melding tijdens start

djtoetta · 9 feb 2014

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by djtoetta on zo 09-02-2014 at 21:40:49,80.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\djtoetta\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 21:42:34,17 =====

--- Create Environment Variables 21:42:35,03
--- Checking Input 21:42:54,24
--- Empty Folders Check 21:43:44,33
--- Emptyclsid 21:43:44,39
--- Registry Fix x64 21:43:50,61
--- Delete files\folders 21:43:50,64
--- Create Backups 21:43:50,99
--- Recently Created 21:46:44,16

Zer0Day · 9 feb 2014

Dat is niet het volledige log hoor.
start zoek.exe opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Kopieer de volledige log in je volgend bericht.

djtoetta · 9 feb 2014

dat is de goede

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by djtoetta on zo 09-02-2014 at 21:57:34,06.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\djtoetta\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-08-211519.log 400 bytes
C:\zoek-results2014-02-08-214253.log 369 bytes
C:\zoek-results2014-02-09-204642.log 1924 bytes

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"fst_nl_23"=-

==== Deleting Files \ Folders ======================

C:\Users\djtoetta\AppData\Roaming\DriverCure not found
C:\Users\djtoetta\AppData\Roaming\ParetoLogic not found
C:\ProgramData\ParetoLogic not found
C:\Program Files (x86)\ParetoLogic not found
C:\Users\djtoetta\AppData\Roaming\DVDVideoSoftIEHelpers not found
C:\Program Files (x86)\DVDVideoSoft not found
C:\Users\djtoetta\AppData\Roaming\DVDVideoSoft not found
C:\ProgramData\Avg7 not found
C:\Program Files (x86)\predm not found
C:\Program Files (x86)\Cling Clang not found
C:\Program Files (x86)\Mobogenie not found
C:\Program Files (x86)\Conduit not found
C:\ProgramData\Conduit not found
C:\Program Files (x86)\AVG not found
C:\Users\djtoetta\AppData\Roaming\TuneUp Software not found
"C:\WINDOWS\tasks\AmiUpdXp.job" not found
"C:\WINDOWS\tasks\ParetoLogic Registration3.job" not found
"C:\WINDOWS\tasks\ParetoLogic Update Version3.job" not found
"C:\WINDOWS\tasks\PC Health Advisor Defrag.job" not found
"C:\WINDOWS\tasks\PC Health Advisor.job" not found

