Eerst even de gebruikerservaring: Heb sinds kort Windows 8, nog niet al teveel ervaring mee. Windows firewall uitgeschakeld. Dan dat eerste stukje met “zoekzip”. Kost me nog veel moeite, omdat er bij aanklikken een scherm verschijnt met 3 mogelijkheden. Op 1 of andere manier toch dat invulvenster gekregen, codes er in geplakt, run script, herstart en een logje gekregen:
Zoek.exe Version 4.0.0.5 Updated 17-October-2013
Tool run by Henk on ma 21-10-2013 at 11:19:46,47.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Henk\Downloads\zoek (2)\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-10-21-091237.log 4408 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Henk\Downloads\zoek (2)\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==== Deleting Services ======================
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8137 MB
CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
CPU Speed: 3420,4 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: NVIDIA GeForce GTX 660 | NVIDIA GeForce GTX 660 | NVIDIA GeForce GTX 660
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (G: | ) G: TSSTcorpCDDVDW SH-216AB
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 1801,2GB | D: 60,1GB
Hard Disks - Free: C: 1274,3GB | D: 45,9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | | MEDION - 11112011
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDION MS-7797
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 30.0.1599.101
Internet Explorer Version: 10.0.9200.16721
Google Chrome version: 30.0.1599.101
Adobe Reader version: 11.0.04.63
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Henk\AppData\Local\Temp ====
2013-10-17 19:08:18 E3E996C956E09C030061FC15313ECADA 719952 —-a-w- C:\Users\Henk\AppData\Local\Temp\{1D181764-DCD0-41B8-AA7B-0A599F027A72}\adobe_oobelib.dll
2013-10-17 19:08:17 14CECA68096B9DB11E01A0C90BC7377E 151632 —-a-w- C:\Users\Henk\AppData\Local\Temp\{1D181764-DCD0-41B8-AA7B-0A599F027A72}\asneu.dll
====== C:\Windows\SysWOW64 =====
2013-10-13 08:03:43 594C715F554206032FE8C8AC9FF8F440 17561088 —-a-w- C:\Windows\SysWOW64\shell32.dll
2013-10-13 08:03:41 D8FED3E93970890FC25C5D378E6A5BD6 893952 —-a-w- C:\Windows\SysWOW64\msctf.dll
2013-10-13 08:03:41 5363A9B4FA7DB5E3B1025411CBF9977F 8858112 —-a-w- C:\Windows\SysWOW64\twinui.dll
2013-10-13 08:03:38 E2C9A11BC849BC39384A8C430F17B63C 158208 —-a-w- C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-13 08:03:38 7DD1611953A4CB01F9E3287E86629172 356352 —-a-w- C:\Windows\SysWOW64\SettingSync.dll
2013-10-13 08:03:38 7D98A4A02FEA4C24A2EA9D8978E6CAB5 2035712 —-a-w- C:\Windows\SysWOW64\authui.dll
2013-10-13 08:03:38 42946DF60DA82E1350AB6D636AE19B3D 199168 —-a-w- C:\Windows\SysWOW64\shdocvw.dll
2013-10-13 08:03:33 BB9B1E4AD29328FAFCA5A9AD05BC9554 1245696 —-a-w- C:\Windows\SysWOW64\wdc.dll
2013-10-13 08:03:32 831EB87A22B5011908334B8481289948 437248 —-a-w- C:\Windows\SysWOW64\wvc.dll
2013-10-13 08:03:32 2A4C4B4921AD0DE90D4DFCD6E4CF8B84 399360 —-a-w- C:\Windows\SysWOW64\sysmon.ocx
2013-10-13 08:03:24 1136EC767D7915D0F945E38BBC64024C 541696 —-a-w- C:\Windows\SysWOW64\comctl32.dll
2013-10-13 08:03:23 FA15B8EC5D74FCBEAD5D400D95DD67B3 44032 —-a-w- C:\Windows\SysWOW64\UXInit.dll
2013-10-13 08:03:23 BFDD0C5F3E435596F197F003609989C4 61440 —-a-w- C:\Windows\SysWOW64\iesetup.dll
2013-10-13 08:03:23 61DC3F2BE3093FE22CD717260946D7AD 1141248 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2013-10-13 08:03:23 2CD665EF1353721341B789B78E25B3AC 534528 —-a-w- C:\Windows\SysWOW64\uxtheme.dll
2013-10-13 08:03:22 E4FEB264B47360B7296AEA4E052F88D8 1767936 —-a-w- C:\Windows\SysWOW64\wininet.dll
