Snap.do niet te verwijderen

 • Wil

  Goede middag allen!

  Mijn google chrome browser was afgelopen week gekaapt door de zgn “snap.do searchbar” Ik kon dit niet weg krijgen uit chrome, en heb nu dus maar chrome in zijn geheel verwijderd. Ik heb het stappenplan doorlopen, en als extra ook met div online scanners aan de slag geweest. Volgens geen van alleen heb ik malware/virussen op de pc. Alleen als ik ik mijn lijst met programma's kijk, het venster waar je programma's kunt wijzigen en verwijderen, dan zie ik Snap.Do en Snap.Do engine nog altijd in de lijst staan en deze laten zich niet verwijderen. Ik heb ze ook geprobeerd in de veilige modus (f8) te verwijderen, maar zonder resultaat.

  Heeft iemand een idee?

  Groet, Wil

 • Wil

  Ohja, misschien wel zo handig om meteen een log te plaatsen :)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 16:10:13, on 7-5-2014

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v11.0 (11.00.9600.17041)

  Boot mode: Normal

  Running processes:

  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

  C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe

  C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe

  C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE

  C:\Users\Willem\Desktop\Onderhoud en Beveiliging\HijackThis.exe

  C:\Windows\SysWOW64\DllHost.exe

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  O1 - Hosts: ::1 localhost

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll

  O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe” -app -hosterid:1

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash

  O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe

  O4 - HKCU\..\Run: “C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe” -nosplash -minimized

  O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘SYSTEM’)

  O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\panda4_0dn” /f (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘Default user’)

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O15 - Trusted Zone: *.clonewarsadventures.com

  O15 - Trusted Zone: *.freerealms.com

  O15 - Trusted Zone: *.soe.com

  O15 - Trusted Zone: *.sony.com

  O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - https://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

  O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab

  O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab

  O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

  O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

  O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll

  O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

  O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

  O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe

  O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

  O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe

  O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE

  O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe

  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)

  O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe

  O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

  O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

  O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

  O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

  O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe

  O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

  O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

  O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe

  O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe

  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

  O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe

  O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe

  O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

  O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

  O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

  O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

  O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  End of file - 14505 bytes

 • Ben

  Hallo,

  We gaan even verder kijken;

  Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

  Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

  Download Zoek.exe naar het bureaublad.

  * Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

  Zoek.exe uitvoeren

  Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  * Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  * Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  * Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

  * Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  firefoxlook;

  torpigcheck;

  installedprogs;

  emptyfolderscheck;delete

  chromelook;

  standardsearch;

  filesrcm;

  startupall;

  * Klik nu op de knop "Run script".

  * Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  * Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  * Post het geopende logje in het volgende bericht.

 • Wil

  Goede avond Ben, ik had je al eens eerder gesproken in het verleden met een probleem :)

  Hier is deel 1 van de log van Zoek.exe

  Zoek.exe v5.0.0.0 Updated 14-April-2014

  Tool run by Willem on wo 07-05-2014 at 22:45:55,81.

  Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\Willem\Desktop\zoek.exe

  ==== System Restore Info ======================

  7-5-2014 22:47:47 Zoek.exe System Restore Point Created Succesfully.

  ==== Torpig Check ======================

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

  ==== Empty Folders Check ======================

  C:\PROGRA~2\AGEIA Technologies deleted successfully

  C:\PROGRA~2\Pixum deleted successfully

  C:\PROGRA~2\Trend Micro deleted successfully

  ==== Installed Programs ======================

  Adblock Plus for IE

  Adblock Plus for IE (32-bit and 64-bit)

  Adobe AIR

  Adobe Community Help

  Adobe Flash Player 13 ActiveX

  Adobe Flash Player 13 Plugin

  Adobe Photoshop Elements 10

  Adobe Reader XI (11.0.06) - Nederlands

  Adobe Shockwave Player 12.0

  Any Video Converter 5.5.5

  Apple Application Support

  Apple Mobile Device Support

  Apple Software Update

  Ashampoo Burning Studio 6 FREE v.6.80

  Audacity 2.0

  Auslogics BoostSpeed

  Auslogics DiskDefrag

  Battlefield: Bad CompanyT 2

  BlueStacks

  Bonjour

  BorderMaker

  BSR Screen Recorder 6

  calibre

  Canon Utilities Digital Photo Professional

  Canon Utilities EOS Sample Music

  Canon Utilities EOS Utility

  Canon Utilities ImageBrowser EX

  Canon Utilities PhotoStitch

  Canon Utilities Picture Style Editor

  CCleaner

  Computer Security 12.71.102.0 (release)

  ConvertXtoDVD 4.1.10.348

  Corel PaintShop Pro X5

  CVE-2012-4969

  D3DX10

  DaVinci 1.0.0.3

  Dragon NaturallySpeaking 11

  DVD Shrink 3.2

  DX-Ball 1.09

  Dynamic-Photo HDR 4.65

  easyHDR

  Elements 10 Organizer

  encryptdrop

  EncryptDrop Free Edition

  Eraser 6.0.10.2620

  Exif Tag Remover 4.3

  F-Secure CCF Reputation

  F-Secure CCF Scanning 1.23.124.8831 (release)

