Ga naar inhoud

RandomPriCe 6.1 verwijderen


 Delen

Aanbevolen berichten

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Niek at 2014-01-23 08:34:28

Microsoft Windows XP Professional Service Pack 3

System drive C: has 221 GB (73%) free of 305 GB

Total RAM: 2046 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:34:47, on 23-1-2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\MyPC Backup\BackupStack.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Nero\Update\NASvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe

C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\winlogon.exe

C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Niek\Mijn documenten\Downloads\RSIT.exe

C:\Program Files\trend micro\Niek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0A1B3F5F-459F-422A-A4AB-F59C4769CDF6&SSPV=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://213.126.97.82:8080/webviewer.cab

O16 - DPF: {3AA1C0E3-DA98-4BB4-91AE-D3BC61178240} (GVersionManager Class) - http://213.126.97.82:8080/GVersionMan.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311856062406

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1311861837093

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\winfil~1\winfil~1.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe

--

End of file - 9456 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cef5cd315af64e.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cef5cd31b58faa.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\Norton Security Scan for Luc.job

C:\WINDOWS\tasks\Norton Security Scan for Niek.job

C:\WINDOWS\tasks\SymInstallStub.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{2277C5F7-E9D9-4450-BD67-48054748DE38}.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{666F6ED9-7184-4005-A1B8-100FB998D539}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-07-15 844656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-07-15 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]

c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

C:\WINDOWS\stsystra.exe [2006-03-20 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

C:\Documents and Settings\Luc\Application Data\Spotify\Data\SpotifyWebHelper.exe [2013-08-02 1104280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\docume~1\alluse~1\applic~1\winfil~1\winfil~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Electronic Arts\The Battle for Middle-earth II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth II\game.dat:*:Enabled:The Battle for Middle-earth™ II"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Documents and Settings\Luc\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Luc\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Documents and Settings\Marijn\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Marijn\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Documents and Settings\Luc\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Luc\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Documents and Settings\Niek\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Niek\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-01-23 08:34:31 ----D---- C:\Program Files\trend micro

2014-01-23 08:34:28 ----D---- C:\rsit

2014-01-18 18:30:54 ----D---- C:\Program Files\Belastingdienst

2014-01-16 03:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$

2014-01-11 13:40:21 ----D---- C:\Program Files\Symantec

2014-01-11 13:40:21 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2014-01-11 13:37:53 ----D---- C:\WINDOWS\system32\drivers\NIS

2014-01-11 13:37:45 ----D---- C:\Program Files\Norton Internet Security

2014-01-11 13:19:26 ----D---- C:\WINDOWS\system32\drivers\NSS

2014-01-11 13:19:26 ----D---- C:\Program Files\Norton Security Scan

2014-01-10 18:07:44 ----D---- C:\Program Files\Enigma Software Group

2014-01-10 18:07:02 ----D---- C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP

2014-01-10 18:06:58 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2014-01-10 18:04:58 ----D---- C:\Program Files\HAppY2Save

2014-01-04 17:06:18 ----D---- C:\Documents and Settings\All Users\Application Data\WPM

2014-01-04 17:04:32 ----D---- C:\Documents and Settings\Niek\Application Data\uTorrent

2014-01-01 17:24:14 ----D---- C:\Documents and Settings\All Users\Application Data\RandomPriCe

2014-01-01 17:24:09 ----D---- C:\Documents and Settings\All Users\Application Data\idahcddpimjelfnkmocefhnbpbgconbb

2014-01-01 17:23:44 ----D---- C:\Documents and Settings\All Users\Application Data\f3fe3c5ff77c86bd

2014-01-01 17:23:42 ----D---- C:\Documents and Settings\All Users\Application Data\HAppY2Save

2013-12-29 12:53:28 ----D---- C:\Documents and Settings\All Users\Application Data\WinFilter

