Windows-hostprocess (Rundll32) werkt niet meer

[sunmeel]

Hallo,

Ik had vandaag na het opstarten ineens een zwart bureaublad en alle favorieten uit Chrome waren verdwenen. Als ik naar Nvidia settings wil gaan, kreeg ik een foutmelding "Windows-hostprocess (Rundll32) werkt niet meer". Ook was er ineens een map "updatususer" verschenen.

Ik had gelezen dat het misschien aan een update van Nvidia kon liggen. Nu heb ik inmiddels systeemherstel gebruikt om terug te gaan naar het laatste herstelpunt en mijn favorieten zijn terug. Echter, ik kan nog steeds Nvidia settings niet openen, ik krijg dezelfde melding steeds.

Voordat ik de drivers van Nvidia ga updaten en ik misschien hetzelfde probleem krijg, wil ik heel graag weten of het inderdaad aan Nvidia Update ligt of dat de foutmelding ergens anders mee te maken heeft.

Ik hoor graag van jullie wat ik het beste kan doen, alvast dank voor de moeite!

[kape]

UpdatusUser: Deze gebruikersaccount wordt in stilte op de computer gezet als er een videokaart van nVidia in uw computer zit en automatisch updaten is ingesteld. Met deze gebruiker zorgt de fabrikant van de videokaart dat de nieuwste stuurprogramma's in de achtergrond geïnstalleerd kunnen worden. Lekker laten staan.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[sunmeel]

Bij deze het log van RSIT (Vista 32-bit).

Logfile of random's system information tool 1.09 (written by random/random)

Run by Sunny at 2013-11-03 17:05:35

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 135 GB (36%) free of 370 GB

Total RAM: 3326 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:05:37, on 3-11-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Sunny\Downloads\RSIT.exe

C:\Program Files\trend micro\Sunny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Sunny\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 8e650b004fba47d0b5de149b408ffb9b-0c7d2d55d4e2f0a68425b7b133558f9c53f08c68 --CMPID 0913b

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Realtek11nSU - Realtek - C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--

End of file - 7036 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-03 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-03 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2013-09-23 4411952]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-01 4702208]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2012-12-19 3273136]

"AVG-Secure-Search-Update_0913b"=C:\Users\Sunny\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 8e650b004fba47d0b5de149b408ffb9b-0c7d2d55d4e2f0a68425b7b133558f9c53f08c68 --CMPID 0913b []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-04-05 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

C:\Windows\Skytel.exe [2007-08-03 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

C:\Users\Sunny\AppData\Roaming\Spotify\Spotify.exe [2013-07-09 4640768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Users\Sunny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-07-09 1104384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

D:\Games\Steam\Steam.exe [2013-09-21 1814440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-03 16:59:11 ----D---- C:\rsit

2013-11-03 16:59:11 ----D---- C:\Program Files\trend micro

2013-11-03 12:32:43 ----D---- C:\Windows\Sun

2013-11-03 12:32:03 ----D---- C:\ProgramData\Oracle

2013-11-03 12:32:01 ----D---- C:\ProgramData\Sun

2013-11-03 12:32:00 ----D---- C:\Program Files\Common Files\Java

2013-11-03 12:31:35 ----A---- C:\Windows\system32\javaws.exe

2013-11-03 12:31:29 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2013-11-03 12:31:28 ----A---- C:\Windows\system32\javaw.exe

2013-11-03 12:31:28 ----A---- C:\Windows\system32\java.exe

2013-11-03 12:31:14 ----D---- C:\Program Files\Java

2013-11-03 11:24:38 ----A---- C:\Windows\system32\GDIPFONTCACHEV1.DAT

2013-10-16 21:10:41 ----A---- C:\Windows\system32\vbscript.dll

2013-10-16 21:10:41 ----A---- C:\Windows\system32\mshtmled.dll

2013-10-16 21:10:40 ----A---- C:\Windows\system32\wininet.dll

2013-10-16 21:10:40 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-16 21:10:40 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-16 21:10:40 ----A---- C:\Windows\system32\ieUnatt.exe