  F-Secure Network CCF 1.02.126

  Facebook Messenger 2.1.4631.0

  Facebook Messenger 2.1.4814.0

  FastImageResizer (remove only)

  FastStone Image Viewer 4.6

  FastStone Photo Resizer 3.2

  floaters v2.1

  Free YouTube to MP3 Converter version 3.12.29.304

  Freemake Audio Converter versie 1.1.0

  Freemake Video Converter versie 4.1.2

  FreeSizer 64 v.1.0.0

  gamelauncher-ps2-psg

  Google Earth

  Google Toolbar for Internet Explorer

  Google Update Helper

  Google+ Auto Backup

  Handset WinDriver 1.02.02.00

  Harrys Filters 4.0 (Plugin)

  HDR Efex Pro 2

  HiJackThis

  HiSuite

  HitmanPro 3.7

  Hugin 2012.0.0

  ICA

  Imagenomic Portraiture 2.3 Plug-in (build 2308)

  Internet Explorer (Enable DEP)

  IPM_PSP_COM

  IsoBuster 2.4

  Java 7 Update 45 (64-bit)

  Java 7 Update 51

  Java Auto Updater

  Java(TM) 6 Update 16 (64-bit)

  Java(TM) 6 Update 38

  Junk Mail filter update

  K-Lite Codec Pack 10.0.5 Basic

  Kobo

  lookinglink

  LucisArt 3 ED/SE

  MAGIX Photo Clinic 4.5 (US)

  Malwarebytes Anti-Malware versie 1.75.0.1300

  Microsoft .NET Framework 4.5.1

  Microsoft .NET Framework 4.5.1 (Nederlands)

  Microsoft .NET Framework 4.5.1 (NLD)

  Microsoft Application Error Reporting

  Microsoft Camera Codec Pack

  Microsoft GIF Animator

  Microsoft Silverlight

  Microsoft SkyDrive

  Microsoft SQL Server 2005 Compact Edition

  Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

  Microsoft Visual C++ 2005 Redistributable

  Microsoft Visual C++ 2005 Redistributable (x64)

  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

  Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

  Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

  Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

  Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106

  Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

  Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106

  Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106

  Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106

  Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106

  MiniTool Power Data Recovery

  Movie Maker

  Mozilla Firefox 27.0.1 (x86 nl)

  Mozilla Maintenance Service

  Mozilla Thunderbird 24.5.0 (x86 nl)

  MPC-HC 1.6.8

  MSVCRT

  MSVCRT_amd64

  MSVCRT110

  MSVCRT110_amd64

  MSXML 4.0 SP2 (KB954430)

  MSXML 4.0 SP2 (KB973688)

  Nik Collection

  NVIDIA-configuratiescherm 335.23

  NVIDIA 3D Vision controllerstuurprogramma 335.21

  NVIDIA 3D Vision stuurprogramma 335.23

  NVIDIA GeForce Experience 2.0

  NVIDIA Grafisch stuurprogramma 335.23

  NVIDIA Install Application

  NVIDIA LED Visualizer 1.0

  NVIDIA Network Service

  NVIDIA PhysX

  NVIDIA PhysX systeemsoftware 9.13.1220

  NVIDIA ShadowPlay 12.4.55

  NVIDIA Stereoscopic 3D Driver

  NVIDIA Update 12.4.55

  NVIDIA Update Core

  NVIDIA Virtual Audio 1.2.22

  OpenOffice 4.0.1

  OUTDATEfighter

  Panda Cloud Cleaner

  PC Angel ™ Recovery Installer

  PC Wizard 2010.1.96

  PDF Architect

  Photo Common

  Photo Gallery

  PhotoFilmStrip 1.5.0

  Photomatix Pro version 3.0

  PhotoME

  PhotoResizr

  Picasa 3

  Pixlr-o-matic

  PlanetSide 2

  Poladroid

  Portrait Professional 11.2

  Portrait Professional Studio

  PowerISO

  PSPPContent

  PSPPHelp

  PSPPro64

  PTGui Pro 8.3.3

  QuickTime 7

  Realtek High Definition Audio Driver

  Recuva

  Roxio Creator 9 XE

  Samsung AllShare

  Samsung Kies

  SAMSUNG USB Driver for Mobile Phones

  Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

  Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

  Setup

  SHIELD Streaming

  SightSpeed (remove only)

  Skype Click to Call

  SkypeT 6.14

  Snap.Do

  Snap.Do Engine

  Sophos Virus Removal Tool

  Spyder2express

  SUPERAntiSpyware

  swMSM

  System Requirements Lab CYRI

  TeamViewer 9

  Topaz Adjust 4

  Topaz Adjust 4 (64-bit)

  TwistedBrush Open Studio

  UpdateChecker

  VD64Inst

  Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)