2013-12-26 14:16:06 ----N---- C:\WINDOWS\system32\spmsg2.dll

2013-12-26 14:16:00 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$

======List of files/folders modified in the last 1 month======

2014-01-23 08:34:31 ----RD---- C:\Program Files

2014-01-23 08:34:31 ----D---- C:\WINDOWS\Temp

2014-01-23 08:34:21 ----D---- C:\WINDOWS\Prefetch

2014-01-23 07:43:03 ----D---- C:\Program Files\MyPC Backup

2014-01-22 13:53:52 ----SD---- C:\WINDOWS\Tasks

2014-01-22 13:49:34 ----SHD---- C:\System Volume Information

2014-01-22 13:44:57 ----D---- C:\WINDOWS\system32\CatRoot2

2014-01-21 19:23:44 ----A---- C:\WINDOWS\SchedLgU.Txt

2014-01-19 08:32:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2014-01-16 15:56:41 ----SHD---- C:\WINDOWS\Installer

2014-01-16 15:56:40 ----HD---- C:\Config.Msi

2014-01-16 15:53:51 ----D---- C:\WINDOWS\system32

2014-01-16 15:48:34 ----D---- C:\WINDOWS

2014-01-16 11:18:55 ----D---- C:\Program Files\Common Files\Symantec Shared

2014-01-16 03:06:11 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2014-01-16 03:04:39 ----D---- C:\WINDOWS\system32\MRT

2014-01-16 03:01:36 ----A---- C:\WINDOWS\system32\MRT.exe

2014-01-16 03:01:27 ----HD---- C:\WINDOWS\inf

2014-01-16 03:01:19 ----RSHDC---- C:\WINDOWS\system32\dllcache

2014-01-16 03:01:19 ----D---- C:\WINDOWS\system32\drivers

2014-01-12 02:09:34 ----D---- C:\Documents and Settings\All Users\Application Data\ssafe saveu

2014-01-11 13:41:09 ----D---- C:\Documents and Settings\All Users\Application Data\Norton

2014-01-11 13:29:53 ----D---- C:\Program Files\NortonInstaller

2014-01-11 13:19:21 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller

2014-01-10 18:06:58 ----D---- C:\Program Files\Common Files

2014-01-05 12:46:15 ----D---- C:\WINDOWS\Minidump

2014-01-05 12:45:40 ----D---- C:\Program Files\PokerStars.EU

2013-12-26 14:42:12 ----D---- C:\WINDOWS\Microsoft.NET

2013-12-26 14:25:28 ----SH---- C:\boot.ini

2013-12-26 14:25:28 ----A---- C:\WINDOWS\win.ini

2013-12-26 14:25:28 ----A---- C:\WINDOWS\system.ini

2013-12-26 14:25:26 ----D---- C:\WINDOWS\pss

2013-12-26 14:16:17 ----A---- C:\WINDOWS\imsins.BAK

2013-12-26 14:15:52 ----RSD---- C:\WINDOWS\assembly

2013-12-26 14:15:40 ----D---- C:\WINDOWS\system32\XPSViewer

2013-12-26 14:15:37 ----D---- C:\WINDOWS\system32\nl-nl

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 MpKslb9cf8b05;MpKslb9cf8b05; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1F9B57-76B7-45DC-8D6B-12DF722554B5}\MpKslb9cf8b05.sys []

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-07-29 20747]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]

R3 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140121.001\BHDrvx86.sys []

R3 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NIS\1501000.012\ccSetx86.sys [2013-09-26 127064]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]

R3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IDSxpx86;IDSxpx86; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140122.001\IDSxpx86.sys []

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]

R3 NAVENG;NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140122.009\NAVENG.SYS []

R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140122.009\NAVEX15.SYS []

R3 RT61;Linksys Wireless-G PCI Adapter Driver(RT61); C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-10-27 356096]

R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1501000.012\SRTSP.SYS [2013-09-27 651352]

R3 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSPX.SYS [2013-07-31 32344]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-20 1156648]

R3 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMDS.SYS [2013-08-01 367704]

R3 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMEFA.SYS [2013-09-27 935512]

R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []

R3 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1501000.012\Ironx86.SYS [2013-07-31 206936]

R3 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1501000.012\SYMTDI.SYS [2013-09-26 421592]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]

