 -------- d-----w- C:\users\Finn\AppData\Local\Arma 3 Alpha

2013-08-26 18:11:08 -------- d-----w- C:\users\Finn\AppData\Locallow\Sony Online Entertainment

2013-08-26 18:11:08 -------- d-----w- C:\users\Finn\AppData\Local\SCE

2013-08-25 19:30:08 -------- d-----w- C:\users\Finn\AppData\Roaming\Opera Software

2013-08-25 19:30:08 -------- d-----w- C:\users\Finn\AppData\Local\Opera Software

2013-08-10 19:23:34 -------- d-----w- C:\users\Finn\AppData\Local\Nem's Tools

2013-08-09 18:01:59 -------- d-----w- C:\users\Finn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ

2013-08-09 17:41:08 -------- d-----w- C:\users\Finn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper Maker

====== C:\Users\Finn ======

2013-09-08 09:34:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Desktop\RSITx64.exe

2013-09-08 09:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Downloads\RSITx64.exe

2013-09-07 12:54:57 -------- d-----w- C:\ProgramData\GFACE

2013-09-06 16:25:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games

2013-09-02 13:37:25 0CF1BA4E47F3C040B0AEE820F8A868B4 263565262 ----a-w- C:\Users\Finn\Downloads\ARMA_III_Alpha_patch_nosTEAM.exe

2013-08-30 09:54:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Dimension

2013-08-29 16:09:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2

2013-08-29 15:55:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

2013-08-29 15:53:49 707B6F530651A1DBAA7F5D40121A8D0E 8065840 ----a-w- C:\Users\Finn\Downloads\CheatEngine63.exe

2013-08-26 11:05:24 -------- d-----w- C:\Users\Finn\VirtualBox VMs

2013-08-26 11:04:29 -------- d-----w- C:\Users\Finn\.VirtualBox

2013-08-26 11:00:50 E0A35854A22EDFF0F9D9D5658A38582A 99776784 ----a-w- C:\Users\Finn\Downloads\VirtualBox-4.2.16-86992-Win.exe

2013-08-25 19:34:55 6D4FAC78CB072237613DAF9F68F1F28B 27891222 ----a-w- C:\Users\Finn\Downloads\tor-browser-2.3.25-12_en-US.exe

2013-08-25 19:29:28 D7DD0F2889B6CB7163FAE90E93DF3C20 31026832 ----a-w- C:\Users\Finn\Downloads\Opera_15.0.1147.153_Setup.exe

2013-08-25 16:06:45 AF3DA615759D7E22B6C9CD6E9E818C72 4067176 ----a-w- C:\Users\Finn\Downloads\Tunngle_Setup_v4.5.1.2.exe

2013-08-12 18:32:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-08-12 18:31:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

====== C: exe-files ==

2013-09-08 09:34:59 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Finn.exe

2013-09-08 09:34:22 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Desktop\RSITx64.exe

2013-09-08 09:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Finn\Downloads\RSITx64.exe

2013-09-08 08:16:22 0EFD2A0808C335C86A3C62FCFB1415DA 54368 ----a-w- C:\Users\Finn\Desktop\shexview\shexview.exe

2013-09-06 16:53:16 7FC914AE446E6979416751876A79B4B0 266752 ----a-r- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\Launcher.exe

2013-09-06 16:24:58 06425F0A71E21E37EE5FDFA84A62AF9B 5104128 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\Scribble.exe

2013-09-06 16:23:20 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\DirectXRedist\DXSETUP.exe

2013-09-06 16:23:17 21598B8A68FBB191200AEDB69D47CB57 716275 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RBNQPDG\Scribblenauts Unlimited\unins000.exe

2013-09-06 15:53:25 D6A62223E929358EBC5638890C4D5710 1777152 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\SubmitReport.exe

2013-09-06 15:53:25 9FC34BB5D585F09320BB799E7E29222B 15066464 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe

2013-09-06 15:23:16 B48BC95225FDD280DAC5A6C57BF5559A 2275760 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004b67\dao.16810112.exe

2013-09-05 13:57:08 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Loadout\_CommonRedist\DirectX\Jun2010\DXSETUP.exe

2013-09-04 15:43:28 514FC42D49F76C16CC1839A6B9D3AC05 1611104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_29.0.1547.62_chrome_updater.exe

2013-09-04 15:18:29 E11581E3DC370632791DE54C0DF7455E 2259320 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ad4\dao.16798210.exe

2013-09-04 15:18:00 211226DF07F88FE163B5E63EA2189874 70144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vvis.exe

2013-09-04 15:18:00 1974D26B426AD069FD0330C5F4E8591A 70144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vtex.exe

2013-09-04 15:17:58 B57B2F6ABD597314475C5E7061C0ABFA 79872 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vrad.exe