2013-10-13 08:03:22 ADE7AE4478D5B2095FDE6FAB86B300E6 2706432 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-10-13 08:03:22 883C0D3A22CE87A3203CD5518EBB5758 493056 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-10-13 08:03:22 87B775A458A73BB7381E5B67B5652496 39424 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-10-13 08:03:22 3FA7F736B877B46EDF1EE6BE6051848D 33280 —-a-w- C:\Windows\SysWOW64\iernonce.dll
2013-10-13 08:03:21 A7CFDA703AF9AD409DAA521487E0CB53 109056 —-a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-10-13 08:03:21 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2013-10-13 08:03:10 E02C01EB0ED522327AFF3BE5CBCF6017 690688 —-a-w- C:\Windows\SysWOW64\jscript.dll
2013-10-13 08:03:10 5A847E98EAF032928E67EE52DE08952D 2876928 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2013-10-13 08:03:10 122B216B091D06F672CC8D331128FB06 2048512 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2013-10-13 08:03:06 A7221924181C8EB92B64C5A2D888BEA5 14335488 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2013-10-13 08:02:44 57F794FDACC45FABCEFE7C941EF8413F 35328 —-a-w- C:\Windows\SysWOW64\atmlib.dll
2013-10-13 08:02:44 27E18DC09423730863241E3F207A36C4 300032 —-a-w- C:\Windows\SysWOW64\atmfd.dll
2013-10-13 08:02:38 80E99EF897E98BFF0C1579FC9024F724 102608 —-a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-10-14 19:00:54 D5A34A28300C3ABD58B13315526557EC 1998104 —-a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2013-10-13 08:03:50 4416D7F0F05098711EA45C9D95610A6E 19758080 —-a-w- C:\Windows\Sysnative\shell32.dll
2013-10-13 08:03:42 09B07DFC6792D49516073FEF024315C9 10116608 —-a-w- C:\Windows\Sysnative\twinui.dll
2013-10-13 08:03:41 F85D33830D2655FB2916667579D45725 1125888 —-a-w- C:\Windows\Sysnative\msctf.dll
2013-10-13 08:03:39 DFB8703836AF863A25FC55BF88176591 222208 —-a-w- C:\Windows\Sysnative\shdocvw.dll
2013-10-13 08:03:39 7D5FEB67505A6D983F5D8AE0B474581D 2304512 —-a-w- C:\Windows\Sysnative\authui.dll
2013-10-13 08:03:39 5690B3793FD93716EF4C5CE71D9FF156 448512 —-a-w- C:\Windows\Sysnative\SettingSync.dll
2013-10-13 08:03:38 755059FD6A758EA4413B58A1B423E7D1 128512 —-a-w- C:\Windows\Sysnative\SettingSyncInfo.dll
2013-10-13 08:03:38 6A4B9FBC1E88C400AD671A50DADFA84D 386923 —-a-w- C:\Windows\Sysnative\ApnDatabase.xml
2013-10-13 08:03:38 60CF5B27BBEF38F11729B847541E33A3 225280 —-a-w- C:\Windows\Sysnative\mbsmsapi.dll
2013-10-13 08:03:35 CA45D615BA0102CEDE9C25F4C6EE0983 1374208 —-a-w- C:\Windows\Sysnative\wdc.dll
2013-10-13 08:03:34 20E76634DE7792397261A8AC442B9ACB 566784 —-a-w- C:\Windows\Sysnative\wvc.dll
2013-10-13 08:03:32 EEB55974CFE4DB0B4FC840E6101090B8 462336 —-a-w- C:\Windows\Sysnative\sysmon.ocx
2013-10-13 08:03:24 8A8DB47DDF6B2118DF4D1561CEA586B3 652288 —-a-w- C:\Windows\Sysnative\comctl32.dll
2013-10-13 08:03:23 F827BD7A09F9FCDF76AB2C3E27650E71 2706432 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2013-10-13 08:03:22 AD00E5D3B748150CF1A53A1ABB52E320 53760 —-a-w- C:\Windows\Sysnative\UXInit.dll
2013-10-13 08:03:22 882AC0DD997CFC90FBB468D698BD55C6 1365504 —-a-w- C:\Windows\Sysnative\urlmon.dll
2013-10-13 08:03:22 214E39F0A8E382F1889B26B46DE0AF81 603136 —-a-w- C:\Windows\Sysnative\msfeeds.dll
2013-10-13 08:03:21 E80F66239BCA6CDECC360CA78CECAE61 67072 —-a-w- C:\Windows\Sysnative\iesetup.dll
2013-10-13 08:03:21 C4DDAC3F3062739C4C2BB759B36E005D 51712 —-a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-10-13 08:03:21 547FFE0E4C267FAB1299F2334C728F59 39936 —-a-w- C:\Windows\Sysnative\iernonce.dll
2013-10-13 08:03:19 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 —-a-w- C:\Windows\Sysnative\ieframe.dll
2013-10-13 08:03:19 901D4A3CB11BE92DE65FE52C6258B5FA 915968 —-a-w- C:\Windows\Sysnative\uxtheme.dll
2013-10-13 08:03:19 7B4E06047031B2AAA4AE10F00C59BFC7 855552 —-a-w- C:\Windows\Sysnative\jscript.dll