S1 wceusbsh;Windows CE USB Serial Host-stuurprogramma; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 32000]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2013-06-21 32064]

S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2013-06-14 20032]

S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-07-16 17432]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []

S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2012-10-08 21248]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 naecd;naecd; \??\C:\DOCUME~1\Marijn\LOCALS~1\Temp\naecd.sys []

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]

S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]

S3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-03-12 709248]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2013-06-21 136904]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2013-06-21 17864]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2013-06-21 153672]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2013-06-21 130248]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]

S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]

S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 usbvideo;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 8c33f9f6;WinFilter; c:\docume~1\alluse~1\applic~1\winfil~1\WinFilterSvc.dll [2013-12-29 178000]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]

R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files\MyPC Backup\BackupStack.exe [2013-09-19 38440]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 HTCMonitorService;HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-07-16 87368]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-29 153376]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]

R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-09-23 641832]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696]

R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 WMP54Gv4SVC;WMP54Gv4SVC; C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe [2005-07-04 53307]

R2 Wpm;Wpm Service; C:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe [2014-01-04 499856]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-18 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-18 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

aangepast door n-iek
Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP;f
 C:\Program Files\HAppY2Save;fs
 C:\Documents and Settings\All Users\Application Data\WPM;fs
 C:\Documents and Settings\All Users\Application Data\RandomPriCe:fs
 C:\Documents and Settings\All Users\Application Data\idahcddpimjelfnkmocefhnbpbgconbb;fs
 C:\Documents and Settings\All Users\Application Data\f3fe3c5ff77c86bd;fs
 C:\Documents and Settings\All Users\Application Data\HAppY2Save;fs
 C:\Program Files\MyPC Backup;fs
 C:\Documents and Settings\All Users\Application Data\ssafe saveu;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Shortcut Fix
  • IE Defaults
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 25-Januari-2014

Tool run by Niek on za 25-01-2014 at 21:38:53,46.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Niek\Bureaublad\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

25-1-2014 21:41:57 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\HAppY2Save deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\WinAVI deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome deleted successfully

C:\Documents and Settings\All Users\Application Data\Babylon deleted successfully

C:\Documents and Settings\All Users\Application Data\HAppY2Save deleted successfully

C:\Documents and Settings\All Users\Application Data\RandomPriCe deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Application Data\searchquband deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Application Data\searchresultstb deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Application Data\Systweak deleted successfully

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\Luc\Application Data\searchquband deleted successfully

C:\Documents and Settings\Luc\Application Data\Systweak deleted successfully

C:\Documents and Settings\Niek\Application Data\searchquband deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\PackageAware deleted successfully

C:\Documents and Settings\Luc\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{9952ED44-DEEF-41AF-B1C8-F1155F4A683B} deleted successfully

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{A3CEFD38-123D-47A5-BD88-1E48F386BB9A} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Wpm deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command]

@="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]

@="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\HAppY2Save not found

C:\Documents and Settings\All Users\Application Data\HAppY2Save not found

C:\Documents and Settings\All Users\Application Data\ssafe saveu not found

C:\Documents and Settings\All Users\Application Data\WPM deleted

C:\Documents and Settings\All Users\Application Data\idahcddpimjelfnkmocefhnbpbgconbb deleted

C:\Documents and Settings\All Users\Application Data\f3fe3c5ff77c86bd deleted

C:\WINDOWS\system32\config\systemprofile\AppData\LocalLow\{789C928D-7FC6-430E-2DF1-4657B8780EA4} deleted

C:\WINDOWS\system32\config\systemprofile\AppData\LocalLow\{8D96B347-ED29-309E-9803-D8021EB4F44C} deleted

C:\Program Files\iLivid deleted

C:\Program Files\MyFree Codec deleted

C:\Program Files\ConduitEngine deleted

C:\Program Files\Search Results Toolbar deleted

C:\Program Files\Searchqu Toolbar deleted

C:\extensions deleted

C:\Documents and Settings\Christ & Jacqueline\Application Data\Softonic deleted

C:\Documents and Settings\Christ & Jacqueline\Application Data\BabylonToolbar deleted