2013-09-04 15:17:58 B48DA50CDAD4A9841040B6A050B7BA60 92072 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe

2013-09-04 15:17:57 8EA05090443953C237248C5AB86FA93B 134144 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\splitskybox.exe

2013-09-04 15:17:56 FB3C87A2C8D67F79A4B8DD4B3173B21E 79360 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\shadercompile.exe

2013-09-04 15:17:56 7A6BFAA6E613A54E4E6C95492BA4F04E 179200 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\captioncompiler.exe

2013-09-04 15:17:55 F9A6258880D7C98CA3A73D0A7CDAD33B 145408 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hammer.exe

2013-09-04 15:17:55 78F0F46D360AB354C0B4961B26B52510 252416 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\glview.exe

2013-09-04 15:17:51 F058FA5C8B60AE99D93924A1B3415B5F 685056 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\pfm2tgas.exe

2013-09-04 15:17:51 ECBF8E977E8357BAC22EEC19976FB553 3322368 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\elementviewer.exe

2013-09-04 15:17:51 E9C067C451B0BB3098436DE2F427C541 737792 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\normal2ssbump.exe

2013-09-04 15:17:51 CF489298AB8575B6E577C0EC8543BB1E 2745856 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\qc_eyes.exe

2013-09-04 15:17:51 CF04B99D6C647B5AFCCF7758B9EC3A57 525824 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlmv.exe

2013-09-04 15:17:51 CA78B77392D4C9DD23667A9BE0B66DCE 756224 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2ssbump.exe

2013-09-04 15:17:51 C72EA4CF3D17A5C6E8E45E159BF49151 1775616 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxedit.exe

2013-09-04 15:17:51 9464DB27CC54ADFA9163E6BC9EC8B57E 621568 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmxconvert.exe

2013-09-04 15:17:51 928662BDDF7644616A1FC2FFEDB90124 1520640 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vbsp.exe

2013-09-04 15:17:51 8A8C524AA9C7A096B65B8DB707AFFBFC 711168 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vpk.exe

2013-09-04 15:17:51 8591193DB998D0CB39192B78C46B2982 756224 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\mksheet.exe

2013-09-04 15:17:51 7F11D72211874D57B272AD1773E84865 357888 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\motionmapper.exe

2013-09-04 15:17:51 72C99D3BB58EE0D563D0D69B3AE1FB91 1966080 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\studiomdl.exe

2013-09-04 15:17:51 6D8BD8113509BC9EC1463AB1A19343FF 481792 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vbspinfo.exe

2013-09-04 15:17:51 45653942FEF5BF00C5D0255C948CC496 742912 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\height2normal.exe

2013-09-04 15:17:51 2AD8B8022A042D74E40C2425AD307D2D 483328 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\bspzip.exe

2013-09-04 15:17:51 1FDF2A5B563E5D7338B24F2D01AE7816 768512 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\vtf2tga.exe

2013-09-04 15:17:51 036744AF6C00945A15A49082062573B4 1740800 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\hlfaceposer.exe

2013-09-03 13:28:19 BD6514920BE8395AA37087D2FFDE9EEF 1267216 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ac7\vops-team_fortress_2.16790368.exe

2013-09-03 13:28:08 47461B9D890C2D1C725C0B9E82C76E0C 2234864 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00004ace\dao.16790368.exe

2013-09-02 13:37:25 0CF1BA4E47F3C040B0AEE820F8A868B4 263565262 ----a-w- C:\Users\Finn\Downloads\ARMA_III_Alpha_patch_nosTEAM.exe

2013-09-02 10:00:01 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe

2013-09-02 10:00:00 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-translation-frx.exe

2013-09-02 09:59:59 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDDisableProxy.exe

2013-09-02 09:59:59 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe

=== C: other files ==

2013-09-08 13:53:33 2EBACA5D89D5BECB1197FECBC97EFDD7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$IA7IZ9L.zip

2013-09-08 13:50:33 D7B842F8E99848C71BEFB062B9B22070 3754639 ----a-w- C:\$Recycle.Bin\S-1-5-21-1329758275-923032009-2089121907-1000\$RA7IZ9L.zip

2013-09-07 12:58:27 A8A229705C242FD8493D8D62481254AB 65973 ----a-w- C:\Users\Finn\Desktop\shexview.zip

2013-09-07 12:58:21 A8A229705C242FD8493D8D62481254AB 65973 ----a-w- C:\Users\Finn\Downloads\shexview.zip

2013-09-05 18:33:37 FD097BAB93F501A5055415F9E96508EC 2277 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip

2013-09-05 18:33:37 367A7716893FD4870FBBDB1CB95C016C 2267 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip

