Ga naar inhoud

Mail Delivery System


 Delen

Aanbevolen berichten


Hoi DENBIKER,

welkom op PC-Helpforum.be. ;-)

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Over welk soort mailaccount hebben we het hier ? ...

Naar alle waarschijnlijkheid is je e-mailadres gekaapt door een spammer en wordt dit nu gebruikt voor het verzenden van (ongewenste) mails ... verander dan ook onmiddellijk je wachtwoord.

Nadien mag je het onderstaande uitvoeren en het logje hier in je topic posten:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Link naar reactie
Delen op andere sites

Beste

Hier het gevraagde logbestand

Logfile of random's system information tool 1.10 (written by random/random)

Run by ROBERT at 2014-11-30 17:37:36

Microsoft Windows 8

System drive C: has 389 GB (83%) free of 471 GB

Total RAM: 16339 MB (89% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:37:40, on 30/11/2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.17148)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\windows\SysWOW64\ctfmon.exe

c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Program Files\trend micro\ROBERT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/15

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/15

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON13/15

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=60f16340400647d39dcf5918bd8685a0-3711b3a07d591d98c18178477202d1fd567e1047 /CMPID=1213b

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Connected Remote Service (HPConnectedRemote) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11429 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8cb1-d7458dacb533 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\windows\system32\svchost.exe -k apphost

"C:\Program Files\Bonjour\mDNSResponder.exe"

"c:\Program Files\Intel\iCLS Client\HeciServer.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"

C:\windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"

\??\C:\windows\system32\conhost.exe 0x4

dashost.exe {45f7ee69-241b-4e6f-965a1ab9a7b381bb}

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

C:\windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\windows\System32\WinLogon.exe -SpecialSession

-hiberboot

atieclxx

C:\windows\Explorer.EXE

taskhostex.exe

"C:\Program Files\IDT\WDM\Beats64.exe"

"C:\Program Files\IDT\WDM\sttray64.exe"

"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr

"C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

ctfmon.exe

"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE" -Embedding

"C:\Users\ROBERT\Desktop\RSITx64.exe"

C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForROBERT.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForROBERT (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-03 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-25 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-03 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-25 3627032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-10-25 41664]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-10-25 1664000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG-Secure-Search-Update_1213b"=C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=60f16340400647d39dcf5918bd8685a0-3711b3a07d591d98c18178477202d1fd567e1047 /CMPID=1213b []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-05-15 642816]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-25 2640408]

"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-09-05 3593744]

C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"VIDC.YUY2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"VIDC.YVYU"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux2"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux3"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-27 20:18:25 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

2014-11-26 17:53:54 ----A---- C:\windows\system32\NotificationUI.exe

2014-11-26 17:53:54 ----A---- C:\windows\system32\AutoUpdate.exe

2014-11-24 21:54:28 ----A---- C:\windows\system32\dnsapi.dll

2014-11-24 21:54:27 ----A---- C:\windows\SYSWOW64\WsmSvc.dll

2014-11-24 21:54:27 ----A---- C:\windows\SYSWOW64\dnsapi.dll

2014-11-24 21:54:27 ----A---- C:\windows\system32\WsmSvc.dll

2014-11-24 21:54:27 ----A---- C:\windows\system32\drivers\tcpip.sys

2014-11-24 21:54:27 ----A---- C:\windows\system32\dnsrslvr.dll

2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll

2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\rpchttp.dll

2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\FXSCOMEX.dll

2014-11-24 21:54:26 ----A---- C:\windows\SYSWOW64\FXSAPI.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\WsmWmiPl.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\rpchttp.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSTIFF.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\FXST30.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSCOMEX.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\FXSAPI.dll