C:\Documents and Settings\Christ & Jacqueline\Application Data\PriceGong deleted

C:\Documents and Settings\Luc\Application Data\BabylonToolbar deleted

C:\Documents and Settings\Luc\Application Data\searchqutoolbar deleted

C:\Documents and Settings\Luc\Application Data\PriceGong deleted

C:\Documents and Settings\Marijn\Application Data\Softonic deleted

C:\Documents and Settings\Marijn\Application Data\Systweak deleted

C:\Documents and Settings\Niek\Application Data\Softonic deleted

C:\Documents and Settings\Niek\Application Data\BabylonToolbar deleted

C:\Documents and Settings\Niek\Application Data\searchqutoolbar deleted

C:\Documents and Settings\Niek\Application Data\Systweak deleted

C:\Documents and Settings\Niek\Application Data\PriceGong deleted

C:\Documents and Settings\All Users\Application Data\boost_interprocess deleted

C:\Documents and Settings\All Users\Application Data\Wincert deleted

C:\Documents and Settings\All Users\Application Data\ssafe saveu deleted

C:\Documents and Settings\All Users\Application Data\InstallMate deleted

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\ConduitEngine deleted

C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect deleted

C:\Documents and Settings\Luc\Local Settings\Application Data\uTorrentBar_NL deleted

C:\Documents and Settings\Luc\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Luc\Local Settings\Application Data\ConduitEngine deleted

C:\Documents and Settings\Marijn\Local Settings\Application Data\ConduitEngine deleted

C:\Documents and Settings\NetworkService\Local Settings\Application Data\SearchProtect deleted

C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL deleted

C:\Documents and Settings\Niek\Local Settings\Application Data\Ilivid Player deleted

C:\Documents and Settings\Niek\Local Settings\Application Data\uTorrentBar_NL deleted

C:\Documents and Settings\Niek\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Niek\Local Settings\Application Data\ConduitEngine deleted

C:\Documents and Settings\All Users\Menu Start\Programma's\MyFree Codec deleted

C:\Documents and Settings\All Users\Menu Start\Programma's\ssafe saveu deleted

C:\WINDOWS\002707_.tmp deleted

C:\WINDOWS\SET25.tmp deleted

C:\WINDOWS\SET26.tmp deleted

C:\WINDOWS\SET3.tmp deleted

C:\WINDOWS\SET4.tmp deleted

C:\WINDOWS\SET8.tmp deleted

C:\END deleted

C:\WINDOWS\system32\roboot.exe deleted

C:\Documents and Settings\Niek\AppData\LocalLow\DataMngr deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCall.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla17.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla18.exe" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla19.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla2.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla20.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla22.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla22.exe" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP\WiseData.ini" deleted

"C:\Program Files\MyPC Backup\AWSSDK.dll" deleted

"C:\Program Files\MyPC Backup\BackupStack.exe" deleted

"C:\Program Files\MyPC Backup\MPCBClient.dll" deleted

"C:\Program Files\MyPC Backup\Shared Stack.dll" deleted

"C:\Program Files\MyPC Backup\AWSSDK.dll" deleted

"C:\Program Files\MyPC Backup\BackupStack.exe" deleted

"C:\Program Files\MyPC Backup\MPCBClient.dll" deleted

"C:\Program Files\MyPC Backup\Shared Stack.dll" deleted

"C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll" deleted

"C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll" deleted

"C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP" deleted

"C:\Program Files\MyPC Backup" not deleted

"C:\Documents and Settings\All Users\Application Data\WinFilter" deleted

"C:\Program Files\MyPC Backup" not deleted

"C:\Documents and Settings\All Users\Application Data\WinFilter" deleted

"C:\Program Files\MyPC Backup\x86" not deleted

"C:\Program Files\MyPC Backup\x86" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Niek\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

2014-01-11 12:40:24 8128DD4852B101ABD9CFB2B93B7EEC0E 8194 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.CAT

2014-01-11 12:40:22 A56FDE291912C739D5EDC705B4552D19 805 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.INF