2013-10-16 21:10:40 ----A---- C:\Windows\system32\ieui.dll

2013-10-16 21:10:39 ----A---- C:\Windows\system32\url.dll

2013-10-16 21:10:39 ----A---- C:\Windows\system32\jscript9.dll

2013-10-16 21:10:39 ----A---- C:\Windows\system32\jscript.dll

2013-10-16 21:10:39 ----A---- C:\Windows\system32\iertutil.dll

2013-10-16 21:10:38 ----A---- C:\Windows\system32\urlmon.dll

2013-10-16 21:10:38 ----A---- C:\Windows\system32\mshtml.dll

2013-10-16 21:10:37 ----A---- C:\Windows\system32\ieframe.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\FntCache.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\DWrite.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10warp.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10level9.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10core.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10_1.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d3d10.dll

2013-10-16 21:04:11 ----A---- C:\Windows\system32\d2d1.dll

2013-10-16 21:04:09 ----A---- C:\Windows\system32\win32k.sys

2013-10-16 21:04:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-16 21:04:08 ----A---- C:\Windows\system32\cdd.dll

2013-10-16 21:04:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-16 21:04:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-16 21:03:14 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-16 21:03:03 ----A---- C:\Windows\system32\atmlib.dll

2013-10-16 21:03:03 ----A---- C:\Windows\system32\atmfd.dll

2013-10-16 21:02:24 ----A---- C:\Windows\system32\comctl32.dll

2013-10-16 21:02:17 ----A---- C:\Windows\system32\drivers\hidparse.sys

======List of files/folders modified in the last 1 month======

2013-11-03 16:59:11 ----RD---- C:\Program Files

2013-11-03 16:57:06 ----D---- C:\Windows\System32

2013-11-03 16:57:06 ----D---- C:\Windows\inf

2013-11-03 16:57:06 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-03 16:52:30 ----D---- C:\ProgramData\NVIDIA