2014-11-24 21:54:26 ----A---- C:\windows\system32\drivers\Classpnp.sys

2014-11-24 21:54:19 ----A---- C:\windows\system32\EncDump.dll

2014-11-24 21:54:19 ----A---- C:\windows\system32\audiosrv.dll

2014-11-24 21:54:19 ----A---- C:\windows\system32\AUDIOKSE.dll

2014-11-24 21:54:19 ----A---- C:\windows\system32\AudioEndpointBuilder.dll

2014-11-24 21:54:16 ----A---- C:\windows\system32\drivers\WdFilter.sys

2014-11-24 21:54:16 ----A---- C:\windows\system32\drivers\WdBoot.sys

2014-11-24 21:54:05 ----A---- C:\windows\SYSWOW64\oleaut32.dll

2014-11-24 21:54:05 ----A---- C:\windows\system32\oleaut32.dll

2014-11-24 21:54:04 ----A---- C:\windows\system32\win32k.sys

2014-11-24 21:53:36 ----A---- C:\windows\SYSWOW64\msi.dll

2014-11-24 21:53:36 ----A---- C:\windows\system32\msi.dll

2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\twinui.dll

2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\msihnd.dll

2014-11-24 21:53:34 ----A---- C:\windows\SYSWOW64\authui.dll

2014-11-24 21:53:34 ----A---- C:\windows\system32\twinui.dll

2014-11-24 21:53:34 ----A---- C:\windows\system32\msihnd.dll

2014-11-24 21:53:34 ----A---- C:\windows\system32\authui.dll

2014-11-24 21:52:57 ----A---- C:\windows\SYSWOW64\msaudite.dll

2014-11-24 21:52:57 ----A---- C:\windows\SYSWOW64\adtschema.dll

2014-11-24 21:52:57 ----A---- C:\windows\system32\rdpcorets.dll

2014-11-24 21:52:57 ----A---- C:\windows\system32\msaudite.dll

2014-11-24 21:52:57 ----A---- C:\windows\system32\adtschema.dll

2014-11-24 21:52:36 ----A---- C:\windows\SYSWOW64\schannel.dll

2014-11-24 21:52:36 ----A---- C:\windows\system32\schannel.dll

2014-11-24 21:52:34 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll

2014-11-24 21:52:34 ----A---- C:\windows\system32\ncryptsslp.dll

2014-11-24 21:52:24 ----A---- C:\windows\SYSWOW64\SHCore.dll

2014-11-24 21:52:24 ----A---- C:\windows\system32\SHCore.dll

2014-11-24 21:52:24 ----A---- C:\windows\system32\lsasrv.dll

2014-11-24 21:52:24 ----A---- C:\windows\system32\drivers\ksecpkg.sys

2014-11-24 21:52:23 ----A---- C:\windows\SYSWOW64\pku2u.dll

2014-11-24 21:52:23 ----A---- C:\windows\SYSWOW64\kerberos.dll

2014-11-24 21:52:23 ----A---- C:\windows\system32\kerberos.dll

2014-11-24 21:52:22 ----A---- C:\windows\system32\pku2u.dll

2014-11-24 21:52:14 ----A---- C:\windows\SYSWOW64\packager.dll

2014-11-24 21:52:14 ----A---- C:\windows\SYSWOW64\msxml3.dll

2014-11-24 21:52:14 ----A---- C:\windows\system32\packager.dll

2014-11-24 21:52:14 ----A---- C:\windows\system32\msxml3.dll

2014-11-24 21:52:02 ----A---- C:\windows\system32\mshtml.dll

2014-11-24 21:51:59 ----A---- C:\windows\SYSWOW64\mshtml.dll

2014-11-24 21:51:58 ----A---- C:\windows\SYSWOW64\ieframe.dll

2014-11-24 21:51:58 ----A---- C:\windows\system32\wininet.dll

2014-11-24 21:51:58 ----A---- C:\windows\system32\iertutil.dll

2014-11-24 21:51:58 ----A---- C:\windows\system32\ieframe.dll

2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\wininet.dll

2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\urlmon.dll

2014-11-24 21:51:57 ----A---- C:\windows\SYSWOW64\iertutil.dll

2014-11-24 21:51:57 ----A---- C:\windows\system32\urlmon.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\msrating.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\msfeeds.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\jscript9.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\jscript.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\iesysprep.dll

2014-11-24 21:51:56 ----A---- C:\windows\SYSWOW64\iedkcs32.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\uxtheme.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\msfeeds.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\jscript9.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\jscript.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\iesysprep.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\iedkcs32.dll

2014-11-24 21:51:56 ----A---- C:\windows\system32\ie4uinit.exe

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\uxtheme.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\UXInit.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\mshtmled.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\jsproxy.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\iesetup.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\iernonce.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\dxtrans.dll

2014-11-24 21:51:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\UXInit.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\msrating.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\mshtmled.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\jsproxy.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\iesetup.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\iernonce.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\dxtrans.dll

2014-11-24 21:51:55 ----A---- C:\windows\system32\dxtmsft.dll

2014-11-24 17:35:44 ----D---- C:\rsit

2014-11-24 17:35:44 ----D---- C:\Program Files\trend micro

2014-11-03 19:13:46 ----D---- C:\ProgramData\Sun

2014-11-03 19:13:45 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-11-03 19:13:35 ----D---- C:\ProgramData\Oracle

2014-11-03 19:13:34 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2014-11-30 17:34:30 ----D---- C:\windows\Temp