2014-01-11 12:40:21 E987A9CB539147527F56943BB34B7375 142936 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-01-23 07:34:31 -------- d-----w- C:\Program Files\trend micro

2014-01-18 17:30:54 -------- d-----w- C:\Program Files\Belastingdienst

2014-01-10 17:07:44 -------- d-----w- C:\Program Files\Enigma Software Group

2014-01-10 17:06:58 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

======= C: =====

====== C:\Documents and Settings\Niek\Application Data ======

2014-01-04 16:04:32 -------- d-----w- C:\Documents and Settings\Niek\Application Data\uTorrent

2014-01-02 12:15:00 -------- d-----w- C:\Documents and Settings\Marijn\Local Settings\Application Data\Apple

====== C:\Documents and Settings\Niek ======

2014-01-23 14:16:01 -------- d-sh--w- C:\Documents and Settings\Marijn\PrivacIE

2014-01-01 16:23:45 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\AppData

====== C: exe-files ==

2014-01-25 18:26:34 56D33BC99FA81C2CD00D4C54F2DB223A 1282560 ----a-w- C:\RECYCLER\S-1-5-21-1417001333-436374069-839522115-1006\Dc23.exe

2014-01-23 07:34:32 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Niek.exe

2014-01-23 07:32:35 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\RECYCLER\S-1-5-21-1417001333-436374069-839522115-1007\Dc66.exe

2014-01-22 16:12:12 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Niek\Mijn documenten\Downloads\RSIT.exe

2014-01-22 16:11:53 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\Niek\Mijn documenten\Downloads\RSITx64.exe

=== C: other files ==

2014-01-25 18:27:27 5CC2F5A33A46D41DBAC9FC0A945AB6EB 436 ----a-w- C:\Documents and Settings\Luc\Local Settings\Temp\download8.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPWuSchd2"

"hkey"="HKLM"

"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="KiesTrayAgent"

"hkey"="HKLM"

"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msseces"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="stsystra"

"hkey"="HKLM"

"command"="stsystra.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpotifyWebHelper"

"hkey"="HKCU"

"command"="\"C:\\Documents and Settings\\Luc\\Application Data\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GoogleToolbarNotifier"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\HP Digital Imaging Monitor.lnk"

"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"

"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "

"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk"

"backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup"

"item"="Windows Search"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 00:15]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cef5cd315af64e.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-08-2011 17:21]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cef5cd31b58faa.job --a------ [undetermined Task]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [23-10-2013 15:01]

C:\WINDOWS\tasks\Norton Security Scan for Luc.job --ah----- C:\PROGRA1\NORTON2\Engine\4031.24\Nss.exe []

C:\WINDOWS\tasks\Norton Security Scan for Niek.job --ah----- C:\PROGRA1\NORTON2\Engine\4031.24\Nss.exe []

C:\WINDOWS\tasks\SymInstallStub.job --a------ C:\DOCUME1\Marijn\LOCALS1\Temp\Adobe\Shockwave 11\SymInstallStub.exe []

C:\WINDOWS\tasks\User_Feed_Synchronization-{2277C5F7-E9D9-4450-BD67-48054748DE38}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{666F6ED9-7184-4005-A1B8-100FB998D539}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF" [11-01-2014 15:32]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\DOCUME~1\Luc\LOCALS~1\Temp\crxDA.tmp[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[09-12-2013 10:38]

HAppY2Save - Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcmmbodimpflfimghollkpcphhbjdhdk

Google Wallet - Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Ask Toolbar - Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne

Torch Helper - Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

HAppY2Save - Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\mcmmbodimpflfimghollkpcphhbjdhdk

Bizzybolt - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgbjdgnkkchgleommaaapafcigjjbnmg

Softonic Chrome Toolbar - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

Google Wallet - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Norton Identity Protection - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Documents and Settings\Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcmmbodimpflfimghollkpcphhbjdhdk deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\mcmmbodimpflfimghollkpcphhbjdhdk deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mcmmbodimpflfimghollkpcphhbjdhdk_0.localstorage deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mcmmbodimpflfimghollkpcphhbjdhdk_0.localstorage-journal deleted successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf deleted successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0A1B3F5F-459F-422A-A4AB-F59C4769CDF6&SSPV="