2013-10-13 08:03:18 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 —-a-w- C:\Windows\Sysnative\wininet.dll
2013-10-13 08:03:18 38BEBBC4CF9FE6566262F0037DF843BF 136704 —-a-w- C:\Windows\Sysnative\iesysprep.dll
2013-10-13 08:03:18 194125E7839D4902F2490A70049E8F78 53248 —-a-w- C:\Windows\Sysnative\jsproxy.dll
2013-10-13 08:03:17 F026C6F104758D0EB215B017016FAE27 19252224 —-a-w- C:\Windows\Sysnative\mshtml.dll
2013-10-13 08:03:10 D383602755758FA81166B0FD8AFE6D40 3959296 —-a-w- C:\Windows\Sysnative\jscript9.dll
2013-10-13 08:03:10 199BD40B1890E1EEFF7438B59787534F 2647552 —-a-w- C:\Windows\Sysnative\iertutil.dll
2013-10-13 08:02:44 FD16BDF463EF68ADD48026ACCEA100B8 362496 —-a-w- C:\Windows\Sysnative\atmfd.dll
2013-10-13 08:02:44 469A5DCF1E51DC9AF03CE1B3B4360DEE 46080 —-a-w- C:\Windows\Sysnative\atmlib.dll
2013-10-13 08:02:43 86665E9EBE033CCF6A6041A025F56E6B 4040192 —-a-w- C:\Windows\Sysnative\win32k.sys
2013-10-13 08:02:38 20E0FC5F724B85CA09C82D2776E84C5E 124112 —-a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
====== C:\Windows\Sysnative\drivers =====
2013-10-20 15:00:49 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-10-17 19:12:39 DAEF5180E390E56F354FE6D69D354EBC 11376 ——w- C:\Windows\Sysnative\drivers\cdralw2k.sys
2013-10-17 19:12:39 13E531377E9BAA6E37F6471E0E8277AC 10864 ——w- C:\Windows\Sysnative\drivers\cdr4_xp.sys
2013-10-17 19:12:39 07D57B890DD5693A6AB660CBAE8F91B4 56336 ——w- C:\Windows\Sysnative\drivers\PxHlpa64.sys
2013-10-13 08:03:41 37D85E873C9531A2F88DD9C63D3F8A9E 2233688 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-13 08:02:47 E2C933EDBC389386EBE6D2BA953F43D8 785624 —-a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-13 08:02:47 11876881E87BACEBBCEE41A037614D48 54488 —-a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2013-10-13 08:02:46 AD91D1BBE5D3CF4501887DC1C09384FD 43008 —-a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-13 08:02:46 9FDBA6982582A6F2354144980F641E7B 25600 —-a-w- C:\Windows\Sysnative\drivers\usbprint.sys
2013-10-13 08:02:46 9EF7C01D3ACCBC243B5CB1A95865B2FF 210560 —-a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
2013-10-13 08:02:46 9E9F21FF91D7ECC0BCCB94D3FE52A959 121984 —-a-w- C:\Windows\Sysnative\drivers\USBAUDIO.sys
2013-10-13 08:02:46 427B6DB8C05A5A977E8C3525370A2595 99328 —-a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-13 08:02:46 346DEF1A9DB0B4133CE0FA38AAF565C0 32768 —-a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-13 08:02:46 2C2A9A4D53DC90A5195BB51F0A4B1E21 83968 —-a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-13 08:02:40 F8C2A832DF9403F5EA8080CBDBDA95FB 623448 —-a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2013-10-13 08:02:40 C976C4306F9AE133D6BBD47FDFC3BF92 120832 —-a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-13 08:02:40 B24FDEB1B18496F1B463782235AA3AF1 79192 —-a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-13 08:02:40 9F83642C3709D1A4DD49EEE9F48F839D 21848 —-a-w- C:\Windows\Sysnative\drivers\usbd.sys
2013-10-13 08:02:40 7CB7E04259F323D051A10515B8863564 498008 —-a-w- C:\Windows\Sysnative\drivers\usbport.sys
2013-10-13 08:02:40 1ABF657259DB57F7E5558E4DF1357C0C 32256 —-a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-13 08:02:36 B1E910DDC08A8536116214326124903C 447320 —-a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2013-10-13 08:02:36 8DC398D7B8E02C929A2096E74A170970 337752 —-a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS
2013-10-13 08:02:36 061BA3EE0D2BE17944990544008CF190 213336 —-a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS
====== C:\Windows\Tasks ======
2013-10-21 09:20:19 6DC2C352FCE337B98962A6DBEE145D82 3176 —-a-w- C:\Windows\Sysnative\Tasks\{ADA1C938-677F-4AA7-A64A-4E6EF30859B7}
2013-10-21 08:55:34 535F970CACD52432E2EB237765C9EE13 3176 —-a-w- C:\Windows\Sysnative\Tasks\{75AA6AA4-1E62-49DF-87DB-37982C006017}