2014-11-30 17:33:24 ----D---- C:\ProgramData\MFAData

2014-11-30 17:00:00 ----D---- C:\windows\system32\sru

2014-11-30 16:58:46 ----D---- C:\windows\Prefetch

2014-11-30 16:56:44 ----D---- C:\windows\system32\NDF

2014-11-29 23:01:18 ----SHD---- C:\windows\Installer

2014-11-29 23:01:18 ----SHD---- C:\Config.Msi

2014-11-29 22:06:21 ----SHD---- C:\System Volume Information

2014-11-29 21:11:54 ----D---- C:\windows\Inf

2014-11-28 19:08:12 ----D---- C:\windows\Microsoft.NET

2014-11-28 19:07:33 ----RSD---- C:\windows\assembly

2014-11-28 13:12:30 ----D---- C:\windows\system32\config

2014-11-28 13:07:24 ----D---- C:\windows\AUInstallAgent

2014-11-28 13:06:48 ----HD---- C:\Program Files\WindowsApps

2014-11-27 22:09:40 ----D---- C:\windows\rescache

2014-11-27 20:22:10 ----RD---- C:\windows\System32

2014-11-27 20:22:10 ----A---- C:\windows\system32\PerfStringBackup.INI

2014-11-27 20:20:15 ----A---- C:\windows\SYSWOW64\log.txt

2014-11-27 20:18:25 ----D---- C:\windows\WinSxS

2014-11-27 20:18:25 ----D---- C:\windows\SysWOW64

2014-11-27 20:17:17 ----D---- C:\Windows

2014-11-27 19:11:59 ----D---- C:\windows\system32\Drivers

2014-11-27 19:11:55 ----D---- C:\Program Files\Windows Defender

2014-11-27 19:11:54 ----D---- C:\Program Files (x86)\Windows Defender

2014-11-27 19:11:50 ----RD---- C:\windows\ToastData

2014-11-27 19:11:46 ----D---- C:\windows\SYSWOW64\nl-NL

2014-11-27 19:11:46 ----D---- C:\windows\system32\nl-NL

2014-11-27 19:11:39 ----D---- C:\Program Files (x86)\Internet Explorer

2014-11-27 19:11:36 ----D---- C:\Program Files\Internet Explorer

2014-11-27 19:11:35 ----D---- C:\windows\system32\DriverStore

2014-11-26 21:50:08 ----D---- C:\ProgramData\YTD Video Downloader

2014-11-26 18:57:29 ----D---- C:\windows\CbsTemp

2014-11-26 18:57:12 ----D---- C:\ProgramData\Microsoft Help

2014-11-26 18:54:50 ----RSD---- C:\windows\Fonts

2014-11-26 18:52:22 ----D---- C:\windows\system32\MRT

2014-11-26 18:50:36 ----A---- C:\windows\system32\MRT.exe

2014-11-26 18:41:05 ----D---- C:\windows\Tasks

2014-11-26 18:41:05 ----D---- C:\windows\system32\Tasks

2014-11-26 17:52:05 ----D---- C:\windows\system32\catroot2

2014-11-24 21:41:16 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-11-24 21:35:03 ----D---- C:\windows\system32\wbem

2014-11-24 21:34:13 ----D---- C:\windows\system32\WinMetadata

2014-11-24 21:34:13 ----D---- C:\windows\system32\drivers\etc

2014-11-24 21:34:05 ----D---- C:\windows\SYSWOW64\config

2014-11-24 21:33:52 ----D---- C:\windows\system32\CodeIntegrity

2014-11-24 21:33:51 ----D---- C:\windows\system32\AutoUpdateLicense

2014-11-24 21:33:50 ----D---- C:\windows\Minidump

2014-11-24 21:33:43 ----D---- C:\Users\ROBERT\AppData\Roaming\WebApp

2014-11-24 21:33:38 ----D---- C:\Users\ROBERT\AppData\Roaming\ArcSoft

2014-11-24 21:25:23 ----D---- C:\windows\registration

2014-11-24 21:25:00 ----D---- C:\windows\system32\catroot

2014-11-24 21:24:45 ----SD---- C:\Users\ROBERT\AppData\Roaming\Microsoft

2014-11-24 21:22:09 ----RD---- C:\Program Files

2014-11-24 21:21:55 ----RHD---- C:\MSOCache

2014-11-24 20:20:50 ----D---- C:\windows\SoftwareDistribution

2014-11-24 18:28:31 ----D---- C:\windows\debug

2014-11-12 11:06:42 ----HD---- C:\$AVG

2014-11-07 12:32:53 ----HD---- C:\$Windows.~BT

2014-11-03 19:13:46 ----HD---- C:\ProgramData

2014-11-03 19:13:46 ----D---- C:\Program Files (x86)\Common Files

2014-11-03 19:13:34 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]

R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]

R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]

R1 Avgfwfd;@oem45.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]

R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-24 247576]

R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2014-08-20 243480]

R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2014-08-11 50976]

R1 Avgwfpa;AVG Firewall Driver; C:\windows\system32\DRIVERS\avgwfpa.sys [2014-07-18 273176]

R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]

R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]

R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2013-12-28 11660800]

R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2013-12-28 581120]

R3 AtiHDAudioService;@oem50.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW86.sys [2013-12-28 98744]

R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2012-07-18 62784]

R3 netr28x;@oem53.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]

R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-28 772680]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-10-25 543744]

R3 tilfilter;@oem41.inf,%lfilter.SvcDesc%;TI xHCI Lower Filter Driver Service; C:\windows\System32\drivers\TIxHCIlfilter.sys [2012-11-20 17528]

R3 tiufilter;@oem41.inf,%ufilter.SvcDesc%;TI xHCI Upper Filter Driver Service; C:\windows\System32\drivers\TIxHCIufilter.sys [2012-11-20 23184]

R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]

S0 amdkmafd;@oem51.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\windows\System32\drivers\amdkmafd.sys [2013-12-28 21160]

S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]

S3 A38CCID;@oem54.inf,%ACS.ACSCCID.DevDesc%;CCID USB Smart Card Reader; C:\windows\system32\DRIVERS\a38ccid.sys [2014-10-29 62976]

S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2013-01-09 51712]

S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]

S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]

S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]

S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]

S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-06-02 10627744]

S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2013-03-01 156672]

