hulp bij malware?

[sweetsss]

Hallo,

Sinds een paar dagen heb ik problemen met mijn laptop.

De internetbrowser kan ik niet meer openen en mijn laptop is behoorlijk traag geworden.

Ik hoop dat jullie mij hierbij kunnen helpen.

met vriendelijke groet, Joyce

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[sweetsss]

Logfile of random's system information tool 1.09 (written by random/random)

Run by Joyce at 2013-11-10 20:36:42

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 44 GB (19%) free of 228 GB

Total RAM: 3002 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HP Photo Creations Messager.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DB74D06-491C-440D-305E-012400990F3E}]

Groove GFS Browser Helper - C:\Windows\system32\d33dx10.dll [2006-11-29 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-07-02 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-07-02 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-10-02 250896]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-08 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]

"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-12-24 210216]

"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-10-30 210216]

"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-06-03 450652]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]

"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 206128]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-10-28 154136]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-10-28 150040]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-10-28 178712]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 516912]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-04-15 337432]

"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152]

"mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe []

"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2013-09-24 516912]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-06 39408]

"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-06-06 102400]

"HP Photosmart 5510 series (NET)"=C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2011-05-25 1801064]

"Facebook Update"=C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-17 138096]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-03-01 18643560]

"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-09-04 1564528]

""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]

C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-10-28 221184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

"NoDrives"=0

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.l3codecp"=l3codecp.acm

"vidc.XVID"=xvidvfw.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"vidc.divx"=divx.dll

"vidc.yv12"=divx.dll

"vidc.ffds"=ff_vfw.dll

"vidc.vp62"=vp6vfw.dll

"msacm.ac3filter"=ac3filter.acm

"msacm.lameacm"=LameACM.acm

"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-11-10 20:36:43 ----D---- C:\Program Files\trend micro

2013-11-10 20:36:42 ----D---- C:\rsit

2013-11-10 10:33:57 ----D---- C:\AdwCleaner

2013-11-10 07:51:50 ----ASH---- C:\hiberfil.sys

2013-11-10 07:45:50 ----A---- C:\Windows\ntbtlog.txt

2013-11-10 07:05:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-11-10 07:05:11 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-11-07 00:03:12 ----D---- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse

2013-11-06 23:06:25 ----D---- C:\Program Files\iPod

2013-11-06 23:06:11 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-11-06 22:57:58 ----A---- C:\Windows\system32\drivers\HipShieldK.sys

2013-11-06 03:21:36 ----D---- C:\Users\Joyce\AppData\Roaming\Anvate Games

2013-11-06 03:19:05 ----D---- C:\Users\Joyce\AppData\Roaming\Silverback Games

2013-11-06 01:58:26 ----D---- C:\Games

2013-11-06 01:58:03 ----D---- C:\Program Files\tanzuki

2013-11-05 07:33:07 ----D---- C:\Users\Joyce\AppData\Roaming\Legacy Games

2013-11-04 23:36:33 ----D---- C:\Program Files\Mobogenie

2013-11-04 23:33:19 ----A---- C:\Windows\Hidden Mysteries - Notre Dame Uninstall Log.txt

2013-11-04 12:00:10 ----D---- C:\Users\Joyce\AppData\Roaming\Friendly Cactus

2013-11-03 22:35:32 ----D---- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa

2013-11-03 19:42:37 ----D---- C:\Windows\Hidden Mysteries - Notre Dame

2013-11-03 19:38:04 ----A---- C:\Windows\Hidden Mysteries - Notre Dame Setup Log.txt

2013-11-03 13:46:38 ----A---- C:\Windows\Rite of Passage 2- Child of the Forest CE Uninstall Log.txt

2013-11-03 06:51:00 ----D---- C:\Windows\Rite of Passage 2- Child of the Forest CE

2013-11-03 06:50:31 ----A---- C:\Windows\Rite of Passage 2- Child of the Forest CE Setup Log.txt

