Ga naar inhoud

Probleen Avast GrimeFighter


Aanbevolen berichten

Ik kreeg al enige tijd een Pop-up van Avast dat mijn PC traag was en dat zij dat konden verbeteren door het verwijderen van 6 Overbodige Apps en 13 Systeeminstellingen. Omdat met name het bladeren door Internet (gebruik Firefox) soms erg traag verliep, heb ik deze week besloten het 'programma' GrimeFighter te kopen/downloaden. Meer onder het motto 'baat het niet dan schaadt het niet'.

Na een behoorlijke lange scan kreeg ik de teleurstellende (en vervelende) mededeling:
"Het spijt ons zeer, maar hier kunnen we niet werken.

U hebt een fout gevonden in onze engine. Er zijn geen wijzigingen aangebracht op uw systeem en de details van de fout zijn naar onze technici gestuurd. We werken aan een oplossing."

Mijn Pc heeft nog steeds de overbodige Apps en foute systeeminstellingen en is nog even traag.

Wat moet/kan ik doen ??

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.png RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je 
hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een 

.
Link naar reactie
Delen op andere sites

Hierbij het logbestand:

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Gebruiker at 2015-03-25 18:22:52
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 240 GB (50%) free of 477 GB
Total RAM: 3488 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:10, on 25-3-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gebruiker\Downloads\RSIT(1).exe
C:\Program Files\trend micro\Gebruiker.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://members.virtualtourist.com/m/7c27b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [igfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1427299539
O4 - Startup: Inktwaarschuwingen controleren - .lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files\HitmanPro.Alert\hmpalert.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

--
End of file - 6325 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\i0nb2dcx.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://members.virtualtourist.com/m/7c27b/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\i0nb2dcx.default\searchplugins\
duckduckgo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-17 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16 499608]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-18 5511352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 145880]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 181208]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 189912]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-02-19 5503768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1427299539 []

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Inktwaarschuwingen controleren - .lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 330752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-03-25 09:46:15 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\aepdu.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 09:46:15 ----A---- C:\Windows\system32\acmigration.dll
2015-03-22 10:12:47 ----D---- C:\Program Files\Mozilla Firefox
2015-03-21 13:54:05 ----D---- C:\ProgramData\VS Revo Group
2015-03-18 11:04:57 ----SHD---- C:\Jumpshot
2015-03-18 11:00:17 ----D---- C:\Windows\jumpshot.com
2015-03-17 16:35:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-17 16:35:00 ----A---- C:\Windows\avastSS.scr
2015-03-11 09:02:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 09:02:22 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 09:02:22 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:02:22 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 09:02:18 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 09:02:17 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 09:02:16 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 09:02:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:02:15 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 09:02:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 09:02:15 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 09:02:15 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 09:02:14 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 09:02:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:02:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 09:02:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 09:02:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 09:02:14 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 09:02:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 09:02:13 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 09:02:13 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 09:02:12 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 09:02:12 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 09:02:11 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 09:02:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 09:02:11 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 09:02:10 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 09:02:10 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 09:02:09 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 09:02:09 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 09:02:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 09:02:08 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 09:02:08 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 09:02:07 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 09:02:07 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 09:01:11 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 09:01:10 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 09:01:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 09:01:09 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 09:01:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 09:01:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 09:01:09 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 09:01:08 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 09:01:08 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 09:01:08 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 09:01:08 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 09:01:08 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 09:01:06 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 09:01:05 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 09:01:05 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 09:01:05 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 09:01:05 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 09:01:04 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 09:01:00 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 09:01:00 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 09:01:00 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 09:00:59 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 09:00:59 ----A---- C:\Windows\system32\mf.dll
2015-03-11 09:00:56 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 09:00:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 09:00:55 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 09:00:55 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 09:00:55 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 09:00:54 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 09:00:54 ----A---- C:\Windows\system32\evr.dll
2015-03-11 09:00:54 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 09:00:53 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 09:00:53 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 09:00:53 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 09:00:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 09:00:53 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 09:00:52 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 09:00:52 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 09:00:52 ----A---- C:\Windows\system32\ci.dll
2015-03-11 09:00:51 ----A---- C:\Windows\system32\winload.exe
2015-03-11 09:00:51 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 09:00:51 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 09:00:51 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 09:00:50 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 09:00:50 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 09:00:49 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 09:00:49 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 09:00:49 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 09:00:48 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 09:00:48 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 09:00:47 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 09:00:47 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 09:00:46 ----A---- C:\Windows\system32\smss.exe
2015-03-11 09:00:46 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 09:00:46 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 09:00:46 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 09:00:46 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 09:00:44 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 09:00:44 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 09:00:43 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 09:00:43 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 09:00:43 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 09:00:43 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 09:00:43 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 09:00:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 09:00:42 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 09:00:42 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 09:00:42 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 09:00:42 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 09:00:41 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 09:00:41 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 09:00:40 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 09:00:40 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 09:00:40 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 09:00:32 ----A---- C:\Windows\system32\mferror.dll
2015-03-04 09:54:42 ----A---- C:\Windows\system32\powertracker.dll
2015-03-04 09:54:41 ----A---- C:\Windows\system32\wdi.dll
2015-03-04 09:54:41 ----A---- C:\Windows\system32\perftrack.dll