S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Stuurprogramma voor USB-audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2013-07-05 121984]

S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-01 43008]

S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]

S3 WinUsb;@WUDFUsbccidDriver.inf,%WinUsb_Service_DisplayName%;WinUsb-stuurprogramma; C:\windows\system32\DRIVERS\WinUSB.sys [2012-07-26 57344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2013-12-28 241152]

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2012-10-12 29696]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-09-05 3364368]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-09-05 293448]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]

R2 HPConnectedRemote;HP Connected Remote Service; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [2012-10-12 35744]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]

R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-07-18 276864]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-10-25 327680]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-07-18 364416]

R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-09-05 1459872]

S3 aspnet_state;aspnet_state; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]

S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]

S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2012-10-12 29696]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {95B7759C-8C7F-4BF1-B163-73684A933233};c
 C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll;f
 mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 vProt;s
 AVG-Secure-Search-Update_1213b;s
 C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign;fs
 vToolbarUpdater18.1.9;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
"AVG-Secure-Search-Update_1213b"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"mobilegeni daemon"=-;r64
 "vProt"=-;r64
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe];r64
 C:\ProgramData\YTD Video Downloader;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Beste

Hier het gevraagde log

gr

Zoek.exe v5.0.0.0 Updated 29-11-2014

Tool run by ROBERT on ma 01/12/2014 at 20:50:59,05.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\ROBERT\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-20-144428.log 1298 bytes

C:\zoek-results2014-03-20-171937.log 22344 bytes

C:\zoek-results2014-12-01-193623.log 23574 bytes

C:\zoek-results2014-12-01-194011.log 22440 bytes

C:\zoek-results2014-12-01-194655.log 2799 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG-Secure-Search-Update_1213b"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

"vProt"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Mobogenie not found

C:\Users\ROBERT\AppData\Roaming\AVG 1213b Campaign not found

C:\ProgramData\YTD Video Downloader not found

"C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll" not found

==== Files Recently Created / Modified ======================

====== C:\windows ====

====== C:\Users\ROBERT\AppData\Local\Temp ====

2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.exe

2014-11-26 20:49:02 1AFFD4B7E687F2CAA3A62A09B7F35814 26768 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.dll

====== Java Cache =====

2014-11-03 18:14:10 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7580f8b2

2014-11-03 18:14:05 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-224fcfab

2014-11-03 18:14:05 DE4A9F327808749C7239FA758DBCB551 424 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap

2014-11-03 18:14:04 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3fdb8347

2014-11-12 16:07:02 FA4513EAD4867F7DF66822FCA1AFCDE3 19521 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2ea66e94-20f1a90e

2014-11-12 16:06:59 00A6266E72F706C21BF59A7C09F93AE6 416 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ea4bc22-3200b4c91aa5ea8a52d9a00d01355dccfda2daa70b8f0690ecb829e5f3cd77f3-6.0.lap

2014-11-03 18:14:05 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\ROBERT\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-76ce7add

====== C:\windows\SysWOW64 =====

2014-11-27 19:18:25 97F94237DEB2C5146F6A2CFFDFFDD378 106440 ----a-w- C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-27 19:18:25 82CB5C6E9EE9B1CD1FD84B24A2BE0228 713672 ----a-w- C:\windows\SysWOW64\FlashPlayerApp.exe

2014-11-24 20:54:27 E95E502611E33E83FF1FE0C0A143B74B 2043392 ----a-w- C:\windows\SysWOW64\WsmSvc.dll

2014-11-24 20:54:27 7929A21AA4EF58BE06C0D0549DDA6EEF 457728 ----a-w- C:\windows\SysWOW64\dnsapi.dll

2014-11-24 20:54:26 D9D2DB0BB5B8FF79E1012A61EBA6356E 499712 ----a-w- C:\windows\SysWOW64\FXSCOMEX.dll

2014-11-24 20:54:26 AA0796E335B8913322EF3B5B0FFC3663 227328 ----a-w- C:\windows\SysWOW64\WsmWmiPl.dll

2014-11-24 20:54:26 91D7857BB977249F442EDD53CA2122CF 141824 ----a-w- C:\windows\SysWOW64\rpchttp.dll

2014-11-24 20:54:26 2B3289A8FF425A2421C940E839A16EC0 227840 ----a-w- C:\windows\SysWOW64\FXSAPI.dll

2014-11-24 20:54:05 5152299EE007CBFF390B83062C052C95 567808 ----a-w- C:\windows\SysWOW64\oleaut32.dll

2014-11-24 20:53:36 63AECC991FF55C65F583A2D16BDB6AE5 2416640 ----a-w- C:\windows\SysWOW64\msi.dll

2014-11-24 20:53:34 FC6608DAC34E4392DFA1F3321C3E9445 8858624 ----a-w- C:\windows\SysWOW64\twinui.dll

2014-11-24 20:53:34 E08AD6127CFD2B2196E0219D535443F1 2037760 ----a-w- C:\windows\SysWOW64\authui.dll

2014-11-24 20:53:34 977D36EA5A97EF972EEEEA97D33A98C5 295424 ----a-w- C:\windows\SysWOW64\msihnd.dll