2013-10-28 04:30:07 ----D---- C:\Users\Joyce\AppData\Roaming\Mad Head Games

2013-10-25 01:31:46 ----D---- C:\Users\Joyce\AppData\Roaming\Hidden Objects LesMiserables

2013-10-25 01:07:26 ----D---- C:\Users\Joyce\AppData\Roaming\8Floor

2013-10-25 00:34:35 ----D---- C:\Users\Joyce\AppData\Roaming\blg

2013-10-25 00:34:35 ----D---- C:\ProgramData\blg

2013-10-23 10:33:45 ----A---- C:\Windows\system32\drivers\ssudmdm.sys

2013-10-23 10:33:45 ----A---- C:\Windows\system32\drivers\ssudbus.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadwh.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadmdm.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys

2013-10-23 10:32:01 ----A---- C:\Windows\system32\drivers\ssadcm.sys

2013-10-23 10:32:00 ----A---- C:\Windows\system32\drivers\ssadbus.sys

2013-10-23 10:14:13 ----A---- C:\Windows\system32\Redemption.dll

2013-10-23 10:12:03 ----A---- C:\Windows\system32\drivers\dgderdrv.sys

2013-10-23 10:12:03 ----A---- C:\Windows\system32\dgderapi.dll

2013-10-23 10:03:01 ----D---- C:\ProgramData\Samsung

2013-10-13 16:36:21 ----A---- C:\Windows\system32\mshtmled.dll

2013-10-13 16:36:20 ----A---- C:\Windows\system32\vbscript.dll

2013-10-13 16:36:18 ----A---- C:\Windows\system32\ieui.dll

2013-10-13 16:36:17 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-13 16:36:17 ----A---- C:\Windows\system32\ieUnatt.exe

2013-10-13 16:36:16 ----A---- C:\Windows\system32\wininet.dll

2013-10-13 16:36:16 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-13 16:36:15 ----A---- C:\Windows\system32\jscript9.dll

2013-10-13 16:36:15 ----A---- C:\Windows\system32\jscript.dll

2013-10-13 16:36:14 ----A---- C:\Windows\system32\url.dll

2013-10-13 16:36:13 ----A---- C:\Windows\system32\iertutil.dll

2013-10-13 16:36:11 ----A---- C:\Windows\system32\urlmon.dll

2013-10-13 16:36:10 ----A---- C:\Windows\system32\mshtml.dll

2013-10-13 16:36:08 ----A---- C:\Windows\system32\ieframe.dll

2013-10-11 17:12:07 ----A---- C:\Windows\system32\DWrite.dll

2013-10-11 17:12:06 ----A---- C:\Windows\system32\FntCache.dll

2013-10-11 17:12:05 ----A---- C:\Windows\system32\d3d10warp.dll

2013-10-11 17:12:05 ----A---- C:\Windows\system32\d3d10level9.dll

2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10core.dll

2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-10-11 17:12:04 ----A---- C:\Windows\system32\d3d10.dll

2013-10-11 17:12:04 ----A---- C:\Windows\system32\d2d1.dll

2013-10-11 17:12:03 ----A---- C:\Windows\system32\d3d10_1.dll

2013-10-11 17:11:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-11 17:11:53 ----A---- C:\Windows\system32\cdd.dll

2013-10-11 17:11:46 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 17:11:41 ----A---- C:\Windows\system32\win32k.sys

2013-10-11 17:10:16 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-11 17:10:15 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-11 17:10:14 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-11 17:10:14 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-11 17:10:13 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-11 17:10:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-11 17:09:58 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2013-10-11 17:09:44 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-11 17:09:31 ----A---- C:\Windows\system32\atmfd.dll

2013-10-11 17:09:28 ----A---- C:\Windows\system32\atmlib.dll

2013-10-11 17:09:17 ----A---- C:\Windows\system32\comctl32.dll

2013-10-11 17:09:04 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-11 17:09:02 ----A---- C:\Windows\system32\drivers\hidparse.sys