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-02-03 19:23:04 0245D0889C3443F5DC9194558583FE59 43152 ----a-w- C:\WINDOWS\avastSS.scr
2014-01-14 20:37:10 F0E857AA9EFCC374C1931F7E9978C480 24768 ----a-w- C:\WINDOWS\diagwrn.xml
2014-01-14 20:37:10 F0E857AA9EFCC374C1931F7E9978C480 24768 ----a-w- C:\WINDOWS\diagerr.xml
2014-01-14 20:27:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\ativpsrm.bin
====== C:\Users\djtoetta\AppData\Local\Temp ====
====== C:\WINDOWS\SysWOW64 =====
2014-02-08 14:15:31 5729C2AE40AC6008FB30FF6F58357CC6 10833920 ----a-w- C:\WINDOWS\SysWOW64\libmfxsw32.dll
2014-02-08 14:15:30 2BB9560D32114A98097000E42D3C6EBF 10915840 ----a-w- C:\WINDOWS\SysWOW64\libmfxhw32.dll
2014-02-08 13:48:56 5FEFD614BBD3FFA3712B172F70B1FDE2 24576 ----a-w- C:\WINDOWS\SysWOW64\msxml3a.dll
2014-02-08 10:11:09 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\WINDOWS\SysWOW64\msvcr71.dll
2014-02-08 10:11:09 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\WINDOWS\SysWOW64\msvcp71.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-02-03 20:23:33 13014E17D8DB6432FAB9BB94E01BDBF2 19544 ----a-w- C:\WINDOWS\Sysnative\roboot64.exe
2014-02-03 19:24:02 28192A2A37F52EB97EBE14DEE0F2513B 334136 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe
====== C:\WINDOWS\Sysnative\drivers =====
2014-02-04 05:51:52 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
2014-02-03 19:24:05 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys
2014-02-03 19:24:05 F22DE5F5BA8ADA0A861441B624B51EB5 421704 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSP.sys
2014-02-03 19:24:05 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys
2014-02-03 19:24:05 90399625F341AB76BA4B85A5E860EB1F 207904 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys
2014-02-03 19:24:05 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys
2014-02-03 19:24:05 43599E630DFC30AD4E6A2B4B269EB1C0 1038072 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSnx.sys
2014-02-03 19:24:05 0ACC3F49015E628590CA4372322EB46B 78648 ----a-w- C:\WINDOWS\Sysnative\drivers\aswMonFlt.sys
2014-02-03 19:24:04 57483E691D635510533E081EC4CB81EC 28184 ----a-w- C:\WINDOWS\Sysnative\drivers\aswKbd.sys
2014-02-03 19:22:07 9C9F56BC4D399454600845FC806C270C 440672 ----a-w- C:\WINDOWS\Sysnative\drivers\aswNdisFlt.sys
2014-01-23 05:16:19 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-14 20:28:37 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-14 20:27:29 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-14 20:22:59 F6EBE514D13ECE7EDC23440039CDF9AB 372568 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys
2014-01-14 20:22:59 B9D968D8E2B0F9C6301CEB39CFC9B9E4 86872 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
2014-01-14 20:22:59 A3D1CB64DF885ACE126543E6D7067348 1530200 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2014-01-14 20:22:59 9E167CDB2AEEF7994434543D0543AEEB 382808 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2014-01-14 20:22:59 3B44CB989757428208CCFCC028C13110 325464 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2014-01-14 20:22:59 139CFCDCD36B1B1782FD8C0014AC9B0E 39768 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys
2014-01-14 20:22:59 0044B31F93946D5D41982314381FE431 146776 ----a-w- C:\WINDOWS\Sysnative\drivers\SerCx2.sys
====== C:\WINDOWS\Tasks ======
2014-02-03 19:24:19 F0F6B49DC0E9DCC025B53D78510C1FA6 4182 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update
2014-01-19 20:49:55 AE5701277A236279C38EA1775DFA5D6F 3388 ----a-w- C:\WINDOWS\Sysnative\Tasks\BackgroundContainer Startup Task
2014-01-17 14:32:06 2F9EEA07170AB24C5BED70D46EFF3A2A 3090 ----a-w- C:\WINDOWS\Sysnative\Tasks\Express FilesUpdate
2014-01-15 05:15:06 286B361576B7B9887CC40A87FDD3B403 3974 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{1CF291E9-1258-4432-80A6-16A09D76D963}
2014-01-13 18:58:19 E7C317443B6951FA84C887D14358FAA1 3558 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask
2014-01-12 20:57:10 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
2014-01-12 20:45:41 1A55302B50A13573303E24A314DC303A 3594 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2305320229-306354864-743685557-1001
2014-01-12 20:38:18 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-02-09 13:28:55 -------- d-----w- C:\Program Files\trend micro
2014-01-23 05:32:54 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2014-01-23 05:28:56 -------- d-----w- C:\Program Files\n-Track
2014-01-14 20:28:39 -------- d-----w- C:\Program Files\Realtek
2014-01-14 20:28:17 -------- d-----w- C:\Program Files\Synaptics
2014-01-14 20:27:39 -------- d-----w- C:\Program Files\AMD
2014-01-14 20:19:55 -------- d-----w- C:\Program Files\Reference Assemblies
2014-01-14 20:19:55 -------- d-----w- C:\Program Files\MSBuild
2014-01-13 09:36:38 -------- d-----w- C:\Program Files\WinRAR
2014-01-12 20:56:29 -------- d-----w- C:\Program Files\Microsoft Office
======= C:\PROGRA~2 =====
2014-02-08 13:49:00 -------- d-----w- C:\PROGRA~2\COMMON~1\AVSMedia
