Niet zeker of m'n laptop virus vrij is

piefpafpoef

31-08-2014 20:51

Goedenavond,
ik wil vragen of jullie kunnen zien of ik eventueel een virus heb
ik vraag dit naar aanleiding omdat ik een paar x een virus heb gehad
die stonden malware bytes maar die kon ze niet verwijderen
Avast heeft ook veel bestanden die hij niet kan scannen omdat ze
beschermd worden…. ik zou het fijn vinden om te weten of mijn laptop
virus vrij is, ik heb verder geen klachten over traagheid oid…
alvast bedankt Irma.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Irma at 2014-08-31 20:38:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 128 GB (28%) free of 463 GB
Total RAM: 5813 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:39, on 31-8-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\trend micro\Irma.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 - HKCU\..\Run: “C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe” /MINIMIZED
O4 - HKCU\..\Run: C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘Default user’)
O4 - Startup: Dropbox.lnk = Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 10148 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
“C:\Program Files\AVAST Software\Avast\AvastSvc.exe”
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe”
“C:\Program Files\Bonjour\mDNSResponder.exe”
“C:\Program Files (x86)\Launch Manager\dsiwmis.exe”
“C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe”
“C:\Program Files (x86)\Launch Manager\LMutilps32.exe” –system-level-mutex=“Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}” –enable-wmi-window
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files (x86)\Acer\Registration\GREGsvc.exe”
“C:\Program Files\Acer\Acer Updater\UpdaterService.exe”
“C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe”
“C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe”
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe”
“taskhost.exe”
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
“C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
taskeng.exe {37DC1A40-B94E-4EE0-A4C9-0796B70C266E}
“C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe”
“C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe”
“C:\Windows\System32\igfxtray.exe”
“C:\Windows\System32\hkcmd.exe”
“C:\Windows\System32\igfxpers.exe”
“C:\Program Files\Synaptics\SynTP\SynTPEnh.exe”
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s
“C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe” /MINIMIZED
“C:\Windows\System32\StikyNot.exe”
“C:\Program Files\Synaptics\SynTP\SynTPHelper.exe”
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
“C:\Users\Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe” /systemstartup
“C:\Program Files\AVAST Software\Avast\avastui.exe” /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“C:\Program Files (x86)\iTunes\iTunesHelper.exe”
“C:\Program Files\iPod\bin\iPodService.exe”
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
C:\Windows\System32\svchost.exe -k secsvcs
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
“C:\Program Files\EgisTec IPS\PMMUpdate.exe”
“C:\Program Files\EgisTec IPS\EgisUpdate.exe”
C:\Windows\servicing\TrustedInstaller.exe
“C:\Users\Irma\Desktop\RSITx64.exe”
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Irma\AppData\Roaming\Mozilla\Firefox\Profiles\0snpc061.default
prefs.js - “browser.search.useDBForOrder” - “false”
prefs.js - “browser.startup.homepage” - “www.startpagina.nl”
prefs.js - “keyword.URL” - “http://www.google.com/search?q=”
“Description”=Adobe® Flash® Player 14.0.0.179 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
“Description”=
“Path”=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
“Description”=VLC Multimedia Plugin
“Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
“Description”=VLC Multimedia Plugin
“Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
“Description”=VLC Multimedia Plugin
“Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
“Description”=VLC Multimedia Plugin
“Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
“Description”=VLC Multimedia Plugin
“Path”=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
“Description”=WildTangent Games App V2 Presence Detector Plugin
“Path”=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 14.0.0.179 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Irma\AppData\Roaming\Mozilla\Firefox\Profiles\0snpc061.default\extensions\
{e001c731-5e37-4538-a5cb-8168736a2360}
======Registry dump======
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“RTHDVCPL”=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
“BitTorrent”=C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe
“RESTART_STICKY_NOTES”=C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
“AvastUI.exe”=C:\Program Files\AVAST Software\Avast\AvastUI.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“QuickTime Task”=C:\Program Files (x86)\QuickTime\QTTask.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
“iTunesHelper”=C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Irma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxdev.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“MSVideo8”=VfWWDM32.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“aux2”=wdmaud.drv
“wave3”=wdmaud.drv
“midi3”=wdmaud.drv
“mixer3”=wdmaud.drv
“aux3”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-08-31 20:38:28 —-D—- C:\rsit
2014-08-31 20:38:28 —-D—- C:\Program Files\trend micro
2014-08-28 20:01:39 —-A—- C:\Windows\system32\win32k.sys
2014-08-28 20:01:39 —-A—- C:\Windows\system32\gdi32.dll
2014-08-28 20:01:38 —-A—- C:\Windows\SYSWOW64\gdi32.dll
2014-08-26 23:15:13 —-A—- C:\Windows\system32\drivers\PSKMAD.sys