======List of files/folders modified in the last 1 month======

2013-11-10 20:37:00 ----D---- C:\Windows\Temp

2013-11-10 20:36:43 ----D---- C:\Program Files

2013-11-10 20:36:23 ----A---- C:\ProgramData\HPWALog.txt

2013-11-10 20:36:05 ----D---- C:\Windows\System32

2013-11-10 20:36:05 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-10 20:36:04 ----D---- C:\Windows\inf

2013-11-10 20:35:50 ----D---- C:\Windows\system32\drivers

2013-11-10 20:30:29 ----D---- C:\ProgramData

2013-11-10 18:31:24 ----D---- C:\Windows\Tasks

2013-11-10 18:31:24 ----D---- C:\Windows\system32\Tasks

2013-11-10 18:31:24 ----D---- C:\Program Files\Mozilla Firefox

2013-11-10 18:31:18 ----D---- C:\Users\Joyce\AppData\Roaming\Uniblue

2013-11-10 18:22:36 ----RSD---- C:\Windows\assembly

2013-11-10 17:26:58 ----D---- C:\Windows\ServiceProfiles

2013-11-10 10:40:41 ----D---- C:\Program Files\Common Files

2013-11-10 10:39:30 ----D---- C:\ProgramData\Uniblue

2013-11-10 07:55:53 ----D---- C:\Users\Joyce\AppData\Roaming\Skype

2013-11-10 07:45:50 ----D---- C:\Windows

2013-11-10 05:31:55 ----SHD---- C:\System Volume Information

2013-11-07 03:56:21 ----D---- C:\Windows\system32\catroot

2013-11-07 03:56:06 ----D---- C:\Program Files\Common Files\McAfee

2013-11-07 03:53:28 ----D---- C:\ProgramData\McAfee

2013-11-07 02:46:06 ----D---- C:\Users\Joyce\AppData\Roaming\Azureus

2013-11-07 01:52:51 ----D---- C:\Users\Joyce\AppData\Roaming\Funlinker

2013-11-07 01:18:09 ----D---- C:\Program Files\Foxy Games

2013-11-06 23:10:05 ----SHD---- C:\Windows\Installer

2013-11-06 23:08:09 ----D---- C:\Program Files\iTunes

2013-11-06 23:06:24 ----D---- C:\Program Files\Common Files\Apple

2013-11-06 22:50:22 ----D---- C:\Users\Joyce\AppData\Roaming\BlamGames

2013-11-06 15:31:38 ----D---- C:\Users\Joyce\AppData\Roaming\AlawarEntertainment

2013-11-06 02:19:38 ----D---- C:\Users\Joyce\AppData\Roaming\Deep Shadows

2013-11-06 02:15:49 ----D---- C:\Users\Joyce\AppData\Roaming\YoudaGames

2013-11-06 00:36:56 ----D---- C:\Users\Joyce\AppData\Roaming\PlayFavoriteGames

2013-11-05 23:32:41 ----D---- C:\Users\Joyce\AppData\Roaming\ERS Game Studios

2013-11-05 16:23:51 ----D---- C:\Users\Joyce\AppData\Roaming\Elephant Games

2013-11-05 06:45:32 ----AD---- C:\ProgramData\Temp

2013-11-04 22:21:36 ----D---- C:\Program Files\BigJig

2013-11-04 21:56:07 ----D---- C:\Zylom Games

2013-11-04 21:55:46 ----D---- C:\Program Files\RealArcade

2013-11-04 16:50:40 ----D---- C:\Users\Joyce\AppData\Roaming\Gogii

2013-11-04 08:00:32 ----D---- C:\Users\Joyce\AppData\Roaming\DailyMagic

2013-11-04 08:00:32 ----D---- C:\ProgramData\DailyMagic

2013-11-03 21:52:26 ----D---- C:\Users\Joyce\AppData\Roaming\GameMill Entertainment