2013-10-17 19:27:40 FAA38AD8711F03C72C590DF74BAF1CB6 3510 —-a-w- C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vandongen.h@casema.nl
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-20 17:47:20 ——– d—–w- C:\Program Files\trend micro
2013-10-17 19:16:44 ——– d—–w- C:\Program Files\Common Files\Adobe
======= C:\PROGRA~2 =====
2013-10-20 15:16:57 ——– d—–w- C:\PROGRA~2\ESET
2013-10-17 19:12:18 ——– d—–w- C:\PROGRA~2\COMMON~1\Sonic Shared
2013-10-17 19:12:17 ——– d—–w- C:\PROGRA~2\COMMON~1\PX Storage Engine
======= C: =====
====== C:\Users\Henk\AppData\Roaming ======
2013-10-20 15:00:09 ——– d—–w- C:\Users\Henk\AppData\Local\Programs
====== C:\Users\Henk ======
2013-10-18 07:49:34 680E65246E7BB601926F2A2532574C78 2825952 —-a-w- C:\Users\Henk\Downloads\ib2012_win_setup.exe
2013-10-17 19:21:37 ——– d—–w- C:\ProgramData\regid.1986-12.com.adobe
2013-10-14 18:39:05 31E39E9FF261030F71C0209C016580F4 1048960 —-a-w- C:\Users\Henk\Downloads\adwcleaner.exe
====== C: exe-files ==
2013-10-21 08:19:21 08DB1EDAB16776735737010977AD372C 3471872 —-a-w- C:\Users\Henk\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\c90a458f0cde984362fd7418931f9a6e\Map.ni.exe
2013-10-21 08:19:07 37F7976921973BD96CE521FAA043CAB7 169472 —-a-w- C:\Users\Henk\AppData\Local\Packages\53267Brainstorm.Write_dqdhfj1tb6en6\AC\Microsoft\CLR_v4.0_32\NativeImages\Write\14660fe8a9ad69c37914edf5b908f087\Write.ni.exe
2013-10-20 17:47:20 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Henk.exe
2013-10-20 17:47:08 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QL3I1FFH\RSITx64.exe
2013-10-20 15:17:01 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-10-20 15:17:01 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-10-20 15:17:01 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-10-20 15:17:01 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-10-20 15:17:01 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-10-20 15:16:40 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6K283MD\esetsmartinstaller_enu.exe
2013-10-20 15:00:00 683FDD3D773C58B262DC07CD0C6CE938 10285040 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6K283MD\mbam-setup-1.75.0.1300.exe
2013-10-18 08:26:56 680E65246E7BB601926F2A2532574C78 2825952 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6K283MD\ib2012_win_setup (1).exe
2013-10-18 07:49:34 680E65246E7BB601926F2A2532574C78 2825952 —-a-w- C:\Users\Henk\Downloads\ib2012_win_setup.exe
2013-10-17 19:09:17 8F101DD2F46E59469FE0F599DA0530F2 2066272 —-a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_30.0.1599.69_chrome_updater.exe
2013-10-16 14:04:37 EB8EEB98D01B5D31898D8E53C3789832 59784 —-atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-10-16 14:04:37 CEFEBDB9E274BD90C12D131ED25CC819 59784 —-atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-10-16 14:04:37 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 —-a-w- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-10-16 14:04:36 CF7B0E597C1F34E528285495721DEEE9 237960 —-atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-10-16 14:04:36 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 —-atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-10-16 14:04:35 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-10-16 14:04:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 —-a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-10-15 10:03:34 5E7AD319FAA1E18E03A259B88F7AD559 2071040 —-a-w- C:\Users\Henk\AppData\Local\Packages\AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8\AC\Microsoft\CLR_v4.0\NativeImages\AccuWeatherMetro.UI\f95cb6dc885e367d8ecc6f966eea9ff7\AccuWeatherMetro.UI.ni.exe