======List of files/folders modified in the last 1 month======

2015-03-25 18:22:55 ----D---- C:\Program Files\Trend Micro
2015-03-25 18:19:04 ----D---- C:\Windows\Temp
2015-03-25 18:06:28 ----D---- C:\Windows\system32\config
2015-03-25 17:26:14 ----D---- C:\Windows\CryptoGuard
2015-03-25 17:08:47 ----D---- C:\Windows\system32\drivers
2015-03-25 17:08:26 ----A---- C:\Windows\system32\log.txt
2015-03-25 13:55:59 ----D---- C:\Windows\winsxs
2015-03-25 13:54:48 ----SD---- C:\Windows\system32\CompatTel
2015-03-25 13:54:46 ----D---- C:\Windows\system32\wbem
2015-03-25 13:54:46 ----D---- C:\Windows\system32\appraiser
2015-03-25 13:54:46 ----D---- C:\Windows\System32
2015-03-25 13:54:45 ----D---- C:\Windows\AppPatch
2015-03-25 12:34:02 ----SHD---- C:\System Volume Information
2015-03-24 17:11:51 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-03-24 17:11:12 ----D---- C:\Windows\Prefetch
2015-03-22 13:26:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-22 12:33:08 ----D---- C:\Program Files
2015-03-21 13:54:05 ----D---- C:\ProgramData
2015-03-18 12:06:58 ----SHD---- C:\Boot
2015-03-18 11:00:17 ----D---- C:\Windows
2015-03-17 16:35:31 ----D---- C:\Windows\system32\Tasks
2015-03-14 10:13:45 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-03-14 10:13:09 ----SHD---- C:\Windows\Installer
2015-03-14 10:13:07 ----D---- C:\Program Files\Common Files\Adobe AIR
2015-03-13 12:47:31 ----D---- C:\Program Files\CCleaner
2015-03-12 13:26:30 ----D---- C:\Windows\rescache
2015-03-11 13:39:03 ----D---- C:\Windows\system32\en-US
2015-03-11 13:38:59 ----D---- C:\Program Files\Internet Explorer
2015-03-11 13:38:55 ----D---- C:\Windows\system32\nl-NL
2015-03-11 13:38:46 ----D---- C:\Program Files\Windows Media Player
2015-03-11 13:38:45 ----D---- C:\Windows\system32\Dism
2015-03-11 13:38:38 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 13:38:38 ----D---- C:\Windows\system32\Boot
2015-03-11 12:38:00 ----D---- C:\Windows\system32\MRT
2015-03-11 12:35:55 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 08:59:31 ----D---- C:\Windows\system32\catroot2
2015-03-04 13:47:59 ----D---- C:\Windows\tracing
2015-03-03 13:19:28 ----D---- C:\Program Files\WinRAR
2015-02-27 11:13:17 ----D---- C:\Windows\inf
2015-02-27 11:13:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-17 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-17 206976]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2012-08-10 46096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-17 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-17 788272]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-17 427480]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-12-31 295936]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-17 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-17 73440]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-17 106912]
R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys [2014-04-09 75640]
R2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-03-17 220240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2013-11-07 3768320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-03-25 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 51928]
R3 MEI;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECI.sys [2010-10-19 41088]
R3 vpcbus;Hostbusservice voor Virtual PC; C:\Windows\system32\drivers\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 cpuz135;cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 89856]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 39272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 184192]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-17 343336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-02-18 106248]
R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files\HitmanPro.Alert\hmpalert.exe [2014-04-09 1876816]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-03-17 3205216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-02 1343400]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------
 

Link naar reactie
Delen op andere sites

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.

Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.

(hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

     
    emptyfolderscheck;delete
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults;  
    
    
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 23-March-2015
Tool run by Gebruiker on wo 25-03-2015 at 18:49:27,23.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Downloads\zoek(1).exe [scan all users]   [Deep Scan]

==== System Restore Info ======================

25-3-2015 18:54:01 Zoek.exe System Restore Point Created Successfully.

