Snap.do niet te verwijderen

Wil

07-05-2014 16:18

Goede middag allen!
Mijn google chrome browser was afgelopen week gekaapt door de zgn “snap.do searchbar” Ik kon dit niet weg krijgen uit chrome, en heb nu dus maar chrome in zijn geheel verwijderd. Ik heb het stappenplan doorlopen, en als extra ook met div online scanners aan de slag geweest. Volgens geen van alleen heb ik malware/virussen op de pc. Alleen als ik ik mijn lijst met programma's kijk, het venster waar je programma's kunt wijzigen en verwijderen, dan zie ik Snap.Do en Snap.Do engine nog altijd in de lijst staan en deze laten zich niet verwijderen. Ik heb ze ook geprobeerd in de veilige modus (f8) te verwijderen, maar zonder resultaat.
Heeft iemand een idee?
Groet, Wil
Wil

07-05-2014 16:20

Ohja, misschien wel zo handig om meteen een log te plaatsen
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:13, on 7-5-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
C:\Users\Willem\Desktop\Onderhoud en Beveiliging\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe” -app -hosterid:1
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe” -nosplash -minimized
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\panda4_0dn” /f (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘Default user’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - https://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 14505 bytes
Ben

07-05-2014 16:36

Hallo,
We gaan even verder kijken;
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
installedprogs;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
Wil