2013-11-03 13:31:08 ----D---- C:\Windows\Temp

2013-11-03 12:42:48 ----SHD---- C:\System Volume Information

2013-11-03 12:32:43 ----D---- C:\Windows

2013-11-03 12:32:09 ----SHD---- C:\Windows\Installer

2013-11-03 12:32:03 ----HD---- C:\ProgramData

2013-11-03 12:32:00 ----D---- C:\Program Files\Common Files

2013-11-03 12:23:00 ----D---- C:\Windows\system32\wbem

2013-11-03 12:21:37 ----D---- C:\Windows\winsxs

2013-11-03 12:21:37 ----D---- C:\Windows\Tasks

2013-11-03 12:21:37 ----D---- C:\Windows\system32\spool

2013-11-03 12:21:37 ----D---- C:\Windows\system32\migration

2013-11-03 12:21:37 ----D---- C:\Windows\system32\drivers

2013-11-03 12:21:37 ----D---- C:\Windows\system32\CodeIntegrity

2013-11-03 12:21:37 ----D---- C:\Windows\system32\catroot2

2013-11-03 12:21:36 ----RSD---- C:\Windows\Media

2013-11-03 12:21:34 ----D---- C:\Windows\registration

2013-11-03 12:21:34 ----D---- C:\Users\Sunny\AppData\Roaming\vlc

2013-11-03 12:21:34 ----D---- C:\ProgramData\MFAData

2013-11-03 12:21:34 ----D---- C:\Program Files\Microsoft Silverlight

2013-11-03 12:21:34 ----D---- C:\Program Files\Internet Explorer

2013-11-02 14:07:23 ----D---- C:\Windows\SoftwareDistribution

2013-11-02 14:06:37 ----D---- C:\Users\Sunny\AppData\Roaming\BitTorrent

2013-10-27 21:38:15 ----D---- C:\Windows\Minidump

2013-10-25 10:06:03 ----D---- C:\ProgramData\Origin

2013-10-25 10:05:57 ----D---- C:\Users\Sunny\AppData\Roaming\Origin

2013-10-22 20:49:03 ----D---- C:\Users\Sunny\AppData\Roaming\Spotify

2013-10-17 19:06:11 ----D---- C:\Windows\Debug

2013-10-17 18:11:20 ----D---- C:\Windows\Microsoft.NET

2013-10-17 18:10:48 ----RSD---- C:\Windows\assembly

2013-10-16 21:18:21 ----D---- C:\ProgramData\Microsoft Help

2013-10-16 21:15:02 ----D---- C:\Windows\system32\MRT

2013-10-16 21:13:13 ----A---- C:\Windows\system32\mrt.exe

2013-10-16 21:10:52 ----D---- C:\Windows\system32\catroot

2013-10-16 21:08:49 ----D---- C:\Windows\Prefetch

2013-10-14 19:47:31 ----SD---- C:\Users\Sunny\AppData\Roaming\Microsoft

2013-10-10 19:29:50 ----D---- C:\Users\Sunny\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-07-20 60216]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-07-20 246072]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-07-01 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-05 39224]

R0 pssnap;Paramount Software Snapshot Filter; C:\Windows\system32\DRIVERS\pssnap.sys [2012-12-24 16656]

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]

R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-07-20 208184]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22328]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-07-20 171320]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-03-21 182072]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-16 243128]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-02 1967576]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-19 7680]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 8939296]

R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2010-03-04 291560]

R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2010-03-04 291560]

S3 PSMounterEx;Macrium Reflect Image Explorer Driver; \??\C:\Windows\system32\drivers\psmounterex.sys [2012-12-24 55056]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 541800]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2010-01-21 370792]

R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2010-01-21 167528]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]

R2 Realtek11nSU;Realtek11nSU; C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2010-01-21 45056]

R2 ReflectService.exe;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-12-24 225552]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]

R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-08 116648]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]

S3 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-08 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-01-08 541760]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook;
  {2d8d9acc-f6d7-4362-8876-a275ca929591};c
 firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[sunmeel]

Bij deze de inhoud van het log. Ik kon er niet voor kiezen om deze applicatie als Administrator uit te voeren, maar maakt dat uit aangezien het wel resultaat opleverde?

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Sunny on zo 03-11-2013 at 18:39:49,78.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sunny\Desktop\zoek.scr [script inserted] [Checkboxes used]

==== System Restore Info ======================

3-11-2013 18:41:20 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\iMesh Applications deleted successfully

C:\Program Files\Origin Games deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Sunny\AppData\Roaming\driveridentifier deleted successfully

C:\Users\Sunny\AppData\Local\Conduit deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-736990765-511919239-2912945266-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully

HKEY_USERS\S-1-5-21-736990765-511919239-2912945266-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{2d8d9acc-f6d7-4362-8876-a275ca929591} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\Sunny\AppData\Local\CRE deleted

C:\Users\Sunny\AppData\LocalLow\Conduit deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Sunny\AppData\Local\Temp ====

2013-11-03 11:32:50 21DCEE5DCA68CB20014A9536F2FCDC5B 1007464 ----a-w- C:\Users\Sunny\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll

2013-11-03 10:27:10 EEDAE64A4251586FF2747CDD8EF734FB 67912 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\scoped_dir_5800_9006\CRX_INSTALL\plugins\np-cwmp.dll

2013-11-03 10:27:10 99F97C9FE748C37528C338A423577FCB 163256 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\scoped_dir_5800_9006\CRX_INSTALL\plugins\np-mswmp.dll

2013-11-03 10:27:10 8616DEDAB7F38082BAC480EC53C93DB2 765256 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\scoped_dir_5800_9006\CRX_INSTALL\plugins\ConduitChromeApiPlugin.dll

====== Java Cache =====

2013-11-03 11:32:43 E0A8028D07C5ABDD1C0B908DE1FE1497 90 ----a-w- C:\Users\Sunny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3d2024a1-6.0.lap

2013-11-03 11:32:44 E5A1FB83F70A49DD6BF3D7A5DDB66C66 379660 ----a-w- C:\Users\Sunny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\611ba3b0-39fc782f

2013-11-03 15:59:43 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Sunny\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-5f091bd1

====== C:\Windows\system32 =====

2013-11-03 11:31:35 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe

2013-11-03 11:31:29 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2013-11-03 11:31:28 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe

2013-11-03 11:31:28 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe

2013-11-03 10:24:38 CEDDC7EF5249093430479AE6D72B77AC 100432 ----a-w- C:\Windows\System32\GDIPFONTCACHEV1.DAT