2014-11-24 20:52:57 B3EED38E70AC9568288A58852DD436E1 713728 ----a-w- C:\windows\SysWOW64\adtschema.dll

2014-11-24 20:52:57 8B74CC7C7BECBDF6C00060FAFB56A7BB 146944 ----a-w- C:\windows\SysWOW64\msaudite.dll

2014-11-24 20:52:36 F1F89FA475E12684BB0EBA360FC0EB7C 318976 ----a-w- C:\windows\SysWOW64\schannel.dll

2014-11-24 20:52:34 800AB1F0B0A71D163A28F8B83A157B3D 72192 ----a-w- C:\windows\SysWOW64\ncryptsslp.dll

2014-11-24 20:52:24 38A255D2EA229F731967B0A4291D6B06 452608 ----a-w- C:\windows\SysWOW64\SHCore.dll

2014-11-24 20:52:23 CD132421F3E2A665EB746ECBA74316A5 666624 ----a-w- C:\windows\SysWOW64\kerberos.dll

2014-11-24 20:52:23 13937172E5F58FCF9DF67F252496B139 187904 ----a-w- C:\windows\SysWOW64\pku2u.dll

2014-11-24 20:52:14 F4C1E92962A66CEB7A49811BE62ABA5A 1418752 ----a-w- C:\windows\SysWOW64\msxml3.dll

2014-11-24 20:52:14 A2C7DD72861F271D6916BBB866ABE48F 68096 ----a-w- C:\windows\SysWOW64\packager.dll

2014-11-24 20:51:59 9E693725F153CD9EF08E90D58EBEBC54 14368768 ----a-w- C:\windows\SysWOW64\mshtml.dll

2014-11-24 20:51:58 25675CBC95EFE46BADB77517E6BC4DAA 13758464 ----a-w- C:\windows\SysWOW64\ieframe.dll

2014-11-24 20:51:57 D7B42130AAE3AED8E487619A9E1BF351 1762816 ----a-w- C:\windows\SysWOW64\wininet.dll

2014-11-24 20:51:57 8D4A22F77C915F95BD43D0B87EF9DD16 2055168 ----a-w- C:\windows\SysWOW64\iertutil.dll

2014-11-24 20:51:57 8B9B8B299EA8F3459258651F2715800A 1441280 ----a-w- C:\windows\SysWOW64\inetcpl.cpl

2014-11-24 20:51:57 005C724A03D515C021B5C99DF233D626 1181696 ----a-w- C:\windows\SysWOW64\urlmon.dll

2014-11-24 20:51:56 FA76509E854E2B56D86B519515DEB941 109056 ----a-w- C:\windows\SysWOW64\iesysprep.dll

2014-11-24 20:51:56 DA243158233832634ED12CB4DC10A1B1 493056 ----a-w- C:\windows\SysWOW64\msfeeds.dll

2014-11-24 20:51:56 D790BF4857C770303BAD1EFAB9B019C2 2861568 ----a-w- C:\windows\SysWOW64\jscript9.dll

2014-11-24 20:51:56 8D3B447D5C77D51878B765D1E8412999 690688 ----a-w- C:\windows\SysWOW64\jscript.dll

2014-11-24 20:51:56 46A456C8E7D2D9A08F56390FF328C27E 163840 ----a-w- C:\windows\SysWOW64\msrating.dll

2014-11-24 20:51:56 1D3967BB5CF911B10C59BD9B8A9B2C30 226816 ----a-w- C:\windows\SysWOW64\iedkcs32.dll

2014-11-24 20:51:55 F20D4C62654EA7AE56D001F33523529B 226816 ----a-w- C:\windows\SysWOW64\dxtrans.dll

2014-11-24 20:51:55 CE3C1060585125EA8471969106BFC2DB 357888 ----a-w- C:\windows\SysWOW64\dxtmsft.dll

2014-11-24 20:51:55 C540DD7B005B2DC87908B816EF53A7CD 44032 ----a-w- C:\windows\SysWOW64\UXInit.dll

2014-11-24 20:51:55 989FF71C719526B95264AAA15DA4058C 33280 ----a-w- C:\windows\SysWOW64\iernonce.dll

2014-11-24 20:51:55 8D471DA9EF322368D93FC4DC0D3A4F85 61440 ----a-w- C:\windows\SysWOW64\iesetup.dll

2014-11-24 20:51:55 6C9C9A3DB148AFC5F77BD0D84BC9248C 80384 ----a-w- C:\windows\SysWOW64\mshtmled.dll

2014-11-24 20:51:55 48253CE1F969428CBAC79C4A707E4A59 534528 ----a-w- C:\windows\SysWOW64\uxtheme.dll

2014-11-24 20:51:55 19B1DC0ED949D5BA2F96EC68CE792F3E 2706432 ----a-w- C:\windows\SysWOW64\mshtml.tlb

2014-11-24 20:51:55 048E882BD570E31639757F079FD80E14 39936 ----a-w- C:\windows\SysWOW64\jsproxy.dll

====== C:\windows\SysWOW64\drivers =====

====== C:\windows\Sysnative =====

2014-11-26 16:53:54 285CFFDB3D91627EB1979302E5F277FC 462760 ----a-w- C:\windows\Sysnative\NotificationUI.exe