2013-10-15 10:03:26 F2F71207FC3474C3E74E3EA575B34213 8322048 —-a-w- C:\Users\Henk\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Adera\842b1b8ab5a22224629f7523b4a1c14a\Adera.ni.exe
2013-10-14 18:39:05 31E39E9FF261030F71C0209C016580F4 1048960 —-a-w- C:\Users\Henk\Downloads\adwcleaner.exe
2013-10-14 18:37:23 31E39E9FF261030F71C0209C016580F4 1048960 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6K283MD\adwcleaner.exe
=== C: other files ==
2013-10-21 08:59:45 6402A131EDA24882A5C664B44C999033 2518754 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\56D6LL57\Z-Analyse.zip
2013-10-21 08:40:25 6402A131EDA24882A5C664B44C999033 2518754 —-a-w- C:\Users\Henk\Downloads\Z-Analyse.zip
2013-10-20 15:00:49 0BB97D43299910CBFBA59C461B99B910 25928 —-a-w- C:\Windows\System32\Drivers\mbam.sys
2013-10-17 19:12:39 DAEF5180E390E56F354FE6D69D354EBC 11376 ——w- C:\Windows\System32\Drivers\cdralw2k.sys
2013-10-17 19:12:39 13E531377E9BAA6E37F6471E0E8277AC 10864 ——w- C:\Windows\System32\Drivers\cdr4_xp.sys
2013-10-17 19:12:39 07D57B890DD5693A6AB660CBAE8F91B4 56336 ——w- C:\Windows\System32\Drivers\PxHlpa64.sys
2013-10-14 20:08:59 2518783D12BFBD7535BF3756C30521B3 29184 —-a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1MX8RF3F\beelden.zip
==== Startup Registry Enabled ======================
“LaunchList”=“C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe”
“MyTomTomSA.exe”=“C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“IAStorIcon”=“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60”
“CLMLServer_For_P2G8”=“C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe”
“CLVirtualDrive”=“C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R”
“RemoteControl10”=“C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
“EEventManager”=“C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“LaunchList”=“C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe”
“MyTomTomSA.exe”=“C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
==== Startup Registry Enabled x64 ======================
“RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“AdobeAAMUpdater-1.0”=“C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
==== Startup Folders ======================
2013-03-18 10:48:11 1239 —-a-w- C:\Users\Henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a——– C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a——– C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
==== Chrome Look ======================
YouTube - Henk - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Henk - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome In-App Payments service - Henk - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Henk - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage deleted successfully
C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully
C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_blekko.com_0.localstorage deleted successfully
C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_blekko.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
New Values:
“Start Page”=“http://www.startpagina.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR”
{324419C7-2BAB-4C18-B91D-6FEFFAAA6F91} Bing Url=“http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe” 60
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe” /R
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-154551-44482-15/4 (file missing) (HKCU)
O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-154551-44482-15/4 (file missing) (HKCU)
O11 - Options group: Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Henk\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Henk\AppData\Local\DriverTuner” not found
==== EOF on ma 21-10-2013 at 11:33:04,97 ======================
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