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files\HitmanPro.Alert\hmpalert.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Gebruiker\Downloads\zoek(1).exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv

==== System Specs ======================

Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601)
Memory (RAM): 3488 MB
CPU Info: Intel® Core i3-2120 CPU @ 3.30GHz
CPU Speed: 3375,7 MHz
Sound Card: Luidsprekers (Realtek High Defi |
Display Adapters: Intel® HD Graphics | Intel® HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (D: | ) D: ATAPI   iHAS124   C
Ports: COM Ports NOT Present. LPT1
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  465,8GB | E:  153,4GB
Hard Disks - Free: C:  234,2GB | E:  60,5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 07/20/12 | WORTMA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: Gigabyte Technology Co., Ltd. H61M-S2PV
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Firefox    36.0.4
Internet Explorer Version: 11.0.9600.17691
Mozilla Firefox version: 36.0.4 (x86 nl)
Adobe Reader version: 11.0.10.32
Flash Player version: 17.0.0.134
Shockwave Player version: 11.6.7r637

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-17 15:35:00    C4B680AA8A352611D0C70E680A87E367    43112    ----a-w-    C:\Windows\avastSS.scr
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2015-03-22 11:32:41    A8AC679817E78C64FA2C40D7F0BFE16D    298096    ----a-w-    C:\Users\Gebruiker\AppData\Local\Temp\MozUpdater\bgupdate-1\updater.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2015-03-25 08:46:15    C1247DC978F3070E506EAB7DFC86C8EC    623616    ----a-w-    C:\Windows\System32\invagent.dll
2015-03-25 08:46:15    9E99777BF725DEF76B4A7CEFBA47F279    327168    ----a-w-    C:\Windows\System32\devinv.dll
2015-03-25 08:46:15    7155E3E4F2DB86D81C27E06FDFB81CA0    26112    ----a-w-    C:\Windows\System32\acmigration.dll
2015-03-25 08:46:15    3A0A9D23102D8E0F226EE0779EFF8E5D    818176    ----a-w-    C:\Windows\System32\appraiser.dll
2015-03-25 08:46:15    373D75CA475CFD554D60665F3FB4DD8F    159744    ----a-w-    C:\Windows\System32\aepic.dll
2015-03-25 08:46:15    2853C84E4584F8F7AE54C0903E594FD2    534528    ----a-w-    C:\Windows\System32\generaltel.dll
2015-03-25 08:46:15    2661E206AFAA9A24EFDFE8DA2E9963D0    202752    ----a-w-    C:\Windows\System32\aepdu.dll
2015-03-25 08:46:15    21C99D32B889CC3FC4C1C147E4AFA732    892928    ----a-w-    C:\Windows\System32\aeinv.dll
2015-03-17 15:35:06    46E863AB492069BD049CA71BC21C0474    291312    ----a-w-    C:\Windows\System32\aswBoot.exe
====== C:\Windows\system32\drivers =====
2015-03-11 08:01:10    9EED5E0B7BF784C491C2289A09920BDA    137656    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2015-03-11 08:01:09    4DAC97CF81FAE4B2988AEF0DF40D04AE    67512    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2015-03-11 08:00:55    AEBC369F7DC72AB3F5B9BDF34FA0D43F    593920    ----a-w-    C:\Windows\System32\drivers\PEAuth.sys
2015-03-11 08:00:54    3051724F223EA48968B19567DE2A81F4    370488    ----a-w-    C:\Windows\System32\drivers\cng.sys
2015-03-11 08:00:53    644905A19D0F37F2233DFCE53BC4BC19    78784    ----a-w-    C:\Windows\System32\drivers\mountmgr.sys
2015-03-11 08:00:46    81F97D8F8B3FB94A451CC6F7CF8B2965    50176    ----a-w-    C:\Windows\System32\drivers\appid.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-03-21 12:54:11    --------    d-----w-    C:\Users\Gebruiker\AppData\Local\VS Revo Group
2015-03-18 10:04:53    --------    d-----w-    C:\Windows\system32\config\systemprofile\AppData\Roaming\gnupg
====== C:\Users\Gebruiker ======
2015-03-25 17:21:59    8685FAF50C04F9A9C2F56FF64B0B7ACB    1107968    ----a-w-    C:\Users\Gebruiker\Downloads\RSIT(1).exe
2015-03-21 12:54:05    --------    d-----w-    C:\ProgramData\VS Revo Group
2015-03-21 12:52:58    5F200A1A68AB2FCD74F3D9324955EFDB    10801480    ----a-w-    C:\Users\Gebruiker\Downloads\RevoUninProSetup.exe
2015-03-13 11:46:26    ED6C93EE27B62E28BBD839FCB3D75E6E    5325696    ----a-w-    C:\Users\Gebruiker\Downloads\ccsetup503.exe