2013-09-05 18:33:36 FF658496C639E15BF892422C152512CD 2546 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0001.zip

2013-09-05 18:33:36 ECB142AF0A6BE39A8F5C172537A8C4BB 2621 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip

2013-09-05 18:33:36 E7E0F9D902EFDD4378E9F1616F2F79E7 2603 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0001.zip

2013-09-05 18:33:36 E261D9FE1A10DF8EA210DAEDD1F77846 2596 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0001.zip

2013-09-05 18:33:36 C4F9ADBFBC8A09480754557CAC4F779D 2618 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0001.zip

2013-09-05 18:33:36 8BB2A061DB4C1B00696F99EC4F45FD41 2577 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0001.zip

2013-09-05 18:33:36 7AA26653D3189D69DFF2C734C8F8457E 5976 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0001.zip

2013-09-05 18:33:36 754BF984430A6C42E133197BBAAF2EF6 2706 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip

2013-09-05 18:33:36 2D9B829CFFAC364EA2C2BA304A967A9C 2651 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0001.zip

2013-09-05 18:33:36 0C0B061DDEE39D60059A6F3286C72549 2271 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip

2013-09-04 15:17:51 FD1FD353658A25D495532AB0FD6F11B0 7337896 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\itemtest.com

2013-09-02 13:06:05 80E7046625E69B0092617AD6F862FF6A 4693 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip

2013-09-02 13:06:02 54EB946A54A5D4397B1013AA238C7D95 4683 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip

2013-09-02 13:06:01 F1A6B3042EE0D6220069BAE7201021EA 5089 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip

2013-09-02 13:06:01 D626B6A3DA9EAF1885E1691C458E3D03 5119 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip

2013-09-02 13:06:01 C33A95FC8E33846AA04D70C0ADEA84AB 36890 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip

2013-09-02 13:06:01 B36EC62483E19474621FFF042D3D5072 5052 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip

2013-09-02 13:06:01 89092EA217860A28D05D6926301D0779 4686 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip

2013-09-02 13:06:01 751B3ADDA97A5BD0BC07833F0A25EACE 5018 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip

2013-09-02 13:06:01 5B2CD8D4DC5B60E2B10ED2C217B40EA0 5022 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip

2013-09-02 13:06:01 415DC39B6DD3755A0294C3A53AA9B750 5100 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip

2013-09-02 13:06:01 32B53E4754A5A70722F4A4DB82B53158 5011 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip

2013-09-02 13:06:01 305DD17187C2BAA0B09EBC9C7EBC3510 5054 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip

2013-09-02 13:06:01 146558424AEF2EEA3CAB3D1124878D40 5164 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip

2013-09-02 13:06:01 133663E94FCDAFE46CB1A7FA69A0FBBD 5121 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip

2013-09-02 13:06:01 03AA52C16D68AC3A355B65F873705916 4961 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip

2013-09-02 13:06:00 4BC39AAB3766F58ECF2F9B9BD5C32BD9 4713 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip

2013-09-02 13:06:00 3D201074196B847C177AC055ABF85E6C 4713 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip

2013-09-02 12:43:05 1C09663AB5042E801CD1C0160E27396D 55082507 ----a-w- C:\Users\Finn\Downloads\Arma3_Alpha_nosTEAM.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Starter"="C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"

"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Clownfish]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Clownfish"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Clownfish\\Clownfish.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Lite"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LogMeIn Hamachi Ui"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RESTART_STICKY_NOTES]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RESTART_STICKY_NOTES"

"hkey"="HKCU"

"command"="C:\\Windows\\System32\\StikyNot.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify"

"hkey"="HKCU"

"command"="\"C:\\Users\\Finn\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\Finn\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-07-2013 16:55]

C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [26-06-2013 20:40]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-06-2013 20:33]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-06-2013 20:33]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default

- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Finn\AppData\Roaming\Mozilla\Firefox\Profiles\z262q5gu.default

0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14-08-2013 11:12]

http //www.totaljerkface.com/ - Finn - Default\Extensions\acofpjmahanncjpdfmiidfafjjgkolfm

GFACE Experience Plugin - Finn - Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol

https //bankieren.triodos.nl/ib-seam/pages/ho - Finn - Default\Extensions\foppfknfmidokhggnfjnnemdblenooch

AdBlock - Finn - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

http //www.hackforums.net/ - Finn - Default\Extensions\ifkncmdkhbbjnkgljainlbpggcldahop

Skype for Chromium - Finn - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://nl.search.yahoo.com?type=512435&fr=spigot-yhp-ie"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{E9CDFE87-DAD8-4D30-80AC-73815A5DF510}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9CDFE87-DAD8-4D30-80AC-73815A5DF510}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