  VLC media player 2.0.5

  VLC media player 2.1.4

  VoipBuster

  Vuze

  Windows Live Communications Platform

  Windows Live Essentials

  Windows Live ID Sign-in Assistant

  Windows Live Installer

  Windows Live Mail

  Windows Live Messenger

  Windows Live MIME IFilter

  Windows Live Photo Common

  Windows Live PIMT Platform

  Windows Live SOXE

  Windows Live SOXE Definitions

  Windows Live UX Platform

  Windows Live UX Platform Language Pack

  Windows Live Writer

  Windows Live Writer Resources

  WinRAR 4.20 (64-bit)

  WOT for Internet Explorer

  Ziggo Internetbeveiliging

  Ziggo Online Help Tool

  ==== Running Processes ======================

  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

  C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

  C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

  C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

  C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE

  C:\Windows\system32\hasplms.exe

  C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

  C:\Windows\SysWOW64\nlssrv32.exe

  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

  C:\Program Files (x86)\PDF Architect\HelperService.exe

  C:\Program Files (x86)\PDF Architect\ConversionService.exe

  C:\Windows\SysWOW64\PnkBstrA.exe

  c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

  C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

  C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

  C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE

  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe

  C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe

  C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe

  C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe

  C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE

  C:\Program Files (x86)\Skype\Phone\Skype.exe

  C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

  C:\Users\Willem\Desktop\zoek.exe

  C:\Windows\SysWOW64\cmd.exe

  C:\Windows\SysWOW64\cmd.exe

  C:\Windows\SysWOW64\cmd.exe

  ==== System Specs ======================

  Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

  Memory (RAM): 4087 MB

  CPU Info: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz

  CPU Speed: 2662.4 MHz

  Sound Card: Luidsprekers (Realtek High Defi |

  Realtek Digital Output (Realtek |

  Display Adapters: NVIDIA GeForce GTS 250 | NVIDIA GeForce GTS 250 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

  Monitors: 1x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm |

  Screen Resolution: 1920 X 1200 - 32 bit

  Network: Network Present

  Network Adapters: Intel(R) 82578DC Gigabit Network Connection

  CD / DVD Drives: 2x (G: | H: | ) G: TSSTcorpCDDVDW SH-S223C | H: ROXIO DVD-ROM EMULATOR

  Ports: COM Ports NOT Present. LPT Port NOT Present.

  Mouse: 8 Button Wheel Mouse Present

  Hard Disks: C: 287.3GB | D: 546.0GB | E: 551.3GB | F: 12.7GB

  Hard Disks - Free: C: 129.3GB | D: 236.6GB | E: 393.3GB | F: 7.2GB

  Manufacturer *: Intel Corp.

  BIOS Info: AT/AT COMPATIBLE | 08/02/09 | INTEL - 7a

  Time Zone: West-Europa (standaardtijd)

  Motherboard *: Intel Corporation DP55WB

  Country: Nederland

  Language: NLD

  ==== System Specs (Software) ======================

  Anti-Virus: Basis On-access scanning disabled (Outdated)

  Anti-Spyware: Basis disabled (Outdated)

  Anti-Spyware: Windows Defender disabled (Outdated)

  Default Browser: Firefox 27.0.1

  Internet Explorer Version: 11.0.9600.17105

  Mozilla Firefox version: 27.0.1 (x86 nl)

  Adobe Reader version: 11.0.06.70

  Sun Java version: 1.7.0_51 (32-bit)

  Sun Java version: 1.7.0_45 (64-bit)

  Flash Player version: 13.0.0.206

  Shockwave Player version: 12.0.7r148

  ==== Files Recently Created / Modified ======================

  ====== C:\Windows ====

  2014-05-04 20:54:01 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Windows\wininit.ini

  ====== C:\Users\Willem\AppData\Local\Temp ====

  2014-05-07 12:03:42 08AF557C8E6E74D7D92314F6B2C86273 4608 —-a-w- C:\Users\Willem\AppData\Local\Temp\i4jdel0.exe

  ====== Java Cache =====

  2014-04-09 20:57:52 E943842AB2F129353C8A5E4CA55312C2 108 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5a8fd001-6.0.lap

  2014-04-09 19:11:05 E183F5C06EFB895045CC4B22AB945134 38 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2b82a0e-6.0.lap

  2014-04-09 19:11:10 31FA66BD61B038DAD5558AAA8546B8C7 124162 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\b8be351-68566769-0.0.2.37-

  2014-04-09 21:04:04 A2C43C6FFEF7BA58420413D8C203FB28 108 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6c5f632d-6.0.lap

  2014-04-09 21:04:06 D41F3BBA3B6E699FD31957B5209C278F 354733 —-a-w- C:\Users\Willem\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\e729e45-2b2e28ae

  ====== C:\Windows\SysWOW64 =====

  2014-05-07 11:41:47 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 —-a-w- C:\Windows\SysWOW64\subinacl.exe

  2014-05-04 21:04:25 0DC5AF80D059DEC792B665ED598C6567 536576 —-a-w- C:\Windows\SysWOW64\sqlite3.dll

  2014-05-02 11:34:58 5869FBC754578A59C8C8635B99DB79DE 17384448 —-a-w- C:\Windows\SysWOW64\mshtml.dll