2014-02-08 13:48:53 -------- d-----w- C:\PROGRA~2\AVS4YOU
2014-02-08 13:09:35 -------- d-----w- C:\PROGRA~2\COMMON~1\DVDVideoSoft
2014-02-08 12:52:06 -------- d-----w- C:\PROGRA~2\KaraFun
2014-02-08 10:10:55 -------- d-----w- C:\PROGRA~2\Grisoft
2014-02-03 20:23:22 -------- d-----w- C:\PROGRA~2\ZaraSoft
2014-01-27 19:54:07 -------- d-----w- C:\PROGRA~2\Newzbin
2014-01-27 19:05:17 -------- d-----w- C:\PROGRA~2\MP3 Jukebox
2014-01-19 21:04:55 -------- d-----w- C:\PROGRA~2\VirtualDJ
2014-01-19 20:48:50 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack
2014-01-19 20:48:17 -------- d-----w- C:\PROGRA~2\YouTube Song Downloader
2014-01-19 14:16:15 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2014-01-17 14:32:02 -------- d-----w- C:\PROGRA~2\ExpressFiles
2014-01-14 20:28:13 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield
2014-01-14 20:19:57 -------- d-----w- C:\PROGRA~2\Reference Assemblies
2014-01-14 20:19:57 -------- d-----w- C:\PROGRA~2\MSBuild
2014-01-13 14:26:13 -------- d-----w- C:\PROGRA~2\MediaMonkey
2014-01-13 14:19:12 -------- d-----w- C:\PROGRA~2\UnderCoverXP
2014-01-12 21:34:42 -------- d-----w- C:\PROGRA~2\Spotnet
2014-01-12 21:28:41 -------- d-----w- C:\PROGRA~2\Ashampoo
2014-01-12 21:25:14 -------- d-----w- C:\PROGRA~2\SpacialAudio
2014-01-12 21:24:44 -------- d-----w- C:\PROGRA~2\Firebird
2014-01-12 21:17:27 -------- d-----w- C:\PROGRA~2\Artisteer 4
2014-01-12 20:58:45 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
2014-01-12 20:56:26 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
======= C: =====
2014-02-08 21:01:06 F6E0EA9088A5B805EB26C4A83DB112F9 510 ----a-w- C:\0.bak
2014-01-23 05:32:56 9AD7A4BC990389C19E851517AFD25260 1398 ----a-w- C:\0
2014-01-13 14:04:00 A103FDF7348130EF3F3FEF56B1700A27 9 ----a-w- C:\END
2014-01-12 20:25:31 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Recovery.txt
====== C:\Users\djtoetta\AppData\Roaming ======
2014-02-09 13:08:16 -------- d-----w- C:\Users\ADMINI~1\AppData\Local\Temp
2014-02-08 21:36:36 -------- d-----w- C:\Users\djtoetta\AppData\Local\Temp
2014-02-08 14:17:00 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-08 13:51:18 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\AVS4YOU
2014-02-08 10:15:57 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG7
2014-02-03 20:28:02 -------- d-----w- C:\Users\djtoetta\AppData\Local\SwvUpdater
2014-02-03 20:24:47 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2014-02-03 20:23:53 -------- d-----w- C:\Users\djtoetta\AppData\Local\ZaraRadio
2014-02-03 20:23:21 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\systweak
2014-01-29 20:09:36 -------- d-----w- C:\Users\djtoetta\AppData\Local\Nero_AG
2014-01-27 20:04:08 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\SuperNZB
2014-01-27 20:00:49 -------- d-----w- C:\Users\djtoetta\AppData\Local\___
2014-01-27 19:52:55 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Newzbin
2014-01-23 05:42:35 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\n-Track Studio 7
2014-01-19 21:05:32 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-01-19 20:50:31 -------- d-----w- C:\Users\djtoetta\AppData\Local\Abelssoft
2014-01-19 20:49:54 -------- d-----w- C:\Users\djtoetta\AppData\Locallow\Conduit
2014-01-19 14:14:48 -------- d-----w- C:\Users\djtoetta\AppData\Local\Adobe
2014-01-17 14:32:02 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\ExpressFiles
2014-01-15 20:40:11 -------- d-----w- C:\Users\djtoetta\AppData\Locallow\Adobe
2014-01-14 21:25:53 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Identities
2014-01-14 21:18:59 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft
2014-01-14 21:11:02 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe
2014-01-14 20:56:41 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software
2014-01-14 20:56:41 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-01-14 20:47:19 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2014-01-14 20:47:19 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-14 20:44:03 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft
2014-01-14 20:37:25 -------- d-s---w- C:\Users\djtoetta\AppData\Roaming\Microsoft
2014-01-14 20:37:25 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-14 20:37:25 -------- d-----w- C:\Users\djtoetta\AppData\Local\Microsoft
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-14 20:27:59 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2014-01-14 16:30:38 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2014-01-13 19:16:48 -------- d-----w- C:\Users\djtoetta\AppData\Local\Diagnostics
2014-01-13 14:27:47 -------- d-----w- C:\Users\djtoetta\AppData\Local\MediaMonkey
2014-01-13 14:27:22 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\MediaMonkey
2014-01-13 13:57:39 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Nero
2014-01-13 10:01:59 -------- d-----w- C:\Users\djtoetta\AppData\Local\Avg2013