07-05-2014 22:57

Goede avond Ben, ik had je al eens eerder gesproken in het verleden met een probleem
Hier is deel 1 van de log van Zoek.exe
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Willem on wo 07-05-2014 at 22:45:55,81.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Willem\Desktop\zoek.exe
==== System Restore Info ======================
7-5-2014 22:47:47 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Pixum deleted successfully
C:\PROGRA~2\Trend Micro deleted successfully
==== Installed Programs ======================
Adblock Plus for IE
Adblock Plus for IE (32-bit and 64-bit)
Adobe AIR
Adobe Community Help
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Photoshop Elements 10
Adobe Reader XI (11.0.06) - Nederlands
Adobe Shockwave Player 12.0
Any Video Converter 5.5.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 6 FREE v.6.80
Audacity 2.0
Auslogics BoostSpeed
Auslogics DiskDefrag
Battlefield: Bad CompanyT 2
BlueStacks
Bonjour
BorderMaker
BSR Screen Recorder 6
calibre
Canon Utilities Digital Photo Professional
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities ImageBrowser EX
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
CCleaner
Computer Security 12.71.102.0 (release)
ConvertXtoDVD 4.1.10.348
Corel PaintShop Pro X5
CVE-2012-4969
D3DX10
DaVinci 1.0.0.3
Dragon NaturallySpeaking 11
DVD Shrink 3.2
DX-Ball 1.09
Dynamic-Photo HDR 4.65
easyHDR
Elements 10 Organizer
encryptdrop
EncryptDrop Free Edition
Eraser 6.0.10.2620
Exif Tag Remover 4.3
F-Secure CCF Reputation
F-Secure CCF Scanning 1.23.124.8831 (release)
F-Secure Network CCF 1.02.126
Facebook Messenger 2.1.4631.0
Facebook Messenger 2.1.4814.0
FastImageResizer (remove only)
FastStone Image Viewer 4.6
FastStone Photo Resizer 3.2
floaters v2.1
Free YouTube to MP3 Converter version 3.12.29.304
Freemake Audio Converter versie 1.1.0
Freemake Video Converter versie 4.1.2
FreeSizer 64 v.1.0.0
gamelauncher-ps2-psg
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google+ Auto Backup
Handset WinDriver 1.02.02.00
Harrys Filters 4.0 (Plugin)
HDR Efex Pro 2
HiJackThis
HiSuite
HitmanPro 3.7
Hugin 2012.0.0
ICA
Imagenomic Portraiture 2.3 Plug-in (build 2308)
Internet Explorer (Enable DEP)
IPM_PSP_COM
IsoBuster 2.4
Java 7 Update 45 (64-bit)
Java 7 Update 51
Java Auto Updater
Java(TM) 6 Update 16 (64-bit)
Java(TM) 6 Update 38
Junk Mail filter update
K-Lite Codec Pack 10.0.5 Basic
Kobo
lookinglink
LucisArt 3 ED/SE
MAGIX Photo Clinic 4.5 (US)
Malwarebytes Anti-Malware versie 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Nederlands)
Microsoft .NET Framework 4.5.1 (NLD)
Microsoft Application Error Reporting
Microsoft Camera Codec Pack
Microsoft GIF Animator
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
MiniTool Power Data Recovery
Movie Maker
Mozilla Firefox 27.0.1 (x86 nl)
Mozilla Maintenance Service
Mozilla Thunderbird 24.5.0 (x86 nl)
MPC-HC 1.6.8
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nik Collection
NVIDIA-configuratiescherm 335.23
NVIDIA 3D Vision controllerstuurprogramma 335.21
NVIDIA 3D Vision stuurprogramma 335.23
NVIDIA GeForce Experience 2.0
NVIDIA Grafisch stuurprogramma 335.23
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX systeemsoftware 9.13.1220
NVIDIA ShadowPlay 12.4.55
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 12.4.55
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.22
OpenOffice 4.0.1
OUTDATEfighter
Panda Cloud Cleaner
PC Angel ™ Recovery Installer
PC Wizard 2010.1.96
PDF Architect
Photo Common
Photo Gallery
PhotoFilmStrip 1.5.0
Photomatix Pro version 3.0
PhotoME
PhotoResizr
Picasa 3
Pixlr-o-matic
PlanetSide 2
Poladroid
Portrait Professional 11.2
Portrait Professional Studio
PowerISO
PSPPContent
PSPPHelp
PSPPro64
PTGui Pro 8.3.3
QuickTime 7
Realtek High Definition Audio Driver
Recuva
Roxio Creator 9 XE
Samsung AllShare
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Setup
SHIELD Streaming
SightSpeed (remove only)
Skype Click to Call
SkypeT 6.14
Snap.Do
Snap.Do Engine
Sophos Virus Removal Tool
Spyder2express
SUPERAntiSpyware
swMSM
System Requirements Lab CYRI
TeamViewer 9
Topaz Adjust 4
Topaz Adjust 4 (64-bit)
TwistedBrush Open Studio
UpdateChecker
VD64Inst
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
VLC media player 2.0.5
VLC media player 2.1.4
VoipBuster
Vuze
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
WOT for Internet Explorer
Ziggo Internetbeveiliging
Ziggo Online Help Tool
==== Running Processes ======================
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Windows\system32\hasplms.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Users\Willem\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4087 MB
CPU Info: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
CPU Speed: 2662.4 MHz