  2014-05-02 11:34:58 2518D1922371892ADEF1F07147DBD72A 2724864 —-a-w- C:\Windows\SysWOW64\mshtml.tlb

  ====== C:\Windows\SysWOW64\drivers =====

  ====== C:\Windows\Sysnative =====

  2014-05-02 11:34:59 A98DA2EC1E56CF52C682D072F77D9874 23547904 —-a-w- C:\Windows\Sysnative\mshtml.dll

  2014-05-02 11:34:58 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 —-a-w- C:\Windows\Sysnative\mshtml.tlb

  2014-04-25 12:28:32 84ED099009EF0DF82A37D4FEAE012655 465408 —-a-w- C:\Windows\Sysnative\aepdu.dll

  2014-04-25 12:28:32 5513F4766C9987D6B0D49D51BB2E5EE4 424448 —-a-w- C:\Windows\Sysnative\aeinv.dll

  ====== C:\Windows\Sysnative\drivers =====

  2014-04-21 11:02:39 757ACE4D4C9FF0571F86AA5D586B45E8 12708128 —-a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

  2014-04-21 10:57:11 50A7C3FEA78D11B546EA9B0C25FBC6AB 40392 —-a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys

  2014-04-09 08:35:27 B3222734D80013D2C73841B0C549FA63 27584 —-a-w- C:\Windows\Sysnative\drivers\Diskdump.sys

  2014-04-09 08:35:27 A3F0BC5897F9D3786A3CB695B163633A 190912 —-a-w- C:\Windows\Sysnative\drivers\storport.sys

  2014-04-09 08:35:27 96BB922A0981BC7432C8CF52B5410FE6 274880 —-a-w- C:\Windows\Sysnative\drivers\msiscsi.sys

  2014-04-09 08:35:19 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 —-a-w- C:\Windows\Sysnative\drivers\ntfs.sys

  ====== C:\Windows\Tasks ======

  ====== C:\Windows\Temp ======

  ======= C:\Program Files =====

  2014-05-07 11:47:20 ——– d—–w- C:\Program Files\HitmanPro

  2014-05-07 11:41:44 ——– d—–w- C:\Program Files\Common Files\Microsoft

  2014-05-07 11:41:44 ——– d—–w- C:\Program Files\Adware-Removal-Tool

  ======= C:\PROGRA~2 =====

  2014-05-01 10:28:36 ——– d—–w- C:\PROGRA~2\Mozilla Thunderbird

  2014-04-27 13:31:36 ——– d—–w- C:\PROGRA~2\PowerDataRecovery

  2014-04-25 12:12:42 ——– d—–w- C:\PROGRA~2\DynamicPhotoHDR5

  2014-04-09 20:58:20 ——– d—–w- C:\PROGRA~2\SystemRequirementsLab

  ======= C: =====

  ====== C:\Users\Willem\AppData\Roaming ======

  2014-05-04 20:56:28 ——– d—–w- C:\Users\Willem\AppData\Roaming\AVG

  2014-05-04 20:56:28 ——– d—–w- C:\Users\Willem\AppData\Local\AVG

  2014-04-09 17:04:51 ——– d-sh–w- C:\Users\Willem\AppData\Local\EmieUserList

  2014-04-09 17:04:51 ——– d-sh–w- C:\Users\Willem\AppData\Local\EmieSiteList

  ====== C:\Users\Willem ======

  2014-05-07 12:17:50 366E62D001AF0459F5CC310A004BEF6E 5124208 —-a-w- C:\Users\Willem\Desktop\F-SecureOnlineScanner-HC.exe

  2014-05-07 12:04:06 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

  2014-05-05 23:06:31 ——– d—–w- C:\ProgramData\Package Cache

  2014-05-04 21:02:39 901A44951CAE3780768F0082C9FEAD87 1313617 —-a-w- C:\Users\Willem\Downloads\AdwCleaner.exe

  2014-05-04 20:55:23 ——– d—–w- C:\ProgramData\AVG

  2014-05-04 20:55:18 ——– d-sh–w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

  2014-04-27 13:31:40 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8

  2014-04-25 12:12:47 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamic-Photo HDR 5

  2014-04-20 22:32:29 ——– d—–w- C:\ProgramData\tmp

  2014-04-20 22:32:29 ——– d—–w- C:\ProgramData\hps

  2014-04-09 20:58:20 ——– d—–w- C:\ProgramData\SystemRequirementsLab

  ====== C: exe-files ==

  2014-05-07 12:17:50 366E62D001AF0459F5CC310A004BEF6E 5124208 —-a-w- C:\Users\Willem\Desktop\F-SecureOnlineScanner-HC.exe

  2014-05-07 12:04:06 CD3FE805E00666E4CDF6C92BD6F290ED 127752 —-a-w- C:\Program Files\HitmanPro\hmpsched.exe

  2014-05-07 12:04:06 98ADA896D51610D3412EEEAA5F12A53F 10971424 —-a-w- C:\Program Files\HitmanPro\HitmanPro.exe

  2014-05-07 12:03:42 08AF557C8E6E74D7D92314F6B2C86273 4608 —-a-w- C:\Users\Willem\AppData\Local\Temp\i4jdel0.exe