2014-01-13 09:37:00 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-13 08:07:15 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\WinRAR
2014-01-12 21:35:04 -------- d-----w- C:\Users\djtoetta\AppData\Local\Spotnet
2014-01-12 21:31:54 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Spotnet
2014-01-12 21:29:25 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Ashampoo
2014-01-12 21:29:15 -------- d-----w- C:\Users\djtoetta\AppData\Local\ashampoo
2014-01-12 21:28:03 -------- d-----w- C:\Users\djtoetta\AppData\Local\Programs
2014-01-12 21:25:17 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
2014-01-12 21:20:50 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Apple Computer
2014-01-12 21:20:50 -------- d-----w- C:\Users\djtoetta\AppData\Local\Apple Computer
2014-01-12 21:20:31 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Artisteer
2014-01-12 20:55:35 -------- d-----w- C:\Users\djtoetta\AppData\Local\Microsoft Help
2014-01-12 20:43:42 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\ATI
2014-01-12 20:43:42 -------- d-----w- C:\Users\djtoetta\AppData\Local\ATI
2014-01-12 20:41:56 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-01-12 20:40:22 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-01-12 20:38:32 -------- d-----w- C:\Users\djtoetta\AppData\Local\SRS Labs
2014-01-12 20:37:44 -------- d-----r- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-12 20:37:44 -------- d-----r- C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-12 20:37:37 -------- d-----w- C:\Users\djtoetta\AppData\Roaming\Adobe
2014-01-12 20:35:46 -------- d-----w- C:\Users\djtoetta\AppData\Local\VirtualStore
2014-01-12 20:35:29 -------- d-----w- C:\Users\djtoetta\AppData\Local\Packages
2014-01-12 20:35:28 -------- d-s---w- C:\Users\djtoetta\AppData\Locallow\Microsoft
====== C:\Users\djtoetta ======
2014-02-09 13:08:16 -------- d-----w- C:\Users\ADMINI~1\AppData
2014-02-08 21:44:37 -------- d-----w- C:\ProgramData\TOSHIBA Tempro
2014-02-08 21:44:37 -------- d-----w- C:\ProgramData\IsolatedStorage
2014-02-08 14:16:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-08 13:51:24 -------- d-----w- C:\ProgramData\AVS4YOU
2014-02-08 13:26:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-02-04 19:40:19 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp
2014-02-03 20:23:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZaraRadio
2014-02-03 19:25:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-01-28 19:59:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader
2014-01-27 19:05:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Jukebox
2014-01-26 13:48:11 -------- d---a-r- C:\Users\djtoetta\SkyDrive
2014-01-19 14:16:15 -------- d-----w- C:\ProgramData\Adobe
2014-01-17 14:09:01 -------- d--h--w- C:\ProgramData\CanonBJ
2014-01-15 19:39:42 -------- d-----w- C:\ProgramData\CanonIJWSpt
2014-01-14 21:32:34 -------- d---a-r- C:\Users\djtoetta\SkyDrive.old
2014-01-14 21:25:16 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\djtoetta\ntuser.ini
2014-01-14 20:37:25 -------- d--h--w- C:\Users\djtoetta\AppData
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\Favorites
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\Documents
2014-01-14 20:37:25 -------- d-----r- C:\Users\djtoetta\Desktop
2014-01-13 14:27:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-01-13 14:26:25 -------- d-----w- C:\ProgramData\MediaMonkey
2014-01-13 14:19:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnderCoverXP
2014-01-13 14:08:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coverXP
2014-01-13 10:12:05 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-01-13 09:51:49 -------- d--h--w- C:\ProgramData\Common Files
2014-01-13 09:37:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-13 05:26:41 -------- d--h--r- C:\Users\Public\AccountPictures
2014-01-12 21:34:41 -------- d-----w- C:\ProgramData\Spotnet
2014-01-12 21:29:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-01-12 21:28:45 -------- d-----w- C:\ProgramData\Ashampoo
2014-01-12 21:25:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
2014-01-12 21:25:14 -------- d-----w- C:\ProgramData\firebird
2014-01-12 21:24:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32)
2014-01-12 21:18:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 4
2014-01-12 20:59:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-01-12 20:55:30 -------- d-----w- C:\ProgramData\Microsoft Help
2014-01-12 20:41:55 -------- d-----w- C:\ProgramData\ToshibaEurope
2014-01-12 20:37:44 -------- d-----r- C:\Users\djtoetta\Searches
2014-01-12 20:36:31 -------- d-----r- C:\Users\djtoetta\Contacts
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Videos
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Saved Games
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Pictures
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Music
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Links
2014-01-12 20:33:34 -------- d-----r- C:\Users\djtoetta\Downloads