2014-11-26 16:53:54 20C5D70BAD65BA200CE906351F4CA007 582552 ----a-w- C:\windows\Sysnative\AutoUpdate.exe

2014-11-24 20:54:28 1057CDCFD7BAFDA363EE127285763F98 623104 ----a-w- C:\windows\Sysnative\dnsapi.dll

2014-11-24 20:54:27 A2C6DACDE258D0835DA4B5075225272C 212992 ----a-w- C:\windows\Sysnative\dnsrslvr.dll

2014-11-24 20:54:27 89DA335401D956F2696E35A38817BE19 2837504 ----a-w- C:\windows\Sysnative\WsmSvc.dll

2014-11-24 20:54:26 FEE098DF4EFFD13F520277AA156D559E 188928 ----a-w- C:\windows\Sysnative\rpchttp.dll

2014-11-24 20:54:26 81D75DB1FCE576D5BAA2E0F568D224EF 309248 ----a-w- C:\windows\Sysnative\WsmWmiPl.dll

2014-11-24 20:54:26 3CD0811267360076328984561FA399E9 616448 ----a-w- C:\windows\Sysnative\FXSAPI.dll

2014-11-24 20:54:26 37C202C17E989578690756A75C120F0C 254976 ----a-w- C:\windows\Sysnative\FXST30.dll

2014-11-24 20:54:26 06814BF85FF787026BEEB23A4D49719E 432640 ----a-w- C:\windows\Sysnative\FXSTIFF.dll

2014-11-24 20:54:26 00EECDBA8B58623470681044B606DD5B 609280 ----a-w- C:\windows\Sysnative\FXSCOMEX.dll

2014-11-24 20:54:25 A92EF73B02686B7E6F070B486512DB88 389176 ----a-w- C:\windows\Sysnative\ApnDatabase.xml

2014-11-24 20:54:19 E68F456AF77E45A53DE634B2A361F16E 522728 ----a-w- C:\windows\Sysnative\AUDIOKSE.dll

2014-11-24 20:54:19 8FB10919E1283FD108334FDBFB173574 169472 ----a-w- C:\windows\Sysnative\AudioEndpointBuilder.dll

2014-11-24 20:54:19 832D5BEB0478B52EE1698428DC23C2C2 267264 ----a-w- C:\windows\Sysnative\EncDump.dll

2014-11-24 20:54:19 37B2C3BFD6E259A5CBC0053100908157 783872 ----a-w- C:\windows\Sysnative\audiosrv.dll

2014-11-24 20:54:05 87C2B38DF709D99371124DD5E981EE97 778240 ----a-w- C:\windows\Sysnative\oleaut32.dll

2014-11-24 20:54:04 7AFD5CA6E87242AD40FBBACBEC199177 4068864 ----a-w- C:\windows\Sysnative\win32k.sys

2014-11-24 20:53:36 25A05112F470B22A9B4AEDC7BC0E4C0B 2885632 ----a-w- C:\windows\Sysnative\msi.dll

2014-11-24 20:53:34 F08961951319B772AA3C32113E107483 10115072 ----a-w- C:\windows\Sysnative\twinui.dll

2014-11-24 20:53:34 DDA84431EC8B11A1C5DA66BAD476424D 2307072 ----a-w- C:\windows\Sysnative\authui.dll

2014-11-24 20:53:34 020C789C8481A6A0E8363ABBBD505574 393216 ----a-w- C:\windows\Sysnative\msihnd.dll

2014-11-24 20:52:57 94C0D6C5B967720B59B134DDDA97FC7A 146944 ----a-w- C:\windows\Sysnative\msaudite.dll

2014-11-24 20:52:57 76E0CE29EF5BC3EEDC7962AE18508FC1 713728 ----a-w- C:\windows\Sysnative\adtschema.dll

2014-11-24 20:52:57 2ADDCFA35A7D45FDB883312821E2561C 3248640 ----a-w- C:\windows\Sysnative\rdpcorets.dll

2014-11-24 20:52:36 3DA84EED8FD188EA00FAF7352D3C8A22 414208 ----a-w- C:\windows\Sysnative\schannel.dll

2014-11-24 20:52:34 76714016993263794ECBF8EF317F6E45 86528 ----a-w- C:\windows\Sysnative\ncryptsslp.dll

2014-11-24 20:52:24 20ED904FE289689B076D5DB690C5CA77 1281536 ----a-w- C:\windows\Sysnative\lsasrv.dll

2014-11-24 20:52:24 01CA660050B7228B99C9A2FC9A3D6979 588288 ----a-w- C:\windows\Sysnative\SHCore.dll

2014-11-24 20:52:23 822797E780335497E0CC7D059ADF64B6 827904 ----a-w- C:\windows\Sysnative\kerberos.dll

2014-11-24 20:52:22 2ACBE51AA462AD845D2F484780AA312C 238080 ----a-w- C:\windows\Sysnative\pku2u.dll

2014-11-24 20:52:14 AE54A060C9A76ADACD6A09BCA83D50BF 79872 ----a-w- C:\windows\Sysnative\packager.dll