  2014-05-07 12:02:53 75DF6F9AC50360EEA71390D03552DF9D 9171472 —-a-w- C:\Users\Willem\Documents\Vuze Downloads\Hitman Pro 3.7.6 Build 201 Final Retail - SceneDL (PimpRG)\32 bit\HitmanPro.exe

  2014-05-07 12:02:53 6E4CB37E326AFFF7B68BEEF781F62835 9833328 —-a-w- C:\Users\Willem\Documents\Vuze Downloads\Hitman Pro 3.7.6 Build 201 Final Retail - SceneDL (PimpRG)\64 bit\HitmanPro_x64.exe

  2014-05-07 11:45:46 81694AC14CF309723016DC74779C72BD 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-4143939538-3833764649-2899497851-1001\$ITDSGV4.exe

  2014-05-07 11:41:47 C0E9B4744838761BC2EC3EE95CA7191A 117416 —-a-w- C:\Program Files\Adware-Removal-Tool\ARTP3.exe

  2014-05-07 11:41:47 72A3AF3181085F50BE07EA82E2D2889A 52904 —-a-w- C:\Program Files\Adware-Removal-Tool\ARTP2.exe

  2014-05-07 11:41:47 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 —-a-w- C:\WINDOWS\SysWOW64\subinacl.exe

  2014-05-07 11:41:00 6D09B857AD4E84EA736A0BE77C1B5377 714464 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-4143939538-3833764649-2899497851-1001\$RTDSGV4.exe

  2014-05-07 10:32:19 AFFF5CF2744D67E534537F33B8823FB6 28363696 —-a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.0.1.0.exe

  2014-05-05 23:02:04 25D473D7805261C752DA738B13E35816 185271 —-a-w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe

  2014-05-05 22:15:51 EDB10586A061A621BBA2CB32E5E3220B 190429 —-a-w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe

  2014-05-04 21:02:39 901A44951CAE3780768F0082C9FEAD87 1313617 —-a-w- C:\Users\Willem\Downloads\AdwCleaner.exe

  2014-05-02 11:28:18 BBFAF2B2092FDF0CBA48D1656E061A29 3514168 —-a-w- C:\Users\Willem\AppData\Local\NVIDIA\NvBackend\Packages\00005a7e\DAO.18382836.exe

  2014-05-02 11:28:15 2269E813E5B49D8311EBA4F1501C90D0 304760 —-a-w- C:\Users\Willem\AppData\Local\NVIDIA\NvBackend\Packages\00005a63\drsupdate.18354710_RUNASUSER.exe

  2014-05-01 10:28:38 C618CFDF3A00A322F46459A7E1F2A9F4 22640 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe

  2014-05-01 10:28:38 439DFE6F3594A301F9B07BE242871CC5 901232 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe

  2014-05-01 10:28:38 38DEFB34EBC471412B1530CC680ECC1A 275056 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\updater.exe

  2014-05-01 10:28:37 DC37CFF5880FAE530831EF2DF65C2F63 194176 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe

  2014-05-01 10:28:37 4F2B6D456F31204F8CEE4C5B32BF25E0 18544 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe

  2014-05-01 10:28:37 0CC6BCDAAD124EC51A96F60C51CD184D 390256 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

  2014-05-01 10:28:36 731837CB3B49B738402CE32455B75CE2 119408 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe

  2014-05-01 10:28:36 48DDC243F64DEC7FBF283F74EE740D65 117360 —-a-w- C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe

  === C: other files ==

  2014-05-04 22:02:10 D342BBD6BF7554ABA24A376E41675DBF 621283886 —-a-w- C:\Users\Willem\Desktop\Hirens.BootCD.15.2.zip

  ==== Startup Registry Enabled ======================

  “VoipBuster”=“C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized”

  “swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  “panda4_0dn”=“reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f”

  “panda4_0dn_XP”=“reg.exe delete HKCU\Software\panda4_0dn /f”

  “panda4_0dn”=“reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn /f”

  “panda4_0dn_XP”=“reg.exe delete HKCU\Software\panda4_0dn /f”

  “DMXLauncher”=“C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”

  “F-Secure Hoster (45123)”=“C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1”

  “F-Secure Manager”=“C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash”

  “QuickTime Task”=“C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime”

  “APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  “ST Recovery Launcher”=“%WINDIR%\SMINST\VistaLauncher.exe ”

  “VoipBuster”=“C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized”

  “swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

 • Wil

  Vervolg deel 2:

  ==== Startup Registry Enabled x64 ======================

  “ShadowPlay”=“C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart”

  “NvBackend”=“C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe”

  ==== Startup Registry Disabled ======================

  “DNS7reminder”=“\”C:\\Program Files (x86)\\Nuance\\NaturallySpeaking11\\Ereg\\Ereg.exe\“ -r \”C:\\ProgramData\\Nuance\\NaturallySpeaking11\\Ereg.ini\“”

  “Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”

  ==== Startup Registry Disabled x64 ======================

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“”

  “hkey”=“HKCU”