Sound Card: Luidsprekers (Realtek High Defi |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GTS 250 | NVIDIA GeForce GTS 250 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm |
Screen Resolution: 1920 X 1200 - 32 bit
Network: Network Present
Network Adapters: Intel(R) 82578DC Gigabit Network Connection
CD / DVD Drives: 2x (G: | H: | ) G: TSSTcorpCDDVDW SH-S223C | H: ROXIO DVD-ROM EMULATOR
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C: 287.3GB | D: 546.0GB | E: 551.3GB | F: 12.7GB
Hard Disks - Free: C: 129.3GB | D: 236.6GB | E: 393.3GB | F: 7.2GB
Manufacturer *: Intel Corp.
BIOS Info: AT/AT COMPATIBLE | 08/02/09 | INTEL - 7a
Time Zone: West-Europa (standaardtijd)
Motherboard *: Intel Corporation DP55WB
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Basis On-access scanning disabled (Outdated)
Anti-Spyware: Basis disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox 27.0.1
Internet Explorer Version: 11.0.9600.17105
Mozilla Firefox version: 27.0.1 (x86 nl)
Adobe Reader version: 11.0.06.70
Sun Java version: 1.7.0_51 (32-bit)
Sun Java version: 1.7.0_45 (64-bit)
Flash Player version: 13.0.0.206
Shockwave Player version: 12.0.7r148
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-05-04 20:54:01 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Windows\wininit.ini
====== C:\Users\Willem\AppData\Local\Temp ====
2014-05-07 12:03:42 08AF557C8E6E74D7D92314F6B2C86273 4608 —-a-w- C:\Users\Willem\AppData\Local\Temp\i4jdel0.exe
====== Java Cache =====
2014-04-09 20:57:52 E943842AB2F129353C8A5E4CA55312C2 108 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5a8fd001-6.0.lap
2014-04-09 19:11:05 E183F5C06EFB895045CC4B22AB945134 38 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2b82a0e-6.0.lap
2014-04-09 19:11:10 31FA66BD61B038DAD5558AAA8546B8C7 124162 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\b8be351-68566769-0.0.2.37-
2014-04-09 21:04:04 A2C43C6FFEF7BA58420413D8C203FB28 108 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6c5f632d-6.0.lap
2014-04-09 21:04:06 D41F3BBA3B6E699FD31957B5209C278F 354733 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\e729e45-2b2e28ae
====== C:\Windows\SysWOW64 =====
2014-05-07 11:41:47 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 —-a-w- C:\Windows\SysWOW64\subinacl.exe
2014-05-04 21:04:25 0DC5AF80D059DEC792B665ED598C6567 536576 —-a-w- C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 11:34:58 5869FBC754578A59C8C8635B99DB79DE 17384448 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2014-05-02 11:34:58 2518D1922371892ADEF1F07147DBD72A 2724864 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-02 11:34:59 A98DA2EC1E56CF52C682D072F77D9874 23547904 —-a-w- C:\Windows\Sysnative\mshtml.dll
2014-05-02 11:34:58 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2014-04-25 12:28:32 84ED099009EF0DF82A37D4FEAE012655 465408 —-a-w- C:\Windows\Sysnative\aepdu.dll
2014-04-25 12:28:32 5513F4766C9987D6B0D49D51BB2E5EE4 424448 —-a-w- C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-21 11:02:39 757ACE4D4C9FF0571F86AA5D586B45E8 12708128 —-a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
2014-04-21 10:57:11 50A7C3FEA78D11B546EA9B0C25FBC6AB 40392 —-a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
2014-04-09 08:35:27 B3222734D80013D2C73841B0C549FA63 27584 —-a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
2014-04-09 08:35:27 A3F0BC5897F9D3786A3CB695B163633A 190912 —-a-w- C:\Windows\Sysnative\drivers\storport.sys
2014-04-09 08:35:27 96BB922A0981BC7432C8CF52B5410FE6 274880 —-a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
2014-04-09 08:35:19 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 —-a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-07 11:47:20 ——– d—–w- C:\Program Files\HitmanPro
2014-05-07 11:41:44 ——– d—–w- C:\Program Files\Common Files\Microsoft
2014-05-07 11:41:44 ——– d—–w- C:\Program Files\Adware-Removal-Tool
======= C:\PROGRA~2 =====
2014-05-01 10:28:36 ——– d—–w- C:\PROGRA~2\Mozilla Thunderbird
2014-04-27 13:31:36 ——– d—–w- C:\PROGRA~2\PowerDataRecovery
2014-04-25 12:12:42 ——– d—–w- C:\PROGRA~2\DynamicPhotoHDR5
2014-04-09 20:58:20 ——– d—–w- C:\PROGRA~2\SystemRequirementsLab
======= C: =====
====== C:\Users\Willem\AppData\Roaming ======
2014-05-04 20:56:28 ——– d—–w- C:\Users\Willem\AppData\Roaming\AVG
2014-05-04 20:56:28 ——– d—–w- C:\Users\Willem\AppData\Local\AVG
2014-04-09 17:04:51 ——– d-sh–w- C:\Users\Willem\AppData\Local\EmieUserList
2014-04-09 17:04:51 ——– d-sh–w- C:\Users\Willem\AppData\Local\EmieSiteList
====== C:\Users\Willem ======
2014-05-07 12:17:50 366E62D001AF0459F5CC310A004BEF6E 5124208 —-a-w- C:\Users\Willem\Desktop\F-SecureOnlineScanner-HC.exe
2014-05-07 12:04:06 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-05-05 23:06:31 ——– d—–w- C:\ProgramData\Package Cache
2014-05-04 21:02:39 901A44951CAE3780768F0082C9FEAD87 1313617 —-a-w- C:\Users\Willem\Downloads\AdwCleaner.exe