2014-11-24 20:52:14 6F4DB6ED4AB48721D7E477B301177AFA 1845760 ----a-w- C:\windows\Sysnative\msxml3.dll

2014-11-24 20:52:02 BB9EDB136C117014C9ECC281E15568F3 19284480 ----a-w- C:\windows\Sysnative\mshtml.dll

2014-11-24 20:51:58 71882DBD92A58EC265508E5F4F5894B3 15399424 ----a-w- C:\windows\Sysnative\ieframe.dll

2014-11-24 20:51:58 4E0BA41211B870111B8DE9B03B49C18E 2237952 ----a-w- C:\windows\Sysnative\wininet.dll

2014-11-24 20:51:58 237DD0E5230B0E78C09836D888798380 2655232 ----a-w- C:\windows\Sysnative\iertutil.dll

2014-11-24 20:51:57 CAFB7296295D473364DE6B57C970A445 1409536 ----a-w- C:\windows\Sysnative\urlmon.dll

2014-11-24 20:51:57 469B033F7E48F7B9943523055FA1EAF9 1509376 ----a-w- C:\windows\Sysnative\inetcpl.cpl

2014-11-24 20:51:56 D39E6B207EEA4867BD62FBC511C320E0 255488 ----a-w- C:\windows\Sysnative\iedkcs32.dll

2014-11-24 20:51:56 CCA72EBB1E4B0849EA251211F7C1B4AE 51712 ----a-w- C:\windows\Sysnative\ie4uinit.exe

2014-11-24 20:51:56 71B20011967F1E4F550A8DDD095C8251 603136 ----a-w- C:\windows\Sysnative\msfeeds.dll

2014-11-24 20:51:56 624EA391F837DD143B649C62D0A661F9 136704 ----a-w- C:\windows\Sysnative\iesysprep.dll

2014-11-24 20:51:56 305A20D511396D77C9A81EC1A6D4F243 855552 ----a-w- C:\windows\Sysnative\jscript.dll

2014-11-24 20:51:56 2094F0FBF3E4FF5B53DD46C2C4BFBD6D 3959296 ----a-w- C:\windows\Sysnative\jscript9.dll

2014-11-24 20:51:56 1952844CFCB6BEA72CFE538F2E951A1D 915968 ----a-w- C:\windows\Sysnative\uxtheme.dll

2014-11-24 20:51:55 FBCCEDE1720306CBC2D448248CDA0772 67072 ----a-w- C:\windows\Sysnative\iesetup.dll

2014-11-24 20:51:55 D0FE275A6C25CD1BD6B40C726E87564A 197120 ----a-w- C:\windows\Sysnative\msrating.dll

2014-11-24 20:51:55 C987F9E6981F1EDF7AAC65A8734D4267 39936 ----a-w- C:\windows\Sysnative\iernonce.dll

2014-11-24 20:51:55 A1D32506F067DF92455C9306669D933F 281600 ----a-w- C:\windows\Sysnative\dxtrans.dll

2014-11-24 20:51:55 88D1D38F87E4EF2129E6988E08CAB222 53760 ----a-w- C:\windows\Sysnative\UXInit.dll

2014-11-24 20:51:55 7D996CEA7CDA7342FE091ADFF14DFAB0 2706432 ----a-w- C:\windows\Sysnative\mshtml.tlb

2014-11-24 20:51:55 345BEAB65EB2DD9A9813C97C559972AE 53760 ----a-w- C:\windows\Sysnative\jsproxy.dll

2014-11-24 20:51:55 124F008B1CEC1FA16A4B4665C34BC76B 451584 ----a-w- C:\windows\Sysnative\dxtmsft.dll

2014-11-24 20:51:55 02D8C74F640D2116E07A46AD7D4064E4 97280 ----a-w- C:\windows\Sysnative\mshtmled.dll

====== C:\windows\Sysnative\drivers =====

2014-11-24 20:54:27 2AE9136724568DB4F08BC04F131CFC54 2233152 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys

2014-11-24 20:54:26 11B9DC4FF08E11CB1E77F4C0822B83C9 328512 ----a-w- C:\windows\Sysnative\drivers\Classpnp.sys

2014-11-24 20:54:16 FAC362ED29713A535C6E2EEFFA5B4733 270024 ----a-w- C:\windows\Sysnative\drivers\WdFilter.sys

2014-11-24 20:54:16 B7FD627AAE8E95848BFEC437C923A87E 35320 ----a-w- C:\windows\Sysnative\drivers\WdBoot.sys

2014-11-24 20:52:24 0EB535ADDC065F2D0CBFC089630A6065 171840 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

2014-11-24 16:35:44 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-11-03 18:13:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-11-03 18:13:34 -------- d-----w- C:\PROGRA~2\Java

======= C: =====

====== C:\Users\ROBERT\AppData\Roaming ======

2014-11-03 18:12:38 -------- d-----w- C:\Users\ROBERT\AppData\Locallow\Sun

====== C:\Users\ROBERT ======

2014-11-30 16:34:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Desktop\RSITx64.exe

2014-11-29 20:19:36 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Downloads\RSITx64.exe