  “command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“@ssm.vendorid@_McciTrayApp”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files\\ZiggoOnlineHelp\\McciTrayApp.exe\“”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“Adobe ARM”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“AdobeAAMUpdater-1.0”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\“”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“AllShareAgent”

  “hkey”=“HKLM”

  “command”=“C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“APSDaemon”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“Eraser”

  “hkey”=“HKLM”

  “command”=“\”C:\\PROGRA~1\\Eraser\\Eraser.exe\“ –atRestart”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“GoogleChromeAutoLaunch_06D8D265122815681BEAC933F95514A2”

  “hkey”=“HKCU”

  “command”=“\”C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\“ –no-startup-window”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“ISUSPM”

  “hkey”=“HKCU”

  “command”=“C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“KiesPDLR”

  “hkey”=“HKCU”

  “command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe ”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“KiesPreload”

  “hkey”=“HKCU”

  “command”=“C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“KiesTrayAgent”

  “hkey”=“HKLM”

  “command”=“C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“Mobile Partner”

  “hkey”=“HKCU”

  “command”=“C:\\Program Files (x86)\\HiSuite\\HiSuite.exe -s”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“msnmsgr”

  “hkey”=“HKCU”

  “command”=“\”C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\“ /background”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“PWRISOVM.EXE”

  “hkey”=“HKLM”

  “command”=“C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“QuickTime Task”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\QuickTime\\QTTask.exe\“ -atboottime”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“RoxWatchTray”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\“”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“RtHDVCpl”

  “hkey”=“HKLM”

  “command”=“C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“Skype”

  “hkey”=“HKCU”

  “command”=“\”C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\“ /minimized /regrun”

  “key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“SunJavaUpdateSched”

  “hkey”=“HKLM”

  “command”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“SUPERAntiSpyware”

  “hkey”=“HKCU”

  “command”=“C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“swg”

  “hkey”=“HKCU”

  “command”=“\”C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\“”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“UpdateChecker”

  “hkey”=“HKCU”

  “command”=“C:\\Users\\Willem\\AppData\\Local\\Popajar\\UpdateChecker\\UpdateCheckerApp.exe”

  “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

  “item”=“VoipBuster”

  “hkey”=“HKCU”

  “command”=“\”C:\\Program Files (x86)\\VoipBuster.com\\VoipBuster\\VoipBuster.exe\“ -nosplash -minimized”

  “path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ImageBrowser EX Agent.lnk”

  “backup”=“C:\\Windows\\pss\\ImageBrowser EX Agent.lnk.CommonStartup”

  “backupExtension”=“.CommonStartup”

  “command”=“C:\\PROGRA~2\\Canon\\IMAGEB~1\\MFMANA~1.EXE ”

  “item”=“ImageBrowser EX Agent”

  “path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\encryptdrop.lnk”

  “backup”=“C:\\Windows\\pss\\encryptdrop.lnk.Startup”

  “backupExtension”=“.Startup”

  “command”=“C:\\PROGRA~2\\ENCRYP~1\\ENCRYP~1.EXE -silent”

  “item”=“encryptdrop”

  “path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Facebook Messenger.lnk”

  “backup”=“C:\\Windows\\pss\\Facebook Messenger.lnk.Startup”

  “backupExtension”=“.Startup”

  “command”=“C:\\Users\\Willem\\AppData\\Local\\Facebook\\MESSEN~1\\214814~1.0\\FACEBO~1.EXE ”

  “item”=“Facebook Messenger”

  “path”=“C:\\Users\\Willem\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk”

  “backup”=“C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup”

  “backupExtension”=“.Startup”

  “command”=“C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE ”

  “item”=“OpenOffice.org 3.3 ”

  “SunJavaUpdateSched”=“\”C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\“”

  ==== Task Scheduler Jobs ======================

  C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce0b1024662774.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  ==== Other Scheduled Tasks ======================

  “C:\Windows\SysNative\tasks\Adobe Flash Player Updater”

  “C:\Windows\SysNative\tasks\CCleanerSkipUAC”

  “C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”

  “C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1ce0b1024662774”

  “C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”

  ==== Folders in C:\PROGRA~3 0-6 Months Old ======================

  2014-01-13 18:45:18 ——– d—–w- C:\PROGRA~3\Canon_Inc_IC

  2014-01-14 13:17:24 ——– d—–w- C:\PROGRA~3\Protexis64

  2014-02-26 02:25:12 ——– d—–w- C:\PROGRA~3\HP

  2014-03-08 09:13:05 ——– d—–w- C:\PROGRA~3\Apple Computer

  2014-04-09 20:58:20 ——– d—–w- C:\PROGRA~3\SystemRequirementsLab

  2014-04-20 22:32:29 ——– d—–w- C:\PROGRA~3\hps

  2014-04-20 22:32:29 ——– d—–w- C:\PROGRA~3\tmp

  2014-05-04 20:55:18 ——– d-sh–w- C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