"Default_Page_URL"="http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07"

"Default_Search_URL"="http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}"

"Search Page"="http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}"

"Start Page"="http://www.v9.com/?type=hp&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}"

"CustomizeSearch"="http://search.v9.com/web/?type=ds&ts=1388851533&from=bnds&uid=WDCXWD3200AAKS-00B3A0_WD-WCAT1424628046280&i=psd&t=33bd1ed07&q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\jqs@sun.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Documents and Settings\Luc\Bureaublad\Deze computer.lnk -

C:\Documents and Settings\Luc\Bureaublad\Norton Installation Files.lnk - C:\Documents and Settings\All Users\Documenten\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12}

C:\Documents and Settings\Luc\Bureaublad\Snelkoppeling naar chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Luc\Bureaublad\Spotify.lnk - C:\Documents and Settings\Luc\Application Data\Spotify\spotify.exe

C:\Documents and Settings\Luc\Bureaublad\µTorrent.lnk -

C:\Documents and Settings\Luc\Bureaublad\Films\Nero Burning ROM 11.lnk - C:\WINDOWS\Installer\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe

C:\Documents and Settings\Luc\Bureaublad\Films\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Documents and Settings\Luc\Bureaublad\Films\µTorrent.lnk -

C:\Documents and Settings\Niek\Bureaublad\Deze computer.lnk -

C:\Documents and Settings\Niek\Bureaublad\Internet.lnk -

C:\Documents and Settings\Niek\Bureaublad\Mijn documenten.lnk - C:\Documents and Settings\Niek\Mijn documenten

C:\Documents and Settings\Niek\Bureaublad\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Documents and Settings\Niek\Bureaublad\Spellen\The Battle for Middle-earth™ II.lnk -

==== shortcuts on All Users Desktop ======================

C:\Documents and Settings\All Users\Bureaublad\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\Documents and Settings\All Users\Bureaublad\Norton Internet Security.LNK - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uistub.exe

C:\Documents and Settings\All Users\Bureaublad\Norton Security Scan.LNK - C:\Program Files\Norton Security Scan\Engine\4.0.3.24\Nss.exe

C:\Documents and Settings\All Users\Bureaublad\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\Default User\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe

C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe

C:\Documents and Settings\Luc\Menu Start\µTorrent.lnk -

C:\Documents and Settings\Luc\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe

C:\Documents and Settings\Luc\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe

C:\Documents and Settings\Marijn\Menu Start\µTorrent.lnk -

C:\Documents and Settings\Marijn\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA

C:\Documents and Settings\Marijn\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Outlook Express.lnk - C:\Program Files\Outlook Express\msimn.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Adresboek.lnk - C:\Program Files\Outlook Express\wab.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe

C:\Documents and Settings\Marijn\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Opdrachtprompt.lnk - C:\WINDOWS\system32\cmd.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Windows Verkenner.lnk - C:\WINDOWS\explorer.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe

C:\Documents and Settings\Niek\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Start\Programma's\Adobe Reader X .lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\Documents and Settings\All Users\Menu Start\Programma's\Belastingdienst\Aangifte inkomstenbelasting\2013\Aangifte inkomstenbelasting 2013 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.chm

C:\Documents and Settings\All Users\Menu Start\Programma's\Belastingdienst\Aangifte inkomstenbelasting\2013\Aangifte inkomstenbelasting 2013 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013u.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Belastingdienst\Aangifte inkomstenbelasting\2013\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Belastingdienst\Aangifte inkomstenbelasting\2013\www.belastingdienst.nl.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\www.belastingdienst.nl.url

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Verbinding met extern bureaublad.lnk - C:\WINDOWS\system32\mstsc.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Netwerkverbindingen.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{7007acc7-3202-11d1-aad2-00805fc1270e}

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe hnetwiz.dll,HomeNetWizardRunDll

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Nieuwe verbinding.lnk - C:\WINDOWS\system32\rundll32.exe netshell.dll,StartNCW