====== C: exe-files ==
2014-02-09 13:28:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\djtoetta.exe
2014-02-09 13:28:25 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\djtoetta\AppData\Local\Microsoft\Windows\INetCache\IE\5FP2VNUX\RSITx64.exe
2014-02-08 14:27:03 8978C47CA97AA71F0546A87FBF49A4F4 11706952 ----a-w- C:\Users\djtoetta\Downloads\AVS Audio Converter 7.0.1.477 incl crack\crack\AVSAudioConverter.exe
2014-02-08 14:17:17 F47CBD3AD658885D713FF3C4E28FB9D1 5026888 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
2014-02-08 14:17:16 D32A5DC1EE3ACD9F1BB0DFA3676FBDEE 708649 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\unins000.exe
2014-02-08 14:17:12 DE66106987F9A4C12896EC387356E471 3265096 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\Updater.exe
2014-02-08 14:17:12 D831DD74E424A4BBB37E9062A9E77950 3911752 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\AVSUpdateOptions.exe
2014-02-08 14:17:11 BA849B929ADD6C84F704688048D2DFB2 4480072 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\AVSUpdateManager.exe
2014-02-08 14:17:10 8BC5E4EF792E131791FB2B3E45F090A9 708662 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe
2014-02-08 14:17:04 8DA8FDD9195AECFD5D88BC5E58AC1AC5 715840 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe
2014-02-08 14:17:04 197D88CC9C5B21B5B7578237E73E9ED7 6115912 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe
2014-02-08 14:16:58 93A730871224D769D7F85E0EC77065E1 3739720 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\Repairing.exe
2014-02-08 14:16:57 E29DC9794FF2195315434677BF8F228E 3782216 ----a-w- C:\Program Files (x86)\AVS4YOU\Uninstall.exe
2014-02-08 14:16:57 6076E5E385C98FE062951936F93D8141 4405320 ----a-w- C:\Program Files (x86)\AVS4YOU\Registration.exe
2014-02-08 14:16:56 F5522461E040A92BDCA1EECE3D95A209 715827 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\Registration\unins000.exe
2014-02-08 14:16:04 8978C47CA97AA71F0546A87FBF49A4F4 11706952 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSAudioConverter\AVSAudioConverter.exe
2014-02-08 14:16:03 F1F1BC401E87886405F5499414317185 1899592 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSMobileDevice2iSQLiteService2.exe
2014-02-08 14:16:03 5C3005CCBACB2FBD3CD95DE1F58BB3D6 1584200 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSMobileDevice2iSyncDBService2.exe
2014-02-08 14:14:30 25263777834A4D045E37BA944C9C5931 708685 ----a-w- C:\Program Files (x86)\AVS4YOU\AVSAudioConverter\unins000.exe
2014-02-08 14:13:49 A3D08763FCC18B9DE66DB4517513E544 27795344 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\Downloads\AVSMidiPack.exe
2014-02-08 14:13:32 2705A11F34DE9F596DF76323780F0363 2273112 ----a-w- C:\Program Files (x86)\Common Files\AVSMedia\Downloads\AVSRMBinPack.exe
2014-02-08 14:05:35 1E9D0B408D23FBBC32B2C3A0EFD25FB3 46859720 ----a-w- C:\Users\djtoetta\Downloads\AVS Audio Converter 7.0.1.477 incl crack\AVSAudioConverter.exe
2014-02-08 13:10:28 C4381F0AF4DB62699DB4D87B1091CC59 349776 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\spumux.exe
2014-02-08 13:10:27 153309AF7ADFED8014F8E0A2479BCC90 389360 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dvdauthor.exe
2014-02-08 13:10:18 9962834CBB21FC1D4F861E4710F5ABA3 1256608 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\BrowserHelpersInstaller.exe
2014-02-08 13:10:17 7C17FFEB44DF076464BD9BB5D4064409 573088 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ytgroovlc.exe
2014-02-08 13:10:09 B8754571604F1109F184807E8FA5E3C4 660616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PrerequisiteCheck.exe
2014-02-08 13:10:08 EF611CF7F462DE4E04A24B4FCB45F12A 211104 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe
2014-02-08 13:10:01 9A5E999C90861CE9B7906DBF429D4238 73080 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe
2014-02-08 13:09:55 0AD9F1DEA0B1929ABABE31ABC5B43EE6 635528 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe
2014-02-08 13:09:48 9CA5F18D475CD10F025E30EC492B7502 792200 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
2014-02-08 13:09:43 79C287F70E3BB881883F814286715B57 611488 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSUpdate.exe
2014-02-08 13:09:42 5C8389F7FC759216E81B86B1E36266E0 1475736 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
2014-02-08 13:09:38 B873AD0C31B4CE5129356AAAEC2C8D8D 6440520 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
2014-02-03 20:23:33 13014E17D8DB6432FAB9BB94E01BDBF2 19544 ----a-w- C:\Windows\System32\roboot64.exe
2014-02-03 20:23:23 1A765D1C2D495F7E2FDE5584E2DE23FD 6004224 ----a-w- C:\Program Files (x86)\ZaraSoft\ZaraRadio\ZaraRadio.exe
2014-02-03 20:23:22 D04E567C35C8CCCB7FDE25BBE2DD9310 702233 ----a-w- C:\Program Files (x86)\ZaraSoft\ZaraRadio\unins000.exe
2014-02-03 20:23:21 A7B98FCDB28D633942681F92498DBD54 581960 ----a-w- C:\Users\djtoetta\AppData\Roaming\systweak\ssd\SSDPTstub.exe
2014-02-03 19:24:02 28192A2A37F52EB97EBE14DEE0F2513B 334136 ----a-w- C:\Windows\System32\aswBoot.exe
=== C: other files ==
2014-02-07 21:00:30 37DB81DFD64091D7DDC70B6DFC012D3D 112543269 ----a-w- C:\Users\djtoetta\Downloads\Riccardo Gabriel - Lied van mijn hart.zip
2014-02-07 20:59:03 01A06EA64701F0A49A10EC006AB89860 54113857 ----a-w- C:\Users\djtoetta\Downloads\Quincy - Zeg mij dat dit liefde is.zip
2014-02-07 20:58:33 4615688E78BD7E89A8105E8DE2ADA9CE 44698449 ----a-w- C:\Users\djtoetta\Downloads\John West - De allermooiste sterren.zip
2014-02-07 20:57:47 7AFD18BB4176B4FF4A1252B58E4CF6C9 50515300 ----a-w- C:\Users\djtoetta\Downloads\Henri van Velzen - Dan ga je maar!.zip
2014-02-07 20:57:16 7261F3C20821F916AA196341CFC84FD2 48580385 ----a-w- C:\Users\djtoetta\Downloads\De Teddyboys - Twee mannen als wij.zip
2014-02-05 18:59:46 90144BE8615086E46DC7593904152448 7681405 ----a-w- C:\Users\djtoetta\Downloads\frankyjordifalconduet.zip
2014-02-04 05:51:52 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-03 19:24:05 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-02-03 19:24:05 F22DE5F5BA8ADA0A861441B624B51EB5 421704 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2014-02-03 19:24:05 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-02-03 19:24:05 90399625F341AB76BA4B85A5E860EB1F 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-02-03 19:24:05 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-02-03 19:24:05 43599E630DFC30AD4E6A2B4B269EB1C0 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-03 19:24:05 0ACC3F49015E628590CA4372322EB46B 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-03 19:24:04 57483E691D635510533E081EC4CB81EC 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-02-03 19:22:07 9C9F56BC4D399454600845FC806C270C 440672 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"TPUReg"="C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h"
"TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
"TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe"
"TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe "
"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\BackgroundContainer Startup Task" ["C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Users\djtoetta\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\Express FilesUpdate" [C:\Program Files (x86)\ExpressFiles\EFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1CF291E9-1258-4432-80A6-16A09D76D963}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\WINDOWS\SysNative\tasks\Toshiba\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe]
"C:\WINDOWS\SysNative\tasks\Toshiba\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5742 folders=1718 525017675 bytes)