  2014-05-04 20:55:23 ——– d—–w- C:\PROGRA~3\AVG

  2014-05-05 23:06:31 ——– d—–w- C:\PROGRA~3\Package Cache

  ==== Firefox Extensions ======================

  ProfilePath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default

  - Snap.Do - %ProfilePath%\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}

  AppDir: C:\Program Files (x86)\Mozilla Firefox

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

  - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

  - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

  ==== Firefox Plugins ======================

  Profilepath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default

  9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash

  F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director

  ==== Chrome Look ======================

  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

  lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx

  nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

  ==== IE Start and Search Settings ======================

  “Start Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Use Search Asst”=“yes”

  “Start Page”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Start Page Redirect Cache”=“http://www.google.com”

  “Start Page”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Start Page Redirect Cache”=“http://www.google.com”

  “(Default)”=“http://search.msn.com/results.asp?q=%s”

  “Default”=“http://www.google.com”

  “Default_Search_URL”=“http://www.google.com”

  “SearchAssistant”=“http://www.google.com”

  “DefaultScope”=“{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}”

  ==== All HKCU SearchScopes ======================

  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

  {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url=“http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlNL454”

  {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url=“Not_Found”

  ==== HijackThis Entries ======================

  O1 - Hosts: ::1 localhost

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll

  O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe” -app -hosterid:1

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE” /splash

  O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  O4 - HKLM\..\RunOnce: %WINDIR%\SMINST\VistaLauncher.exe

  O4 - HKCU\..\Run: “C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe” -nosplash -minimized

  O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘SYSTEM’)

  O4 - HKUS\S-1-5-18\..\RunOnce: reg.exe delete “HKCU\Software\panda4_0dn” /f (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\RunOnce: reg.exe delete “HKCU\Software\AppDataLow\Software\panda4_0dn” /f (User ‘Default user’)

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

  O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O15 - Trusted Zone: *.clonewarsadventures.com

  O15 - Trusted Zone: *.freerealms.com

  O15 - Trusted Zone: *.soe.com

  O15 - Trusted Zone: *.sony.com

  O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - https://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

  O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab

  O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.myheritage.com/FP/ImageUploader/ImageUploader5.cab

  O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

  O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

  O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll

  O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

  O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

  O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe

  O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

  O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe

  O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE

  O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe

  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)

  O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe

  O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

  O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

  O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

  O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

  O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe

  O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

  O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

  O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe

  O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe

  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

  O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe

  O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe

  O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

  O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

  O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

  O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

  O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  ==== C:\zoek_backup content ======================

  C:\zoek_backup (files=752 folders=161 417346051 bytes)

  ==== EOF on wo 07-05-2014 at 22:54:23,85 ======================

 • fazantje

  Hoi Wil,

  Voer zoek.exe nogmaals uit en vertel of dit heeft geholpen;

  Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

  Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

  Zoek.exe uitvoeren

  Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

  Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  Snap.Do;u

  Snap.Do Engine;u

  autoclean;

  C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb};f

  Klik nu op de knop “Run script”.

  Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  Post het geopende logje in het volgende bericht.

  Succes,

  Huib;)

 • Wil

  Goede middag Fazantje,

  Snap.Do is helemaal verdwenen van de computer, en verder zijn er geen problemen.

  hier is het logje:

  Zoek.exe v5.0.0.0 Updated 14-April-2014

  Tool run by Willem on do 08-05-2014 at 14:30:43,52.

  Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\Willem\Desktop\zoek.exe

  ==== Older Logs ======================

  C:\zoek-results2014-05-07-205423.log 49563 bytes

  ==== Deleting CLSID Registry Keys ======================

  ==== Deleting CLSID Registry Values ======================

  ==== Deleting Services ======================

  ==== FireFox Fix ======================

  ProfilePath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default

  user.js not found

  —- Lines helperbar removed from prefs.js —-

  user_pref(“extensions.helperbar.DockingPositionDown”, false);

  user_pref(“extensions.helperbar.SmartbarDisabled”, false);

  user_pref(“extensions.helperbar.SmartbarStateMinimaized”, false);

  user_pref(“extensions.helperbar.Visibility”, false);

  user_pref(“extensions.helperbar.keepAliveLastevent”, “1399387243”);

  user_pref(“extensions.helperbar.lastExternalJsUpdate”, “1399427185508”);

  —- FireFox user.js and prefs.js backups —-

  prefs_08-05-2014_1445_.backup

  ProfilePath: C:\Users\Willem\AppData\Roaming\Thunderbird\Profiles\i0mh1byb.default

  user.js not found

  —- FireFox user.js and prefs.js backups —-

  prefs_08-05-2014_1445_.backup

  ==== Deleting Files \ Folders ======================

  C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

  C:\Users\Willem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk deleted

  C:\PROGRA~3\Package Cache deleted

  C:\Users\Willem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

  C:\Windows\wininit.ini deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome.manifest” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\install.rdf” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\BackPageRemove.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\externalJS.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FBImagePreview.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.css” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\FirefoxExtensionMain.xul” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\InternalJS.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\jquery-1.5.1.min.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\publisherDefinitions.js” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\ISmartbarFireFoxRemotePlugin.xpt” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_24.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_25.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_26.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_27.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_28.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components\SmartbarFireFoxRemotePlugin_29.dll” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\down.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\fb.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\fblike.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\gmail.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\googleplus.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\hide-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\left.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\maximize-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\mgsplusvideo.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\minimize-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\pinit.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\right.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\searchBox.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\show-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\twitter.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-1.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-2.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up-3.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images\up.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo128.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo16.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages\SnapDo_small.png” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\components” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\images” deleted