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Back-up.lnk - C:\WINDOWS\system32\ntbackup.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Geplande taken.lnk - C:\WINDOWS\explorer.exe ::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{21EC2020-3AEA-1069-A2DD-08002B30309D}\::{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfdefragmentatie.lnk - C:\WINDOWS\system32\dfrg.msc

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfopruiming.lnk - C:\WINDOWS\system32\cleanmgr.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Speciale tekens.lnk - C:\WINDOWS\system32\charmap.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Wizard Toegankelijkheid.lnk - C:\WINDOWS\system32\accwiz.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Internet Security\LiveUpdate.LNK - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uistub.exe /lu

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Internet Security\Norton Internet Security verwijderen.LNK - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.1.0.18\inststub.exe /X /shortcut

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Internet Security\Norton Internet Security.LNK - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\uistub.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Internet Security\Norton Recovery Tools.LNK -

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Internet Security\Ondersteuning verkrijgen.LNK - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\symerr.exe /support

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Security Scan\Norton Security Scan verwijderen.LNK - C:\Program Files\Norton Security Scan\Engine\4.0.3.24\InstWrap.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Norton Security Scan\Norton Security Scan.LNK - C:\Program Files\Norton Security Scan\Engine\4.0.3.24\Nss.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\FreeCell.lnk - C:\WINDOWS\system32\freecell.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Mijnenveger.lnk - C:\WINDOWS\system32\winmine.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Patience.lnk - C:\WINDOWS\system32\sol.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Computerbeheer.lnk - C:\WINDOWS\system32\compmgmt.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Gegevensbronnen (ODBC).lnk - C:\WINDOWS\system32\odbcad32.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Logboeken.lnk - C:\WINDOWS\system32\eventvwr.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Lokaal beveiligingsbeleid.lnk - C:\WINDOWS\system32\secpol.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Prestaties.lnk - C:\WINDOWS\system32\perfmon.msc /s

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Services.lnk - C:\WINDOWS\system32\services.msc /s

==== shortcuts in Quick Launch ======================

C:\Documents and Settings\LocalService\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Luc\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Luc\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Documents and Settings\Luc\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Documents and Settings\Marijn\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Marijn\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Marijn\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Documents and Settings\Niek\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{8c33f9f6} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Monden\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Niek\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\Mijn afbeeldingen\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\Mijn afbeeldingen\monden jacqueline\jacqueline\Local Settings\Temporary Internet Files\Content.ie5 emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Luc\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Luc\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Niek\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Niek\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Cache emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1347 folders=369 152003252 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp will be emptied at reboot

C:\Documents and Settings\Luc\Local Settings\Temp emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\Niek\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Niek\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\Niek\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\MyPC Backup" not found

"C:\Program Files\MyPC Backup" not found

"C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies" not found

"C:\Documents and Settings\LocalService\Local Settings\Temp\History" not found

"C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files" not found

==== EOF on za 25-01-2014 at 22:04:41,82 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 25-January-2014

Tool run by Niek on zo 26-01-2014 at 11:57:14,79.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Niek\Bureaublad\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-25-210441.log 49867 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Niek\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

2014-01-11 12:40:24 8128DD4852B101ABD9CFB2B93B7EEC0E 8194 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.CAT

2014-01-11 12:40:22 A56FDE291912C739D5EDC705B4552D19 805 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.INF

2014-01-11 12:40:21 E987A9CB539147527F56943BB34B7375 142936 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-01-23 07:34:31 -------- d-----w- C:\Program Files\trend micro

2014-01-18 17:30:54 -------- d-----w- C:\Program Files\Belastingdienst

2014-01-10 17:07:44 -------- d-----w- C:\Program Files\Enigma Software Group

2014-01-10 17:06:58 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

======= C: =====

====== C:\Documents and Settings\Niek\Application Data ======

2014-01-25 21:04:58 -------- d-----w- C:\Documents and Settings\LocalService\Application Data\Apple Computer

2014-01-04 16:04:32 -------- d-----w- C:\Documents and Settings\Niek\Application Data\uTorrent