2014-05-04 20:55:23 ——– d—–w- C:\ProgramData\AVG
2014-05-04 20:55:18 ——– d-sh–w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-04-27 13:31:40 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8
2014-04-25 12:12:47 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamic-Photo HDR 5
2014-04-20 22:32:29 ——– d—–w- C:\ProgramData\tmp
2014-04-20 22:32:29 ——– d—–w- C:\ProgramData\hps
2014-04-09 20:58:20 ——– d—–w- C:\ProgramData\SystemRequirementsLab
====== C: exe-files ==
2014-05-07 12:17:50 366E62D001AF0459F5CC310A004BEF6E 5124208 —-a-w- C:\Users\Willem\Desktop\F-SecureOnlineScanner-HC.exe
2014-05-07 12:04:06 CD3FE805E00666E4CDF6C92BD6F290ED 127752 —-a-w- C:\Program Files\HitmanPro\hmpsched.exe
2014-05-07 12:04:06 98ADA896D51610D3412EEEAA5F12A53F 10971424 —-a-w- C:\Program Files\HitmanPro\HitmanPro.exe
2014-05-07 12:03:42 08AF557C8E6E74D7D92314F6B2C86273 4608 —-a-w- C:\Users\Willem\AppData\Local\Temp\i4jdel0.exe
2014-05-07 12:02:53 75DF6F9AC50360EEA71390D03552DF9D 9171472 —-a-w- C:\Users\Willem\Documents\Vuze Downloads\Hitman Pro 3.7.6 Build 201 Final Retail - SceneDL (PimpRG)\32 bit\HitmanPro.exe
2014-05-07 12:02:53 6E4CB37E326AFFF7B68BEEF781F62835 9833328 —-a-w- C:\Users\Willem\Documents\Vuze Downloads\Hitman Pro 3.7.6 Build 201 Final Retail - SceneDL (PimpRG)\64 bit\HitmanPro_x64.exe
2014-05-07 11:45:46 81694AC14CF309723016DC74779C72BD 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-4143939538-3833764649-2899497851-1001\$ITDSGV4.exe
2014-05-07 11:41:47 C0E9B4744838761BC2EC3EE95CA7191A 117416 —-a-w- C:\Program Files\Adware-Removal-Tool\ARTP3.exe
2014-05-07 11:41:47 72A3AF3181085F50BE07EA82E2D2889A 52904 —-a-w- C:\Program Files\Adware-Removal-Tool\ARTP2.exe
2014-05-07 11:41:47 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 —-a-w- C:\WINDOWS\SysWOW64\subinacl.exe
2014-05-07 11:41:00 6D09B857AD4E84EA736A0BE77C1B5377 714464 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-4143939538-3833764649-2899497851-1001\$RTDSGV4.exe
2014-05-07 10:32:19 AFFF5CF2744D67E534537F33B8823FB6 28363696 —-a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.0.1.0.exe
2014-05-05 23:02:04 25D473D7805261C752DA738B13E35816 185271 —-a-w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe
2014-05-05 22:15:51 EDB10586A061A621BBA2CB32E5E3220B 190429 —-a-w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe
2014-05-04 21:02:39 901A44951CAE3780768F0082C9FEAD87 1313617 —-a-w- C:\Users\Willem\Downloads\AdwCleaner.exe
2014-05-02 11:28:18 BBFAF2B2092FDF0CBA48D1656E061A29 3514168 —-a-w- C:\Users\Willem\AppData\Local\NVIDIA\NvBackend\Packages\00005a7e\DAO.18382836.exe
2014-05-02 11:28:15 2269E813E5B49D8311EBA4F1501C90D0 304760 —-a-w- C:\Users\Willem\AppData\Local\NVIDIA\NvBackend\Packages\00005a63\drsupdate.18354710_RUNASUSER.exe
2014-05-01 10:28:38 C618CFDF3A00A322F46459A7E1F2A9F4 22640 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe
2014-05-01 10:28:38 439DFE6F3594A301F9B07BE242871CC5 901232 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
2014-05-01 10:28:38 38DEFB34EBC471412B1530CC680ECC1A 275056 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe
2014-05-01 10:28:37 DC37CFF5880FAE530831EF2DF65C2F63 194176 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe
2014-05-01 10:28:37 4F2B6D456F31204F8CEE4C5B32BF25E0 18544 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe
2014-05-01 10:28:37 0CC6BCDAAD124EC51A96F60C51CD184D 390256 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
2014-05-01 10:28:36 731837CB3B49B738402CE32455B75CE2 119408 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe
2014-05-01 10:28:36 48DDC243F64DEC7FBF283F74EE740D65 117360 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe
=== C: other files ==
2014-05-04 22:02:10 D342BBD6BF7554ABA24A376E41675DBF 621283886 —-a-w- C:\Users\Willem\Desktop\Hirens.BootCD.15.2.zip
==== Startup Registry Enabled ======================
“VoipBuster”=“C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized”
“swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“panda4_0dn”=“reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f”
“panda4_0dn_XP”=“reg.exe delete HKCU\Software\panda4_0dn /f”
“panda4_0dn”=“reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f”
“panda4_0dn_XP”=“reg.exe delete HKCU\Software\panda4_0dn /f”
“DMXLauncher”=“C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
“F-Secure Hoster (45123)”=“C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1”
“F-Secure Manager”=“C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash”
“QuickTime Task”=“C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime”
“APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“ST Recovery Launcher”=“%WINDIR%\SMINST\VistaLauncher.exe ”
“VoipBuster”=“C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized”
“swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
Wil