2013-11-03 20:33:32 ----D---- C:\Program Files\Denda Games

2013-11-03 03:33:56 ----D---- C:\Users\Joyce\AppData\Roaming\SulusGames

2013-11-03 03:33:56 ----D---- C:\ProgramData\SulusGames

2013-11-03 03:32:02 ----D---- C:\Program Files\Games

2013-11-02 16:00:45 ----D---- C:\Users\Joyce\AppData\Roaming\vlc

2013-10-28 04:49:00 ----D---- C:\Users\Joyce\AppData\Roaming\casualArts

2013-10-28 04:49:00 ----D---- C:\ProgramData\casualArts

2013-10-26 08:49:51 ----D---- C:\Users\Joyce\AppData\Roaming\Artifex Mundi

2013-10-25 00:02:46 ----D---- C:\Users\Joyce\AppData\Roaming\Boolat Games

2013-10-24 12:28:44 ----D---- C:\Windows\Debug

2013-10-24 00:39:50 ----D---- C:\Users\Joyce\AppData\Roaming\ShamanGS

2013-10-24 00:23:18 ----D---- C:\Users\Joyce\AppData\Roaming\Artogon

2013-10-23 23:08:04 ----D---- C:\Users\Joyce\AppData\Roaming\TuneUpMedia

2013-10-23 22:47:53 ----D---- C:\Users\Joyce\AppData\Roaming\Apple Computer

2013-10-23 20:01:43 ----D---- C:\ProgramData\TuneUpMedia

2013-10-23 20:01:40 ----D---- C:\Users\Joyce\AppData\Roaming\Mozilla

2013-10-23 10:47:37 ----D---- C:\Users\Joyce\AppData\Roaming\Samsung

2013-10-23 10:40:22 ----D---- C:\Windows\Microsoft.NET

2013-10-23 10:34:41 ----D---- C:\Windows\system32\catroot2

2013-10-23 10:31:25 ----D---- C:\Windows\system32\Samsung_USB_Drivers

2013-10-23 10:29:13 ----D---- C:\Program Files\Samsung

2013-10-23 10:11:48 ----HD---- C:\Program Files\InstallShield Installation Information

2013-10-19 13:04:26 ----D---- C:\Windows\Prefetch

2013-10-13 17:39:36 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-13 17:35:02 ----D---- C:\Windows\system32\wbem

2013-10-13 17:35:02 ----D---- C:\Windows\system32\migration

2013-10-13 17:34:59 ----D---- C:\Program Files\Internet Explorer

2013-10-13 17:13:03 ----D---- C:\Windows\winsxs

2013-10-13 17:10:24 ----D---- C:\ProgramData\Microsoft Help

2013-10-13 16:52:10 ----A---- C:\Windows\system32\mrt.exe

2013-10-11 16:44:57 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 McPvDrv;McPvDrv Driver; C:\Windows\system32\drivers\McPvDrv.sys [2013-09-09 66296]

R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-09-24 571608]

R0 RapportKELL;RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [2013-09-10 97008]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 15672]

R1 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-09-24 213200]

R1 RapportCerberus_56758;RapportCerberus_56758; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys [2013-08-19 330960]

R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2013-09-10 148688]

R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2013-07-25 222416]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2013-04-15 113608]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-30 1184768]

R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-09-24 60920]

R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-07-15 36608]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-10-28 2476544]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]

R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-09-24 133928]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-09-24 235488]

R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-09-24 365256]

R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2013-09-20 301248]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-12-23 138240]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-06-03 407040]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 catchme;catchme; \??\C:\Users\Joyce\AppData\Local\Temp\catchme.sys []

S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 147912]

S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]

S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2013-09-24 65928]

S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2013-09-20 80656]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-29 60416]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-06-21 136904]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-06-21 17864]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-06-21 153672]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-07-15 233472]

R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2011-02-23 125496]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-25 92216]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]

R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2013-09-24 145088]

R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-09-20 638976]

R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-09-24 169320]

R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-09-24 172416]

R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 ogmservice;Online Games Manager; C:\Program Files\Online Games Manager\ogmservice.exe [2013-08-08 559552]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-09-10 1435928]