====== C: exe-files ==
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4230844291-488404651-3536562176-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_USERS\S-1-5-21-4230844291-488404651-3536562176-1000\Software\Microsoft\Windows\CurrentVersion\runonce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

==== Startup Folders ======================

2013-05-29 12:41:35    1950    ----a-w-    C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - .lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14-03-2015 10:13]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\{3DD5E559-259C-4A57-AAF9-9123237C5E0D}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{4058A6CF-C396-4C58-808A-9F55CAD2C574}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{4BC8B01C-A5E0-4839-8B67-A68340891EF2}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{5064731C-EE71-486B-BB8B-3D7A79FD50E8}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{5AF9B4F0-B01A-435E-B51D-F5C1D90916E5}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{75765059-F1FB-4E09-B34F-707B1C9ED8B6}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{94488CBB-AAE4-491E-AF37-8114750DE063}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{A715D6E7-B611-4047-8E75-37532102F7C4}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{B1961593-7EB4-47E3-AE61-3D757694EEE9}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{BF486570-E969-44DF-8116-24ECFD56DB42}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]
"C:\Windows\system32\tasks\{C5F75F44-36E6-4E7C-8D8D-DFA6B6A2ECE6}" [C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\i0nb2dcx.default
user_pref("browser.startup.homepage", "http://members.virtualtourist.com/m/7c27b/");
user_pref("browser.search.defaultenginename", "DuckDuckGo");
user_pref("browser.search.selectedEngine", "DuckDuckGo");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [17-03-2015 16:35]

==== Firefox Extensions ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\i0nb2dcx.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\i0nb2dcx.default
0806948270D853B709CCBBF38AF167E4    - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -    Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE    - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -    Adobe Acrobat
0A1FF0B674E2F268799442A434A63BB3    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
893BF7D2261C56C24F813405D9D018E0    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -    Silverlight Plug-In
1BFD18699636B8F1AA26675BA43D2F8F    - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll -    Shockwave for Director / Shockwave for Director
43583AB4DFD406F4C188342F41B1F91C    - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll -    Shockwave Flash
8DA2ED6B04EA33F2EAE8BA883F903729    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -    Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[04-08-2014 16:06]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-03-2015 16:34]

Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://members.virtualtourist.com/m/7c27b/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [igfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1427299539
O4 - Startup: Inktwaarschuwingen controleren - .lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files\HitmanPro.Alert\hmpalert.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=183 folders=52 1625295 bytes)

==== EOF on wo 25-03-2015 at 19:01:16,71 ======================
 

Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

# AdwCleaner v4.113 - Logbestand aangemaakt 26/03/2015 op 09:32:46
# Laatste update 22/03/2015 door Xplode
# Database : 2015-03-23.1 [server]
# Besturingssysteem : Windows 7 Professional Service Pack 1 (x86)
# Gebruikersnaam : Gebruiker - GEBRUIKER2-PC
# Gestart vanuit : C:\Users\Gebruiker\Downloads\adwcleaner_4.113.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Program Files\Vidplaya

***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.4 (x86 nl)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [1917 bytes] - [22/06/2014 08:48:05]
AdwCleaner[R1].txt - [1080 bytes] - [26/03/2015 09:29:03]
AdwCleaner[s0].txt - [2015 bytes] - [22/06/2014 08:49:15]
AdwCleaner[s1].txt - [1012 bytes] - [26/03/2015 09:32:46]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1071  bytes] ##########
 

Link naar reactie
Delen op andere sites

  • 2 weken later...

Kan dit ermee te maken hebben ??

 

Regelmatig blijft bij het gebruik van Firefox het scherm 'hangen' wanneer ik naar een nieuwe pagina wil gaan.

Soms lukt dat dan nog wel. (soms komt er helemaal boven aan de pagina de volgende tekst "(Firefox reageert niet)".

 

Ook dat verdwijnt de ene keer wel en komt alsnog de nieuwe pagina.

Maar in een behoorlijk aantal gevallen krijg ik een pop-up venster met de navolgende tekst:

"Shockwave Flash is bezig of reageert niet. U kunt de de Plugin stoppen of doorgaan".

 

Kies ik voor "doorgaan" dan wordt het scherm afgesloten en moet ik lang wachten totdat de nieuwe pagina alsnog op m'n scherm verschijnt.

 

Shockwave opnieuw geïnstalleerd.

Firefox ook vernieuwd.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.