verwijzen naar dit topic Kan geen herstelpunt meer maken met win 7
Op aanraden van swake
- Status
@Tuts, zoals je vroeg
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:37, on 26/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2014\WebProxy.exe
C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\PopTray\PopTray.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\ApVxdWin.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavBckPT.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\syswow64\MsiExec.exe
C:\Users\Gebruiker\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Object moved
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [XFastUsb] "C:\Program Files (x86)\XFastUsb\XFastUsb.exe"
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - Startup: PopTray.lnk = C:\Program Files (x86)\PopTray\PopTray.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11038 bytes
grtn
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:37, on 26/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2014\WebProxy.exe
C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\PopTray\PopTray.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\ApVxdWin.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavBckPT.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\syswow64\MsiExec.exe
C:\Users\Gebruiker\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Object moved
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [XFastUsb] "C:\Program Files (x86)\XFastUsb\XFastUsb.exe"
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - Startup: PopTray.lnk = C:\Program Files (x86)\PopTray\PopTray.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11038 bytes
grtn
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
Download
Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).
Download
- Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
- Dubbelklik op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
- Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
Code:
autoclean;
emptyclsid;
startupall;
filesrcm;- De optie "Scan All Users" staat standaard aangevinkt.
- Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
- Post het geopende logje in het volgende bericht.
De gevraagde log:
Zoek.exe v5.0.0.0 Updated 25-January-2014
Tool run by Gebruiker on ma 27/01/2014 at 18:44:54,79.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-01-27-172116.log 348 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Gebruiker\AppData\Roaming\burnaware.ini deleted
C:\Users\Gebruiker\AppData\Roaming\Splashtop deleted
C:\ProgramData\Splashtop deleted
C:\Windows\Syswow64\RegistryHelperLM.ocx deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\BackService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll" deleted
"C:\PROGRA~2\Splashtop" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-01-16 22:16:38 79DB9D54184340BD2D0B7FB86BBEBCEA 2451287 ----a-w- C:\Windows\wvmb.exe
2014-01-08 17:44:36 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== Java Cache =====
2014-01-18 10:42:35 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-1d1699df
2014-01-11 13:19:48 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-3e2c2d33
2014-01-18 13:31:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-3c2db03f
====== C:\Windows\SysWOW64 =====
2014-01-18 10:42:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-01-18 10:42:20 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
2014-01-18 10:42:20 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 10:42:19 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-15 12:43:02 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2014-01-18 10:02:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-01-15 12:43:03 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 12:43:03 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 12:43:03 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 12:43:03 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 12:43:03 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 12:43:03 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 12:43:03 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 12:43:01 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-19 20:29:34 -------- d-----w- C:\PROGRA~2\BurnAware Free
2014-01-18 10:48:10 -------- d-----w- C:\PROGRA~2\Belgium Identity Card
2014-01-18 10:42:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2014-01-18 10:42:14 -------- d-----w- C:\PROGRA~2\Java
2014-01-08 10:09:51 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2014-01-08 10:09:51 -------- d-----w- C:\PROGRA~2\Adobe
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2014-01-16 10:04:45 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\SanDisk SecureAccess
2014-01-08 17:45:02 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
====== C:\Users\Gebruiker ======
2014-01-19 20:29:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2014-01-18 10:48:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2014-01-18 10:42:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-01-18 10:36:43 -------- d-----w- C:\ProgramData\Oracle
====== C: exe-files ==
2014-01-27 17:10:54 F31CF1815F076383ADEE3229A5288577 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3843751949-1623791028-3433357071-1000\$I7MJVYQ.exe
2014-01-26 18:06:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3843751949-1623791028-3433357071-1000\$R7MJVYQ.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-3843751949-1623791028-3433357071-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"
"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"THX TruStudio NB Settings"="C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe /r"
"UpdReg"="C:\Windows\UpdReg.EXE"
"XFastUsb"="C:\Program Files (x86)\XFastUsb\XFastUsb.exe"
"STCAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
"ZyngaGamesAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE /s"
"SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
==== Startup Folders ======================
2013-05-14 17:45:03 991 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PopTray.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 15:22]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/03/2013 21:33]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [14/05/2012 15:36]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AsrXTU" [C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{03165DF6-264B-4764-B7C5-F6460949C973}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{69CB54CA-FA50-43A3-B548-B62CC5121BDC}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{825AA3CA-DAD8-4074-AFF2-B201D3BFA90E}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{89B23FEA-48B9-4B3B-9048-34EF9823F59E}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{A333D075-D689-4546-95EC-BA503EC8BE46}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{AEDBD729-10A3-4A10-9CCA-58D908721C16}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{BA7C2A8F-C1F2-4898-AA73-EDED94BCB180}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{BB86A209-53D1-4246-B356-C4F29C80642F}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{C525B27D-143C-49EE-BE39-33A1816F9452}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{CCEF9A1A-8717-4EB4-B8EB-178202C272FC}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{F6D1FF3A-A868-4D9F-BE0E-71F66B35A509}" [C:\Program Files\Speccy\Speccy64.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
adldappccjhelkmbkpiibilgnnjakieg - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C0EBFE2D-5835-46fb-8A28-C6ED6D0A4667} Google Url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q={searchTerms}"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\Splashtop" not found
==== EOF on ma 27/01/2014 at 19:01:50,37 ======================
Zoek.exe v5.0.0.0 Updated 25-January-2014
Tool run by Gebruiker on ma 27/01/2014 at 18:44:54,79.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-01-27-172116.log 348 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Gebruiker\AppData\Roaming\burnaware.ini deleted
C:\Users\Gebruiker\AppData\Roaming\Splashtop deleted
C:\ProgramData\Splashtop deleted
C:\Windows\Syswow64\RegistryHelperLM.ocx deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\BackService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames\ZyngaGames.dll" deleted
"C:\PROGRA~2\Splashtop" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect IE Software Updater" not deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins" deleted
"C:\PROGRA~2\Splashtop\Splashtop Connect\plugins\zyngagames" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-01-16 22:16:38 79DB9D54184340BD2D0B7FB86BBEBCEA 2451287 ----a-w- C:\Windows\wvmb.exe
2014-01-08 17:44:36 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== Java Cache =====
2014-01-18 10:42:35 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-1d1699df
2014-01-11 13:19:48 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-3e2c2d33
2014-01-18 13:31:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-3c2db03f
====== C:\Windows\SysWOW64 =====
2014-01-18 10:42:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-01-18 10:42:20 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
2014-01-18 10:42:20 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 10:42:19 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-15 12:43:02 F2BF71FCEAB8FB8A691408C478E2FF4C 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2014-01-18 10:02:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2014-01-15 12:43:03 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 12:43:03 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 12:43:03 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 12:43:03 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 12:43:03 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 12:43:03 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 12:43:03 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 12:43:01 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-19 20:29:34 -------- d-----w- C:\PROGRA~2\BurnAware Free
2014-01-18 10:48:10 -------- d-----w- C:\PROGRA~2\Belgium Identity Card
2014-01-18 10:42:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2014-01-18 10:42:14 -------- d-----w- C:\PROGRA~2\Java
2014-01-08 10:09:51 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2014-01-08 10:09:51 -------- d-----w- C:\PROGRA~2\Adobe
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2014-01-16 10:04:45 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\SanDisk SecureAccess
2014-01-08 17:45:02 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
====== C:\Users\Gebruiker ======
2014-01-19 20:29:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2014-01-18 10:48:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2014-01-18 10:42:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-01-18 10:36:43 -------- d-----w- C:\ProgramData\Oracle
====== C: exe-files ==
2014-01-27 17:10:54 F31CF1815F076383ADEE3229A5288577 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3843751949-1623791028-3433357071-1000\$I7MJVYQ.exe
2014-01-26 18:06:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3843751949-1623791028-3433357071-1000\$R7MJVYQ.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-3843751949-1623791028-3433357071-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"
"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"THX TruStudio NB Settings"="C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe /r"
"UpdReg"="C:\Windows\UpdReg.EXE"