HKEY_USERS\S-1-5-21-1329758275-923032009-2089121907-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Uninstall List x64 ======================

æTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]

Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

AIDA64 Extreme Edition v2.85 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AIDA64 Extreme Edition_is1]

Animated Wallpaper Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Animated Wallpaper Maker]

ASRock IES v2.0.61 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock IES_is1]

ASRock InstantBoot v1.24 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock InstantBoot_is1]

ASRock OC DNA v1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock OC DNA_is1]

ASRock OC Tuner v2.3.54 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASRock OC Tuner_is1]

BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf]

Cheat Engine 6.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cheat Engine 6.3_is1]

Clownfish for Skype [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Clownfish]

Core Temp 1.0 RC5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1]

CPU Speed Pro version 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1]

DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]

Driver Genius [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1]

ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45CA4B17-F1C4-4058-8164-367AA349D85A}]

Euro Truck Simulator 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1]

FarCry 3 v1.05 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FarCry 3 v1.05]

Fresco Logic USB3.0 Host Controller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A445B6F1-C69E-4F0F-B3F8-79A5C7A6066B}]

Garry's Mod [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 4000]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

Java 7 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217025FF}]

Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

Loadout [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 208090]

LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}]

LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LogMeIn Hamachi]

Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]

Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4567EA14-6BCA-3EF9-859B-92CE48B1D704}]

Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}]

Microsoft .NET Framework 4 Extended NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{021B6358-4373-3FC0-A0B4-4709B7E0D3E5}]

Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F2508213-9989-4E85-A078-72BE483917EF}]

Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}]

Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}]

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a1909659-0a08-4554-8af1-2175904903a1}]

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8e70e4e1-06d7-470b-9f74-a51bef21088e}]

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{764384C5-BCA9-307C-9AAC-FD443662686A}]

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}]

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}]

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}]

Mozilla Firefox 23.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 23.0.1 (x86 nl)]

Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]

Need for Speed Most Wanted [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Need for Speed Most Wanted_R.G. Mechanics_is1]

NewProject [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A72A4ACD-46E1-48B3-9174-8FCB1F29C74B}]

NewsLeecher v5.0 Beta 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NewsLeecher_is1]

Notepad++ [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++]

NVIDIA-configuratiescherm 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]

NVIDIA 3D Vision controllerstuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB]

NVIDIA 3D Vision stuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]

NVIDIA GeForce Experience 1.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience]

NVIDIA Grafisch stuurprogramma 320.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]

NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]

NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}]

NVIDIA PhysX systeemsoftware 9.13.0604 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]

NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]

NVIDIA Update 7.2.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]

NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update]

NVIDIA Virtual Audio 1.2.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver]

NZBEE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BFF165A-A27B-4A98-A65C-6E82A5FBF318}]

NZBEE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NZBEE]

Opera Stable 15.0.1147.153 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Opera 15.0.1147.153]

PerformanceTest v7.0 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PerformanceTest 7_is1]

QuickPar 0.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickPar]

Real Environment Dimension version 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAE84355-9B64-4B00-93B1-CCE4C8A49087}_is1]

Realtek Ethernet Controller Driver For Windows 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]

Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]

Scribblenauts Unlimited [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Scribblenauts Unlimited_is1]

Search Protection [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection]

SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv]

Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]

SkypeT 6.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]

Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]

Spotnet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12947715-B6F0-4597-816F-5E13FB647921}_is1]

Spotnet Improver Local v2.0-rc1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Spotnet Improver Local_is1]

Spybot - Search & Destroy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1]

Steam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{048298C9-A4D3-490B-9FF9-AB023A9238F3}]

Sumotori Full Version [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sumotori Full Version]

Team Fortress 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 440]

Virtual DJ Pro Full - Atomix Productions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Virtual DJ Pro Full - Atomix Productions]

Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B48B0AC-C813-4174-9042-476A887592C7}]

WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

XBMC [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\XBMC]

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Finn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Finn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Finn\AppData\Local\Mozilla\Firefox\Profiles\z262q5gu.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Finn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Finn\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 08-09-2013 at 16:05:00,51 ======================

En dit is het logje van de malware:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.09.06.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16660

Finn :: FINNS-PC [administrator]

Bescherming: Uitgeschakeld

8-9-2013 16:09:03

mbam-log-2013-09-08 (16-09-03).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 242365

Verstreken tijd: 2 minuut/minuten, 36 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Link naar reactie
Delen op andere sites

Hallo,

Start 51a612a8b27e2-Zoek.pngZoek.exe nogmaals met het onderstaande script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.


  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
     
    Search Protection;u 
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

 Delen

×
×
  • Nieuwe aanmaken...