R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-12-23 365952]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-11-26 247152]

R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [2009-06-03 217170]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2011-01-25 791608]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate1cad429e4fae9f9;Google Updateservice (gupdate1cad429e4fae9f9); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-04 133104]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11 257416]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-04 133104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-17 194032]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 471592]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Defaults
  
• Reset Chrome
  
• Reset IE proxy
  
• IE Defaults
  
• Reset Hosts
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[sweetsss]

Hoi,

Wegens omstandigheden een late reactie, maar had niet eerder de tijd om hiermee verder te gaan. Hierbij de log van zoek.exe :

Zoek.exe Version 4.0.0.5 Updated 14-November-2013

Tool run by Joyce on za 23-11-2013 at 20:42:42,08.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-11-23-132719.log 25815 bytes

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

::1 localhost

==== Empty Folders Check ======================

C:\Program Files\BearShare Applications deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-11-16 13:43:17 47D2D836EDC4D62C47A05DAED90F1AB9 305736031 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Joyce\AppData\Local\Temp ====

2013-11-22 17:33:17 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j6B11.tmp_dir1385141596\i4jdel.exe

2013-11-16 15:36:32 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j8601.tmp_dir1384616192\i4jdel.exe

2013-11-15 17:53:57 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j2AC7.tmp_dir1384538037\i4jdel.exe

2013-11-11 03:14:48 76E389EC4C8EA6CD77E97B4F717E21C9 1153968 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Offercast29_SGT5_.exe

2013-11-10 22:38:45 4DDCDB412E8897D5BEFA20D4B24D10E3 104138 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Uninstall.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2013-11-17 02:04:41 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-17 02:04:41 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-11-17 02:04:40 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-11-17 02:04:38 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-11-17 02:04:38 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-11-17 02:04:36 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-17 02:04:35 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-11-17 02:04:35 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-11-17 02:04:34 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-11-17 02:04:32 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-17 02:04:32 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll

2013-11-17 02:04:31 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-11-17 02:04:29 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll

2013-11-17 02:04:29 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-17 02:04:27 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll

2013-11-17 02:04:25 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll

2013-11-16 13:54:43 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-16 13:53:12 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

2013-11-16 13:48:51 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-16 13:48:50 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-16 13:48:50 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF

====== C:\Windows\system32\drivers =====

2013-11-10 06:05:11 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-11-06 21:57:58 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys

2013-11-06 21:56:45 12F0F8D3F84FAB8F31D073286FE131CB 2641 ----a-w- C:\Windows\System32\drivers\mfencrk.inf

2013-11-06 21:56:43 4DC47CB74EBC1D92DD445FCC5DEAE76A 2951 ----a-w- C:\Windows\System32\drivers\mfencbdc.inf

====== C:\Windows\Tasks ======

2013-10-27 13:20:31 3BE0AAA28D881C5CAFD51CEA4FF3DC02 3054 ----a-w- C:\Windows\system32\Tasks\{88D0D5EF-228F-4918-9104-B971CD51457D}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-11 03:15:19 -------- d-----w- C:\Program Files\Vuze

2013-11-06 22:06:25 -------- d-----w- C:\Program Files\iPod

2013-11-06 00:58:03 -------- d-----w- C:\Program Files\tanzuki

2013-11-04 22:36:33 -------- d-----w- C:\Program Files\Mobogenie

======= C: =====

====== C:\Users\Joyce\AppData\Roaming ======

2013-11-12 00:45:51 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Age 3. Liberation of Souls 1.0

2013-11-11 12:26:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haunted House Mysteries

2013-11-10 04:31:52 AD20B43650D9760DA69255BB4B6939E2 5 ----a-w- C:\Users\Joyce\AppData\Roaming\mbam.context.scan

2013-11-07 00:18:41 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witchs Green Amulet

2013-11-06 23:59:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empress of the Deep III Legacy of the Phoenix CE

2013-11-06 23:03:12 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse

2013-11-06 02:21:36 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Anvate Games