"XFastUsb"="C:\Program Files (x86)\XFastUsb\XFastUsb.exe"
"STCAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
"ZyngaGamesAgent"="C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE /s"
"SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
==== Startup Folders ======================
2013-05-14 17:45:03 991 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PopTray.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 15:22]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/03/2013 21:33]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [14/05/2012 15:36]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AsrXTU" [C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000Core" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3843751949-1623791028-3433357071-1000UA" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{03165DF6-264B-4764-B7C5-F6460949C973}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{69CB54CA-FA50-43A3-B548-B62CC5121BDC}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{825AA3CA-DAD8-4074-AFF2-B201D3BFA90E}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{89B23FEA-48B9-4B3B-9048-34EF9823F59E}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{A333D075-D689-4546-95EC-BA503EC8BE46}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{AEDBD729-10A3-4A10-9CCA-58D908721C16}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{BA7C2A8F-C1F2-4898-AA73-EDED94BCB180}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{BB86A209-53D1-4246-B356-C4F29C80642F}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{C525B27D-143C-49EE-BE39-33A1816F9452}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{CCEF9A1A-8717-4EB4-B8EB-178202C272FC}" [C:\Program Files (x86)\XFastUsb\XFastUsb.exe]
"C:\Windows\SysNative\tasks\{F6D1FF3A-A868-4D9F-BE0E-71F66B35A509}" [C:\Program Files\Speccy\Speccy64.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
adldappccjhelkmbkpiibilgnnjakieg - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1[]
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C0EBFE2D-5835-46fb-8A28-C6ED6D0A4667} Google Url="http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4107735745&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4107735745&q={searchTerms}"
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\Splashtop" not found
==== EOF on ma 27/01/2014 at 19:01:50,37 ======================
ok, doe nog even dit:
Download
AdwCleaner by Xplode naar het bureaublad.
Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.
Download
- Sluit alle openstaande vensters.
- Dubbelklik op AdwCleaner om hem te starten.
- Klik vervolgens op Verwijderen.
- Klik bij AdwCleaner – Informatie op OK
- Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.
De gevraagde log:
# AdwCleaner v3.017 - Report created 28/01/2014 at 14:35:23
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gebruiker - GEBRUIKER-PC
# Running from : C:\Users\Gebruiker\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\DeviceVM
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\NCH Software
File Deleted : C:\Windows\System32\Tasks\NCH Software
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_lyrics-plugin_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_lyrics-plugin_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{385F1935-3784-48D0-A61F-6385493DED3C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\Software\VideoDownloadConverter
Key Deleted : HKLM\Software\YourFileDownloader
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[ File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5414 octets] - [28/01/2014 14:33:15]
AdwCleaner[S0].txt - [4945 octets] - [28/01/2014 14:35:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5005 octets] ##########
# AdwCleaner v3.017 - Report created 28/01/2014 at 14:35:23
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gebruiker - GEBRUIKER-PC
# Running from : C:\Users\Gebruiker\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\DeviceVM
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Users\Gebruiker\AppData\Roaming\NCH Software
File Deleted : C:\Windows\System32\Tasks\NCH Software
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_lyrics-plugin_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_lyrics-plugin_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{385F1935-3784-48D0-A61F-6385493DED3C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\Software\VideoDownloadConverter
Key Deleted : HKLM\Software\YourFileDownloader
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[ File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5414 octets] - [28/01/2014 14:33:15]
AdwCleaner[S0].txt - [4945 octets] - [28/01/2014 14:35:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5005 octets] ##########
Sluit alle openstaande vensters
Zoek.exe mag je eveneens verwijderen van je bureaublad.
Download CCleaner. (Als je het nog niet hebt)
Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.
Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.
Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.
Sluit hierna CCleaner terug af.
- Start AdwCleaner en klik Deinstallatie.
- Klik op "Ja"
Zoek.exe mag je eveneens verwijderen van je bureaublad.
Download CCleaner. (Als je het nog niet hebt)
Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.
Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.
Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.
Sluit hierna CCleaner terug af.
lukt het ondertussen terug om een herstelpunt aan te maken?
Indien niet, stel ik voor om verder te gaan dan in je oorspronkelijke topic zodat alle medewerkers tips kunnen geven.
Indien niet, stel ik voor om verder te gaan dan in je oorspronkelijke topic zodat alle medewerkers tips kunnen geven.
- Status