==== EOF on zo 09-02-2014 at 22:05:15,59 ======================

Zer0Day · 9 feb 2014

Zoek is nu 2x uitgevoerd. lol

Plaats deze log ook nog eens: C:\zoek-results2014-02-09-204642.log 1924 bytes

djtoetta · 9 feb 2014

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by djtoetta on zo 09-02-2014 at 21:40:49,80.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\djtoetta\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-08-211519.log 400 bytes
C:\zoek-results2014-02-08-214253.log 369 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\predm deleted successfully
C:\ProgramData\Avg7 deleted successfully
C:\Users\djtoetta\AppData\Roaming\dlg deleted successfully
C:\Users\djtoetta\AppData\Roaming\wurst deleted successfully
C:\Users\djtoetta\AppData\Local\Conduit deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"fst_nl_23"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Avg7 not found
C:\Program Files (x86)\predm not found
C:\Users\djtoetta\AppData\Roaming\DriverCure deleted
C:\Users\djtoetta\AppData\Roaming\ParetoLogic deleted
C:\ProgramData\ParetoLogic deleted
C:\Program Files (x86)\ParetoLogic deleted
C:\Users\djtoetta\AppData\Roaming\DVDVideoSoftIEHelpers deleted
C:\Program Files (x86)\DVDVideoSoft deleted
C:\Users\djtoetta\AppData\Roaming\DVDVideoSoft deleted
C:\Program Files (x86)\Cling Clang deleted
C:\Program Files (x86)\Mobogenie deleted
C:\Program Files (x86)\Conduit deleted
C:\ProgramData\Conduit deleted
C:\Program Files (x86)\AVG deleted
C:\Users\djtoetta\AppData\Roaming\TuneUp Software deleted
"C:\WINDOWS\tasks\AmiUpdXp.job" deleted
"C:\WINDOWS\tasks\ParetoLogic Registration3.job" deleted
"C:\WINDOWS\tasks\ParetoLogic Update Version3.job" deleted
"C:\WINDOWS\tasks\PC Health Advisor Defrag.job" deleted
"C:\WINDOWS\tasks\PC Health Advisor.job" deleted

Zer0Day · 9 feb 2014

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

Start

Zoek.exe nogmaals met het onderstaande script.

Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Code:

C:\WINDOWS\Sysnative\Tasks\BackgroundContainer Startup Task;f
C:\WINDOWS\Sysnative\Tasks\Express FilesUpdate;f
C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask;f
C:\Users\djtoetta\AppData\Locallow\Conduit;fs
C:\Users\Default\AppData\Roaming\TuneUp Software;fs
C:\Users\Default User\AppData\Roaming\TuneUp Software;fs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft;fs
C:\Program Files (x86)\Common Files\DVDVideoSoft;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"mcui_exe"=-;r
C:\Program Files\McAfee.com;fs
autoclean;

Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.

djtoetta · 9 feb 2014

Zoek.exe v5.0.0.0 Updated 07-February-2014
Tool run by djtoetta on zo 09-02-2014 at 22:40:48,58.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\djtoetta\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-02-08-211519.log 400 bytes
C:\zoek-results2014-02-08-214253.log 369 bytes
C:\zoek-results2014-02-09-204642.log 1924 bytes
C:\zoek-results2014-02-09-210515.log 28623 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2305320229-306354864-743685557-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3F479A18-E334-497D-A238-69EF235B7A6B} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"=-

==== Deleting Files \ Folders ======================

C:\Program Files\McAfee.com not found
C:\Users\djtoetta\AppData\Locallow\Conduit deleted
C:\Users\Default\AppData\Roaming\TuneUp Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft deleted
C:\Program Files (x86)\Common Files\DVDVideoSoft deleted
C:\PROGRA~2\ExpressFiles deleted
C:\PROGRA~2\COMMON~1\ParetoLogic deleted
C:\Users\djtoetta\AppData\Roaming\ExpressFiles deleted
C:\Users\djtoetta\AppData\Roaming\systweak deleted
C:\Users\djtoetta\AppData\Local\SwvUpdater deleted
C:\Users\djtoetta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted
C:\WINDOWS\SysNative\roboot64.exe deleted
C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted
C:\windows\SysNative\Tasks\Express FilesUpdate deleted
C:\END deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
"C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask" deleted
"C:\windows\Installer\ef5b.msi" deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{7474525B-54C4-476A-A252-8F1CEC740D2E}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{7474525B-54C4-476A-A252-8F1CEC740D2E} Unknown Url="Not_Found"
{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2305320229-306354864-743685557-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7474525B-54C4-476A-A252-8F1CEC740D2E} deleted successfully
HKEY_USERS\S-1-5-21-2305320229-306354864-743685557-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\djtoetta\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\djtoetta\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6127 folders=1793 639850522 bytes)

==== Empty Temp Folders ======================

C:\Users\ADMINI~1\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\djtoetta\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\djtoetta\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 09-02-2014 at 22:58:54,68 ======================

Zer0Day · 9 feb 2014

Download

AdwCleaner by Xplode naar het bureaublad.

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

djtoetta · 9 feb 2014

# AdwCleaner v3.018 - Report created 09/02/2014 at 23:15:50
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : djtoetta - RICHARDPC
# Running from : C:\Users\djtoetta\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

*************************

AdwCleaner[R0].txt - [1925 octets] - [09/02/2014 23:06:48]
AdwCleaner[R1].txt - [1985 octets] - [09/02/2014 23:10:09]
AdwCleaner[S0].txt - [1715 octets] - [09/02/2014 23:15:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1775 octets] ##########

Zer0Day · 9 feb 2014

Hoe gaat het nu met de problemen?

djtoetta · 10 feb 2014

de problemen zijn weg,super bedankt

programma zoals zoek.exe en AdwCleaner verwijderen
op beter alles info bestanden bewaren ivm terug komende probleem

en deze bestanden C:\zoek-results2014-02-09-204642.log 1924 bytes en andere

Zer0Day · 10 feb 2014

Om de gebruikte tools te verwijderen en systeemherstel te resetten mag je om af te sluiten het volgende nog uitvoeren:

Download

Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

Activate UAC
Remove disinfection tools
Purge System Restore

Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

djtoetta · 10 feb 2014

is gedaan , en bedankt

Zer0Day · 10 feb 2014

Graag gedaan! (gt)

djtoetta · 10 feb 2014

alleen de snelkoppeling zijn wit ipv afbeelding van programma

melding tijdens start

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta

Zer0Day

Niet meer actief

djtoetta