2013-11-06 02:19:05 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Silverback Games

2013-11-06 01:45:14 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Beast of Lycan Isle CE

2013-11-06 01:36:37 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Night Mysteries The Amphora Prisoner 1.0

2013-11-05 06:33:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Legacy Games

2013-11-05 06:16:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paranormal State - Poison Spring

2013-11-04 22:46:26 -------- d-----w- C:\Users\Joyce\AppData\Local\TubeSing-34

2013-11-04 22:41:03 -------- d-----w- C:\Users\Joyce\AppData\Local\Mobogenie

2013-11-04 11:00:10 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Friendly Cactus

2013-11-03 21:35:32 -------- d-----w- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa

2013-11-03 18:53:44 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Chronicles - The Missing Mona Lisa

2013-10-28 03:30:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Mad Head Games

2013-10-26 12:18:23 F5C907D9F6B2C00552778B42BCFEC76B 299084 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-System.dat

2013-10-25 00:31:46 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects LesMiserables

2013-10-25 00:07:26 -------- d-----w- C:\Users\Joyce\AppData\Roaming\8Floor

2013-10-24 23:34:35 -------- d-----w- C:\Users\Joyce\AppData\Roaming\blg

====== C:\Users\Joyce ======

2013-11-06 22:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-11-06 22:06:11 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-11-04 22:41:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Joyce\daemonprocess.txt

2013-10-24 23:34:35 -------- d-----w- C:\ProgramData\blg

====== C: exe-files ==

2013-11-19 22:29:28 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe

2013-11-19 22:29:28 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe

2013-11-19 22:29:28 7B3E10D0AC50271E46A2ED00FE6C4B54 48440 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe

2013-11-19 22:29:28 3A6EB91CFADA8C4978E7EA79E3A2394B 57048 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe

2013-11-19 22:29:28 1C2AD4C01B0CC57094B7EF6803A1A597 151864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe

2013-11-19 22:29:26 FEE46F832FE746EB600AC65CA6451D1F 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe

2013-11-19 22:29:26 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe

2013-11-19 22:29:26 F3531CF1C8A643377641A6F9D516FED2 35544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\OnlineBackupDetection.exe

2013-11-19 22:29:26 DF2AC1055C406AA66869C95C2FD84A21 17464 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection4.exe

2013-11-19 22:29:26 B26DFFF460A1F21A3DCD3529F3F61E14 33544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\hpsacommander.exe

2013-11-19 22:29:26 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe

2013-11-19 22:29:26 99450E601834605668AE9E13BB26F09B 33264 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_CoolSense.exe

2013-11-19 22:29:26 87095CBDCC02AB8BB5ED4B124A70FC5B 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_NSPOS.exe

2013-11-19 22:29:26 78BCA0FAD639A6877813F713FD2B2952 23256 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_RecoveryDisc.exe

2013-11-19 22:29:26 4E68E7D985D5F2EB68405CD246EBEDEB 18336 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PremiumAlert.exe

2013-11-19 22:29:26 4E3643177241FE9097606FDE53E6298C 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RevGenCountry.exe

2013-11-19 22:29:26 1D80ADF858D37526CDDAE21FA595319F 17312 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection.exe

2013-11-19 22:29:26 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe

2013-11-19 22:29:26 0986D1E655F8C3014C514F322DD49250 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_CountryCode.exe

2013-11-19 22:29:26 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe

2013-11-19 22:29:24 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe

2013-11-19 22:29:24 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe

2013-11-17 09:47:16 E714A26715478EAC94DEB4514BF68EA2 35300192 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_chrome_installer.exe

2013-11-17 04:47:08 1A7C91AC6F14EBB22688704A13DC8D17 12598112 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_30.0.1599.101_chrome_updater.exe

2013-11-17 02:04:32 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"="rundll32.exe ssqrrs.dll,s"

[HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"="rundll32.exe ssqrrs.dll,s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0"

"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"UpdateLBPShortCut"="C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5"

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe"

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"

"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"

"mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe"