2014-01-02 12:15:00 -------- d-----w- C:\Documents and Settings\Marijn\Local Settings\Application Data\Apple

====== C:\Documents and Settings\Niek ======

2014-01-23 14:16:01 -------- d-sh--w- C:\Documents and Settings\Marijn\PrivacIE

2014-01-01 16:23:45 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\AppData

====== C: exe-files ==

2014-01-23 07:34:32 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Niek.exe

2014-01-22 16:12:12 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Niek\Mijn documenten\Downloads\RSIT.exe

2014-01-22 16:11:53 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\Niek\Mijn documenten\Downloads\RSITx64.exe

=== C: other files ==

2014-01-26 10:54:29 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Documents and Settings\Niek\Local Settings\Temp\scripttest.vbs

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1417001333-436374069-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPWuSchd2"

"hkey"="HKLM"

"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="KiesTrayAgent"

"hkey"="HKLM"

"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msseces"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SigmatelSysTrayApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="stsystra"

"hkey"="HKLM"

"command"="stsystra.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpotifyWebHelper"

"hkey"="HKCU"

"command"="\"C:\\Documents and Settings\\Luc\\Application Data\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\HP Digital Imaging Monitor.lnk"

"backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup"

"command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe "

"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk"

"backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup"

"item"="Windows Search"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cef5cd315af64e.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18-08-2011 17:21]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cef5cd31b58faa.job --a------ [undetermined Task]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- [undetermined Task]

C:\WINDOWS\tasks\Norton Security Scan for Luc.job --ah----- C:\PROGRA1\NORTON2\Engine\4031.24\Nss.exe []

C:\WINDOWS\tasks\Norton Security Scan for Niek.job --ah----- C:\PROGRA1\NORTON2\Engine\4031.24\Nss.exe []

C:\WINDOWS\tasks\SymInstallStub.job --a------ C:\DOCUME1\Marijn\LOCALS1\Temp\Adobe\Shockwave 11\SymInstallStub.exe []

C:\WINDOWS\tasks\User_Feed_Synchronization-{2277C5F7-E9D9-4450-BD67-48054748DE38}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{666F6ED9-7184-4005-A1B8-100FB998D539}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF" [11-01-2014 15:32]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[19-01-2014 18:42]

Google Wallet - Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Torch Helper - Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Bizzybolt - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgbjdgnkkchgleommaaapafcigjjbnmg

Google Wallet - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Norton Identity Protection - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Monden\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\J Monden\Niek\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\Mijn afbeeldingen\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Mijn documenten\Mijn afbeeldingen\monden jacqueline\jacqueline\Local Settings\Temporary Internet Files\Content.ie5 emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Luc\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Niek\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Cache emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1349 folders=374 152036020 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Christ & Jacqueline\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully

C:\Documents and Settings\Luc\Local Settings\Temp emptied successfully

C:\Documents and Settings\Marijn\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\Niek\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Niek\LOCALS~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\Niek\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on zo 26-01-2014 at 12:12:04,78 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

dgbjdgnkkchgleommaaapafcigjjbnmg;chr

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

En heb je daarna nog merkbare problemen ?

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 25-January-2014

Tool run by Niek on ma 27-01-2014 at 13:33:59,99.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Niek\Bureaublad\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-25-210441.log 49867 bytes

C:\zoek-results2014-01-26-111204.log 16438 bytes

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[19-01-2014 18:42]

Google Wallet - Christ & Jacqueline\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Torch Helper - Christ & Jacqueline\Local Settings\Application Data\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Bizzybolt - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgbjdgnkkchgleommaaapafcigjjbnmg

Google Wallet - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

AdBlock - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Norton Identity Protection - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Marijn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Norton Identity Protection - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Niek\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dgbjdgnkkchgleommaaapafcigjjbnmg deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1353 folders=376 152039690 bytes)

==== EOF on ma 27-01-2014 at 13:36:23,26 ======================

- - - Updated - - -

Bedankt, ik ondervind geen grote problemen meer. Alleen soms duurt het opstarten, nadat ik een gebruiker aangeklikt heb, wel erg lang.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.