07-05-2014 22:58

Vervolg deel 2:
==== Startup Registry Enabled x64 ======================
“ShadowPlay”=“C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart”
“NvBackend”=“C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe”
==== Startup Registry Disabled ======================
“DNS7reminder”=“\”C:\\Program Files (x86)\\Nuance\\NaturallySpeaking11\\Ereg\\Ereg.exe\“ -r \”C:\\ProgramData\\Nuance\\NaturallySpeaking11\\Ereg.ini\“”
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
==== Startup Registry Disabled x64 ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“@ssm.vendorid@_McciTrayApp”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\ZiggoOnlineHelp\\McciTrayApp.exe\“”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“AdobeAAMUpdater-1.0”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\“”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“AllShareAgent”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Eraser”
“hkey”=“HKLM”
“command”=“\”C:\\PROGRA~1\\Eraser\\Eraser.exe\“ –atRestart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“GoogleChromeAutoLaunch_06D8D265122815681BEAC933F95514A2”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\“ –no-startup-window”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“ISUSPM”
“hkey”=“HKCU”
“command”=“C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesPDLR”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe ”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesPreload”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesTrayAgent”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Mobile Partner”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\HiSuite\\HiSuite.exe -s”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“msnmsgr”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\“ /background”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“PWRISOVM.EXE”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“QuickTime Task”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\QuickTime\\QTTask.exe\“ -atboottime”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RoxWatchTray”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RtHDVCpl”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Skype”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\“ /minimized /regrun”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SunJavaUpdateSched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SUPERAntiSpyware”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“swg”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“UpdateChecker”
“hkey”=“HKCU”
“command”=“C:\\Users\\Willem\\AppData\\Local\\Popajar\\UpdateChecker\\UpdateCheckerApp.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“VoipBuster”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\VoipBuster.com\\VoipBuster\\VoipBuster.exe\“ -nosplash -minimized”
“path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ImageBrowser EX Agent.lnk”
“backup”=“C:\\Windows\\pss\\ImageBrowser EX Agent.lnk.CommonStartup”
“backupExtension”=“.CommonStartup”
“command”=“C:\\PROGRA~2\\Canon\\IMAGEB~1\\MFMANA~1.EXE ”
“item”=“ImageBrowser EX Agent”
“path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\encryptdrop.lnk”
“backup”=“C:\\Windows\\pss\\encryptdrop.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\PROGRA~2\\ENCRYP~1\\ENCRYP~1.EXE -silent”
“item”=“encryptdrop”
“path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Facebook Messenger.lnk”
“backup”=“C:\\Windows\\pss\\Facebook Messenger.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\Willem\\AppData\\Local\\Facebook\\MESSEN~1\\214814~1.0\\FACEBO~1.EXE ”
“item”=“Facebook Messenger”
“path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk”
“backup”=“C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE ”
“item”=“OpenOffice.org 3.3 ”
“SunJavaUpdateSched”=“\”C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\“”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce0b1024662774.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1ce0b1024662774”
“C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2014-01-13 18:45:18 ——– d—–w- C:\PROGRA~3\Canon_Inc_IC
2014-01-14 13:17:24 ——– d—–w- C:\PROGRA~3\Protexis64
2014-02-26 02:25:12 ——– d—–w- C:\PROGRA~3\HP
2014-03-08 09:13:05 ——– d—–w- C:\PROGRA~3\Apple Computer
2014-04-09 20:58:20 ——– d—–w- C:\PROGRA~3\SystemRequirementsLab
2014-04-20 22:32:29 ——– d—–w- C:\PROGRA~3\hps
2014-04-20 22:32:29 ——– d—–w- C:\PROGRA~3\tmp
2014-05-04 20:55:18 ——– d-sh–w- C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-04 20:55:23 ——– d—–w- C:\PROGRA~3\AVG
2014-05-05 23:06:31 ——– d—–w- C:\PROGRA~3\Package Cache
==== Firefox Extensions ======================
ProfilePath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default
- Snap.Do - %ProfilePath%\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
==== IE Start and Search Settings ======================
“Start Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Use Search Asst”=“yes”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Start Page Redirect Cache”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Start Page Redirect Cache”=“http://www.google.com”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“Default”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com”
“SearchAssistant”=“http://www.google.com”
“DefaultScope”=“{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url=“http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlNL454”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url=“Not_Found”
==== HijackThis Entries ======================
O1 - Hosts: ::1 localhost
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe” -app -hosterid:1
O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe
O4 - HKCU\..\Run: “C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe” -nosplash -minimized
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\panda4_0dn” /f (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘Default user’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - https://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== C:\zoek_backup content ======================
C:\zoek_backup (files=752 folders=161 417346051 bytes)
==== EOF on wo 07-05-2014 at 22:54:23,85 ======================
fazantje