"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Folders ======================

2012-05-30 03:12:59 1658 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk

2012-05-30 03:12:59 1115 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23-11-2013 13:20]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04-04-2010 20:05]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

C:\Windows\tasks\HP Photo Creations Messager.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-02-2011 11:11]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\system32\tasks\4687" [wscript.exe C:\Users\Joyce\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\SmartDefragUpdate" [C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe]

"C:\Windows\system32\tasks\SmartDefrag_Startup" [C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{CA4AB69E-3234-4131-BE49-AAEEAD1A9489}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{4B682B6B-B23E-40CE-BC3A-FDDF583E17C0}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Joyce\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[]

fheleffhdiajkhjhebfibagnfkoelbdk - C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]

hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[]

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx[]

pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[]

SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Ebay Shopping Assistant by Spigot - Joyce - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Domain Error Assistant - Joyce - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme

Slick Savings - Joyce - Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

TubeSing-34 - Joyce - Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp

Amazon Shopping Assistant by Spigot - Joyce - Default\Extensions\pfndaklgolladniicklehhancnlgocpp

==== Chrome Fix ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fheleffhdiajkhjhebfibagnfkoelbdk_0.localstorage deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Google"

"Default_Page_URL"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="Google"

"Default_Search_URL"="Google"

"Search Page"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Google"

"CustomizeSearch"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="https://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}"

{273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== Reset Google Chrome ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyOverride"="*.local"

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheleffhdiajkhjhebfibagnfkoelbdk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

==== Empty IE Cache ======================

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKQGQ1QE will be deleted at reboot

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Joyce\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKQGQ1QE" not found

==== EOF on za 23-11-2013 at 22:44:20,87 ======================

24 november 2013 aangepast door kape
dubbellog verwijderd

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run];
 "ssqqnksys"=-;r
 [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
 "ssqqnksys"=-;r
 C:\Windows\system32\tasks\0;fs
 C:\Windows\system32\tasks\4687;fs
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r
 "crossriderapp498@crossrider.com"=-;r
autoclean;

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[sweetsss]

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Joyce on zo 24-11-2013 at 15:07:56,63.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-23-132719.log 25815 bytes

C:\zoek-results2013-11-23-214420.log 31918 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

"ssqqnksys"=-

"ssqqnksys"=-

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"crossriderapp498@crossrider.com"=-

==== Deleting Files \ Folders ======================

C:\Windows\system32\tasks\0 deleted

C:\Windows\system32\tasks\4687 deleted

C:\Program Files\tanzuki deleted

C:\Users\Joyce\AppData\Local\TubeSing-34 deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]

SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}"

{273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully

==== Empty IE Cache ======================

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWZV8BUW will be deleted at reboot

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Joyce\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UWZV8BUW" not found

==== EOF on zo 24-11-2013 at 16:40:44,08 ======================

[kape]

En hoe staat het nu met het openen van de browser én de snelheid van de laptop ?

[sweetsss]

Alvast bedankt voor uw/je hulp!

Het openen van de browser gaat nu prima. De snelheid van de laptop/ internet is soms nog wel langzaam, maar misschien dat dat aan onze internetverbinding ligt? Wel duurt het even als ik een nieuwe browser of tabblad open, voordat de pagina geladen is.

Ook het opstarten van de laptop duurt vrij lang (in vergelijking met de laptops van mijn ouders), zou dat kunnen komen doordat ik veel bestanden op mijn computer heb staan??

Wel heb ik bij sommige websites, dat er van die pop up vensters komen met reclame, de website reageert ook dan even niet totdat de pop up venster geladen is. Kan dit ook door specifieke websites komen ?

Ik hoop dat u/je mijn vragen kunt beantwoorden.

Nogmaals bedankt voor de hulp.

[kape]

De snelheid kan inderdaad bepaald worden door de internetverbinding of door de inhoud van de PC. Maar indien je nog pop-ups krijgt, is nog niet alle troep van je PC verwijderd. Dan gaan we nog even verder:

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.