  “C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default\extensions\{11c06e67-0815-45cf-c1ce-167f3cceaedb}\chrome\PublisherImages” deleted

  ==== Firefox Extensions ======================

  AppDir: C:\Program Files (x86)\Mozilla Firefox

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

  - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

  - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

  - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

  ==== Firefox Plugins ======================

  Profilepath: C:\Users\Willem\AppData\Roaming\Mozilla\Firefox\Profiles\qmlyw98l.default

  9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash

  F3B0E300AFC94E1A775A2D935A7D384F - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll - Shockwave for Director / Shockwave for Director

  ==== Chrome Look ======================

  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

  lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx

  nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

  ==== Set IE to Default ======================

  Old Values:

  “Start Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Use Search Asst”=“yes”

  “Start Page”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Start Page Redirect Cache”=“http://www.google.com”

  “Start Page”=“http://www.google.com”

  “Search Page”=“http://www.google.com”

  “Search Bar”=“http://www.google.com”

  “Start Page Redirect Cache”=“http://www.google.com”

  “(Default)”=“http://search.msn.com/results.asp?q=%s”

  “Default”=“http://www.google.com”

  “Default_Search_URL”=“http://www.google.com”

  “SearchAssistant”=“http://www.google.com”

  New Values:

  “Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Start Page”=“http://www.google.com”

  “Use Search Asst”=“no”

  “Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Start Page Redirect Cache”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Start Page Redirect Cache”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “(Default)”=“http://search.msn.com/results.asp?q=%s”

  “Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”

  ==== All HKCU SearchScopes ======================

  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

  “DefaultScope”=“{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}”

  {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url=“http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlNL454”

  {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”

  ==== Deleting Registry Keys ======================

  HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully

  HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB} deleted successfully

  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b63782ad-0a95-42a3-a60a-fccfb8c2852d} deleted successfully

  HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D18D56BAA303BDD4CAC7219CDCF976BF deleted successfully

  HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_06D8D265122815681BEAC933F95514A2 deleted successfully

  HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateChecker deleted successfully

  ==== Empty IE Cache ======================

  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

  C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHK8GF77 will be deleted at reboot

  ==== Empty FireFox Cache ======================

  C:\Users\Willem\AppData\Local\Mozilla\Firefox\Profiles\qmlyw98l.default\Cache emptied successfully

  ==== Empty Chrome Cache ======================

  No Chrome User Data found

  ==== Empty All Flash Cache ======================

  Flash Cache Emptied Successfully

  ==== Empty All Java Cache ======================

  Java Cache cleared successfully

  ==== C:\zoek_backup content ======================

  C:\zoek_backup (files=926 folders=188 432398138 bytes)

  ==== Empty Temp Folders ======================

  C:\Users\Administrator\AppData\Local\Temp emptied successfully

  C:\Users\Default\AppData\Local\Temp emptied successfully

  C:\Users\Default User\AppData\Local\Temp emptied successfully

  C:\Users\Public\AppData\Local\Temp emptied successfully

  C:\Users\Willem\AppData\Local\Temp will be emptied at reboot

  C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

  C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

  C:\Windows\Temp will be emptied at reboot

  ==== After Reboot ======================

  ==== Empty Temp Folders ======================

  C:\Windows\Temp successfully emptied

  C:\Users\Willem\AppData\Local\Temp successfully emptied

  ==== Empty Recycle Bin ======================

  C:\$RECYCLE.BIN successfully emptied

  ==== Deleting Files / Folders ======================

  “C:\Users\Willem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHK8GF77” not found

  “C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low” not deleted

  ==== EOF on do 08-05-2014 at 14:53:18,20 ======================

 • fazantje

  Hoi Wil,

  Mooi dat het is opgelost(tu)

  Zo zie je dat Chrome met regelmaat meer problemen geeft dan andere browsers.

  Ik zou Chrome weg laten.

  Doe het volgende nog even:

  Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

  Download Delfix by Xplode naar het bureaublad.

  Dubbelklik op Delfix.exe om de tool te starten.

  Zet nu vinkjes voor de volgende items:

  Remove disinfection tools

  Purge System Restore

  Reset system settings

  Klik nu op “Run” en wacht geduldig tot de tool gereed is.

  Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.

  Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.

  Groetjes Huib;)

 • Wil

  Het is voor elkaar hoor Fazantje!

  Dat laatste programma heeft zijn werk gedaan en snap.do is ook weg, ik wil je bij deze hartelijk danken voor de hulp en gelukkig dat het zo snel ging :)

  Groeten,

  Wil

 • fazantje

  Hoi Wil,

  Ook namens Ben graag gedaan.

  Groetjes Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.