2014-11-26 20:50:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader

2014-11-03 18:13:46 -------- d-----w- C:\ProgramData\Sun

2014-11-03 18:13:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-03 18:13:35 -------- d-----w- C:\ProgramData\Oracle

====== C: exe-files ==

2014-11-30 16:34:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Desktop\RSITx64.exe

2014-11-29 20:20:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\ROBERT.exe

2014-11-29 20:19:36 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\ROBERT\Downloads\RSITx64.exe

2014-11-27 19:18:25 82CB5C6E9EE9B1CD1FD84B24A2BE0228 713672 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Temp\ochelper.exe

2014-11-26 20:49:02 AA3CF23EC4D00EC8885807A7570F8259 26424 ----a-w- C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VHCQC00\ochelper[1].exe

2014-11-26 16:53:54 285CFFDB3D91627EB1979302E5F277FC 462760 ----a-w- C:\Windows\System32\NotificationUI.exe

2014-11-26 16:53:54 20C5D70BAD65BA200CE906351F4CA007 582552 ----a-w- C:\Windows\System32\AutoUpdate.exe

2014-11-24 20:51:57 95F20403548F47822B6F96F2D6B2AA20 775312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-11-24 20:51:57 0E144293FBAECD79A045B336FA6C0F0D 770704 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-11-24 20:51:56 EDBEE1FFEE2F0A804B32BBD5317C3B84 485376 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-11-24 20:51:56 CCA72EBB1E4B0849EA251211F7C1B4AE 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-11-24 20:51:56 B62CEFF31A4CB18804727FA28381165A 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-11-24 20:48:09 BB13DCE3B70EEFF2AD8A0182AB17C968 320528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe

2014-11-24 20:42:13 F5990EFEDD846FF03771E95E3F241483 6122736 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

2014-11-24 20:42:13 91F861349A9B579667F6A050B56BA6A7 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe

2014-11-24 20:42:13 5C1EF7DFD56C52B8054977B6A381ABED 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe

2014-11-24 20:42:13 04202D3E38016AFB4367FFFCDD20C27F 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe

=== C: other files ==

2014-11-24 20:54:27 2AE9136724568DB4F08BC04F131CFC54 2233152 ----a-w- C:\Windows\System32\Drivers\tcpip.sys

2014-11-24 20:54:26 11B9DC4FF08E11CB1E77F4C0822B83C9 328512 ----a-w- C:\Windows\System32\Drivers\Classpnp.sys

2014-11-24 20:54:16 FAC362ED29713A535C6E2EEFFA5B4733 270024 ----a-w- C:\Windows\System32\Drivers\WdFilter.sys

2014-11-24 20:54:16 B7FD627AAE8E95848BFEC437C923A87E 35320 ----a-w- C:\Windows\System32\Drivers\WdBoot.sys

2014-11-24 20:54:04 7AFD5CA6E87242AD40FBBACBEC199177 4068864 ----a-w- C:\Windows\System32\win32k.sys

2014-11-24 20:52:24 0EB535ADDC065F2D0CBFC089630A6065 171840 ----a-w- C:\Windows\System32\Drivers\ksecpkg.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2014-06-14 17:40:42 1298 ----a-w- C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\HPCeeScheduleForROBERT.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]

"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\windows\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\windows\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\windows\SysNative\tasks\HPCeeScheduleForROBERT" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=247 folders=127 72666523 bytes)

==== EOF on ma 01/12/2014 at 20:55:26,97 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader;fs
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
 C:\windows\SysNative\tasks\AutoKMS;fs
 autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites


[ATTACH]37943[/ATTACH]

- - - Updated - - -

Zoek.exe v5.0.0.0 Updated 29-11-2014

Tool run by ROBERT on di 02/12/2014 at 9:43:04,12.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\ROBERT\Downloads\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

2/12/2014 9:44:10 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted

C:\windows\SysNative\tasks\AutoKMS deleted

C:\PROGRA~2\Connected Music powered by Universal Music Group deleted

C:\PROGRA~2\AVG Security Toolbar deleted

C:\PROGRA~2\COMMON~1\AVG Secure Search deleted

C:\PROGRA~3\Avg_Update_0814tb deleted

C:\PROGRA~3\AVG Security Toolbar deleted

C:\PROGRA~3\AVG Secure Search deleted

C:\Users\Gast\AppData\Local\AVG Secure Search deleted

C:\Users\ROBERT\AppData\Local\AVG Secure Search deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted

C:\Users\Gast\AppData\LocalLow\AVG Secure Search deleted

C:\Users\ROBERT\AppData\LocalLow\AVG Secure Search deleted

C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted

"C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted

"C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted

"C:\PROGRA~2\AVG Secure Search" not deleted

"C:\PROGRA~2\AVG Secure Search" not deleted

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=574 folders=258 145444931 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gast\AppData\Local\Temp emptied successfully

C:\Users\ROBERT\AppData\Local\Temp will be emptied at reboot

C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\ROBERT\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\AVG Secure Search" not found

"C:\PROGRA~2\AVG Secure Search" not found

==== EOF on di 02/12/2014 at 10:00:53,22 ======================

zoek-results.txt

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\\AdwCleaner\\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

 Delen

×
×
  • Nieuwe aanmaken...