====== C:\Windows\system32\drivers =====

2013-10-16 20:04:08 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-10-16 20:04:05 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-16 20:04:05 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-10-16 20:04:05 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-16 20:04:05 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-16 20:04:05 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-16 20:04:05 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-16 20:03:14 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-10-16 20:02:17 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-03 15:59:11 -------- d-----w- C:\Program Files\trend micro

2013-11-03 11:32:00 -------- d-----w- C:\Program Files\Common Files\Java

2013-11-03 11:31:14 -------- d-----w- C:\Program Files\Java

======= C: =====

====== C:\Users\Sunny\AppData\Roaming ======

2013-11-03 11:30:15 -------- d-----w- C:\Users\Sunny\AppData\Locallow\Sun

2013-11-03 10:34:25 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe

2013-11-03 10:28:00 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Apple

2013-11-03 10:24:59 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Western_Digital

2013-11-03 10:24:54 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Western Digital

2013-11-03 10:24:20 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Western Digital

2013-11-03 10:23:50 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-11-03 10:23:39 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\Identities

2013-11-03 10:23:30 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Temp

2013-10-24 09:37:06 -------- d-----w- C:\Users\Sunny\AppData\Local\Avg2014

====== C:\Users\Sunny ======

2013-11-03 15:58:40 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Sunny\Downloads\RSIT.exe

2013-11-03 11:33:15 0BFF11B08E82487F3C76A0B95CE588E4 199004160 ----a-w- C:\Users\Sunny\Downloads\331.65-desktop-win8-win7-winvista-32bit-international-whql.exe

2013-11-03 11:32:01 -------- d-----w- C:\ProgramData\Sun

2013-11-03 11:31:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-11-03 11:28:26 15D87D5EAD5FA2C59640FD55A69C2370 915368 ----a-w- C:\Users\Sunny\Downloads\chromeinstall-7u45 (2).exe

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\Videos

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\Pictures

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\Music

2013-11-03 10:23:48 -------- d-----r- C:\Windows\system32\config\systemprofile\Downloads

2013-11-03 10:23:37 -------- d-----r- C:\Windows\system32\config\systemprofile\Documents

2013-11-03 10:23:30 -------- d-----r- C:\Windows\system32\config\systemprofile\Favorites

2013-11-03 10:23:24 -------- d-----r- C:\Windows\system32\config\systemprofile\Desktop

2013-10-22 17:00:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==

2013-11-03 15:59:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Sunny.exe

2013-11-03 15:58:40 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Sunny\Downloads\RSIT.exe

2013-11-03 11:33:15 0BFF11B08E82487F3C76A0B95CE588E4 199004160 ----a-w- C:\Users\Sunny\Downloads\331.65-desktop-win8-win7-winvista-32bit-international-whql.exe

2013-11-03 11:31:35 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe

2013-11-03 11:31:28 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe

2013-11-03 11:31:28 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe

2013-11-03 11:31:21 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe

2013-11-03 11:31:21 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe

2013-11-03 11:31:21 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe

2013-11-03 11:31:21 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe

2013-11-03 11:31:21 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe

2013-11-03 11:31:21 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe

2013-11-03 11:31:21 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe

2013-11-03 11:31:21 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe

2013-11-03 11:31:21 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe

2013-11-03 11:31:21 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe

2013-11-03 11:31:21 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe

2013-11-03 11:31:21 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe

2013-11-03 11:31:21 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe

2013-11-03 11:31:21 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe

2013-11-03 11:31:21 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe

2013-11-03 11:31:20 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe

2013-11-03 11:31:20 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe

2013-11-03 11:31:20 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe

2013-11-03 11:31:20 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe

2013-11-03 11:31:20 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe

2013-11-03 11:31:19 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe

2013-11-03 11:28:26 15D87D5EAD5FA2C59640FD55A69C2370 915368 ----a-w- C:\Users\Sunny\Downloads\chromeinstall-7u45 (2).exe

=== C: other files ==

2013-11-03 16:31:58 AF5F20F030233FE063919B2FDE495404 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-736990765-511919239-2912945266-1000\$IKGWZNN.zip

2013-11-03 16:31:58 7B43141E355DE43719EB4585DD041A0C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-736990765-511919239-2912945266-1000\$INPZ93E.zip