08-05-2014 10:34

Hoi Wil,
Voer zoek.exe nogmaals uit en vertel of dit heeft geholpen;
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
Snap.Do;u
Snap.Do Engine;u
autoclean;
C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb};f
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.
Succes,
Huib;)
Wil

08-05-2014 15:01

Goede middag Fazantje,
Snap.Do is helemaal verdwenen van de computer, en verder zijn er geen problemen.
hier is het logje:
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Willem on do 08-05-2014 at 14:30:43,52.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Willem\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2014-05-07-205423.log 49563 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default
user.js not found
—- Lines helperbar removed from prefs.js —-
user_pref(“extensions.helperbar.DockingPositionDown”, false);
user_pref(“extensions.helperbar.SmartbarDisabled”, false);
user_pref(“extensions.helperbar.SmartbarStateMinimaized”, false);
user_pref(“extensions.helperbar.Visibility”, false);
user_pref(“extensions.helperbar.keepAliveLastevent”, “1399387243”);
user_pref(“extensions.helperbar.lastExternalJsUpdate”, “1399427185508”);
—- FireFox user.js and prefs.js backups —-
prefs_08-05-2014_1445_.backup
ProfilePath: C:\Users\Willem\AppData\Roaming\Thunderbird\Profiles\i0mh1byb.default
user.js not found
—- FireFox user.js and prefs.js backups —-
prefs_08-05-2014_1445_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Willem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Willem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\wininit.ini deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome.manifest” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\install.rdf” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\BackPageRemove.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\externalJS.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FBImagePreview.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.css” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.xul” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\InternalJS.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\jquery-1.5.1.min.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\publisherDefinitions.js” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\ISmartbarFireFoxRemotePlugin.xpt” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_24.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_25.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_26.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_27.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_28.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_29.dll” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\fb.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\fblike.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\gmail.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\googleplus.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\left.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\mgsplusvideo.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\pinit.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\right.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\searchBox.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\twitter.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-1.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-2.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-3.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo128.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo16.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo_small.png” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images” deleted
“C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages” deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Use Search Asst”=“yes”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Start Page Redirect Cache”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.google.com”
“Search Bar”=“http://www.google.com”
“Start Page Redirect Cache”=“http://www.google.com”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“Default”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com”
“SearchAssistant”=“http://www.google.com”
New Values:
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://www.google.com”
“Use Search Asst”=“no”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page Redirect Cache”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page Redirect Cache”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}”
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url=“http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlNL454”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b63782ad-0a95-42a3-a60a-fccfb8c2852d} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D18D56BAA303BDD4CAC7219CDCF976BF deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_06D8D265122815681BEAC933F95514A2 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateChecker deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHK8GF77 will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Willem\AppData\Local\Mozilla\Firefox\Profiles\qmlyw98l.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=926 folders=188 432398138 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\Willem\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Willem\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHK8GF77” not found
“C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low” not deleted
==== EOF on do 08-05-2014 at 14:53:18,20 ======================
fazantje

08-05-2014 15:26

Hoi Wil,
Mooi dat het is opgelost(tu)
Zo zie je dat Chrome met regelmaat meer problemen geeft dan andere browsers.
Ik zou Chrome weg laten.
Doe het volgende nog even:
Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:
Download Delfix by Xplode naar het bureaublad.
Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
Remove disinfection tools
Purge System Restore
Reset system settings
Klik nu op “Run” en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.
Groetjes Huib;)
Wil

08-05-2014 20:21

Het is voor elkaar hoor Fazantje!
Dat laatste programma heeft zijn werk gedaan en snap.do is ook weg, ik wil je bij deze hartelijk danken voor de hulp en gelukkig dat het zo snel ging
Groeten,
Wil
fazantje

08-05-2014 20:44

Hoi Wil,
Ook namens Ben graag gedaan.
Groetjes Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Snap.do niet te verwijderen

Wil

Wil

Ben

Wil

Wil

fazantje

Wil

fazantje

Wil

fazantje