2013-11-03 16:31:58 5ADB651425AB305F83FBE87412284FA5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-736990765-511919239-2912945266-1000\$IIJ3I4P.zip

2013-11-03 16:31:58 33C245FBC77EBFA02E547EA645511DC6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-736990765-511919239-2912945266-1000\$IMSLRDX.zip

2013-11-03 11:31:21 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

2013-11-03 10:27:04 246C0B10FCBCD7175B917C5ED83A9A7A 2734084 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Temp\scoped_dir_5800_9006\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-736990765-511919239-2912945266-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO"

"AVG-Secure-Search-Update_0913b"="C:\Users\Sunny\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 8e650b004fba47d0b5de149b408ffb9b-0c7d2d55d4e2f0a68425b7b133558f9c53f08c68 --CMPID 0913b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"

"RtHDVCpl"="RtHDVCpl.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe /AUTO"

"AVG-Secure-Search-Update_0913b"="C:\Users\Sunny\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 8e650b004fba47d0b5de149b408ffb9b-0c7d2d55d4e2f0a68425b7b133558f9c53f08c68 --CMPID 0913b"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ApplePhotoStreams"

"hkey"="HKCU"

"command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Lite"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iCloudServices"

"hkey"="HKCU"

"command"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skytel"

"hkey"="HKLM"

"command"="Skytel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify"

"hkey"="HKCU"

"command"="\"C:\\Users\\Sunny\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\Sunny\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Steam"

"hkey"="HKCU"

"command"="\"D:\\Games\\Steam\\Steam.exe\" -silent"

==== Startup Folders ======================

2013-06-11 19:52:21 1221 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk

2013-06-11 19:52:21 1282 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-01-2013 18:45]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-01-2013 18:45]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Apple Diagnostics" [C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\ASUS\ASUS Update Checker" [C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [13-01-2013 16:46]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Sunny\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Sunny\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

Google Drive - Sunny - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Sunny - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Sunny - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

IE Tab - Sunny - Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd

Google Wallet - Sunny - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Better Pop Up Blocker - Sunny - Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic

Gmail - Sunny - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - C:\Windows\system32\config\systemprofile - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - C:\Windows\system32\config\systemprofile - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - C:\Windows\system32\config\systemprofile - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - C:\Windows\system32\config\systemprofile - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - C:\Windows\system32\config\systemprofile - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - C:\Windows\system32\config\systemprofile - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{15984BA5-FBF8-46C2-B66C-191694FB5048}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{15984BA5-FBF8-46C2-B66C-191694FB5048} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Sunny\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Sunny\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-736990765-511919239-2912945266-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Sunny\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 8e650b004fba47d0b5de149b408ffb9b-0c7d2d55d4e2f0a68425b7b133558f9c53f08c68 --CMPID 0913b

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Realtek11nSU - Realtek - C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sunny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Sunny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Sunny\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Sunny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sunny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on zo 03-11-2013 at 21:56:15,21 ======================

[kape]

Neen, dit resultaat is OK. Dan nog even dit:

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand als bijlage in het volgende bericht.
  

AdwCleaner logbestand plaatsen

• Voeg het logbestand met de naam "AdwCleaner[s0].txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\AdwCleaner")
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[sunmeel]

Excuus voor de late reactie, alledaagse werk kwam weer aan bod. Bij deze het logbestand.

[ATTACH]28794[/ATTACH]

AdwCleaner[S0].txt

[kape]

Prima ... malware is nu wel verwijderd. Om de gebruikte tools te verwijderen, mag je dit doen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

En hoe staat het dan met het gemelde Nvidia-probleem ?

[sunmeel]

Goedenavond,

Laatste actie uitgevoerd, heel fijn om te weten dat de pc weer schoon is.

Het Nvidia-probleem heb ik niet meer, maar dat kan ook komen omdat ik net de update voor de drivers heb geïnstalleerd en daarbij heb gekozen om het onderdeel automatische update ("Geforce Experience") niet mee te installeren bij de update.

Hartelijk dank voor alle hulp!

[kape]

Dan mag je tot slot nog een cleaning uitvoeren ... en zijn we einde verhaal

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.