2014-08-26 23:15:11 —-D—- C:\Windows\SYSWOW64\DASBOOT
2014-08-26 23:14:59 —-D—- C:\Program Files (x86)\Panda Security
2014-08-26 14:28:50 —-D—- C:\Users\Irma\AppData\Roaming\QuickScan
2014-08-26 14:02:18 —-A—- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-26 14:02:18 —-A—- C:\Windows\system32\rdpcorets.dll
2014-08-26 13:56:11 —-A—- C:\Windows\system32\drivers\tmcomm.sys
2014-08-26 00:35:16 —-A—- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-08-26 00:35:10 —-A—- C:\Windows\SYSWOW64\rdpendp_winip.dll
2014-08-26 00:35:10 —-A—- C:\Windows\system32\rdpudd.dll
2014-08-26 00:35:10 —-A—- C:\Windows\system32\rdpendp_winip.dll
2014-08-25 16:37:51 —-D—- C:\Users\Irma\AppData\Roaming\Fighters
2014-08-25 16:37:27 —-D—- C:\ProgramData\Fighters
2014-08-20 13:18:17 —-D—- C:\Program Files\iPod
2014-08-20 13:18:16 —-D—- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-20 13:18:16 —-D—- C:\Program Files\iTunes
2014-08-20 13:18:16 —-D—- C:\Program Files (x86)\iTunes
2014-08-14 00:09:52 —-A—- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 00:09:52 —-A—- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 00:09:52 —-A—- C:\Windows\system32\infocardapi.dll
2014-08-14 00:09:52 —-A—- C:\Windows\system32\icardagt.exe
2014-08-14 00:09:49 —-A—- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 00:09:49 —-A—- C:\Windows\system32\icardres.dll
2014-08-14 00:09:28 —-A—- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 00:09:28 —-A—- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:36:47 —-A—- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 20:36:47 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 20:36:47 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 20:36:46 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 20:36:46 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:36:46 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:36:44 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 20:36:44 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 20:36:44 —-A—- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 20:36:44 —-A—- C:\Windows\system32\urlmon.dll
2014-08-13 20:36:44 —-A—- C:\Windows\system32\iernonce.dll
2014-08-13 20:36:44 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:36:44 —-A—- C:\Windows\system32\ie4uinit.exe
2014-08-13 20:36:43 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 20:36:43 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 20:36:43 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 20:36:43 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 20:36:43 —-A—- C:\Windows\system32\msfeeds.dll
2014-08-13 20:36:43 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:36:43 —-A—- C:\Windows\system32\dxtmsft.dll
2014-08-13 20:36:42 —-A—- C:\Windows\system32\iesetup.dll
2014-08-13 20:36:42 —-A—- C:\Windows\system32\iedkcs32.dll
2014-08-13 20:36:41 —-A—- C:\Windows\system32\iertutil.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 20:36:40 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 20:36:40 —-A—- C:\Windows\system32\jsproxy.dll
2014-08-13 20:36:39 —-A—- C:\Windows\system32\ieui.dll
2014-08-13 20:36:39 —-A—- C:\Windows\system32\dxtrans.dll
2014-08-13 20:36:38 —-A—- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:36:38 —-A—- C:\Windows\system32\mshtmled.dll
2014-08-13 20:36:38 —-A—- C:\Windows\system32\ieframe.dll
2014-08-13 20:36:37 —-A—- C:\Windows\system32\vbscript.dll
2014-08-13 20:36:37 —-A—- C:\Windows\system32\jscript9diag.dll
2014-08-13 20:36:37 —-A—- C:\Windows\system32\jscript9.dll
2014-08-13 20:36:37 —-A—- C:\Windows\system32\ieUnatt.exe
2014-08-13 20:36:36 —-A—- C:\Windows\system32\wininet.dll
2014-08-13 20:36:36 —-A—- C:\Windows\system32\ieapfltr.dll
2014-08-13 20:36:35 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:36:35 —-A—- C:\Windows\system32\msrating.dll
2014-08-13 20:36:35 —-A—- C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:36:34 —-A—- C:\Windows\system32\mshtml.dll
2014-08-13 20:25:29 —-A—- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 20:25:29 —-A—- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 20:25:29 —-A—- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 20:25:29 —-A—- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 20:25:29 —-A—- C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:25:28 —-A—- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 20:25:28 —-A—- C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:25:28 —-A—- C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:25:28 —-A—- C:\Windows\system32\KBDRU.DLL
2014-08-13 20:25:28 —-A—- C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:21:41 —-A—- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 20:21:41 —-A—- C:\Windows\system32\tzres.dll
2014-08-13 20:21:37 —-A—- C:\Windows\system32\msi.dll
2014-08-13 20:21:36 —-A—- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 20:21:36 —-A—- C:\Windows\SYSWOW64\msi.dll
2014-08-13 20:21:36 —-A—- C:\Windows\SYSWOW64\authui.dll
2014-08-13 20:21:36 —-A—- C:\Windows\system32\msihnd.dll
2014-08-13 20:21:36 —-A—- C:\Windows\system32\consent.exe
2014-08-13 20:21:36 —-A—- C:\Windows\system32\authui.dll
2014-08-13 20:21:27 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 20:21:06 —-A—- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 20:21:06 —-A—- C:\Windows\system32\shell32.dll
2014-08-13 20:15:01 —-A—- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 20:15:01 —-A—- C:\Windows\system32\rpcrt4.dll
2014-08-13 20:15:00 —-A—- C:\Windows\system32\aepdu.dll
2014-08-13 20:14:59 —-A—- C:\Windows\system32\aeinv.dll
2014-08-07 11:12:20 —-A—- C:\Windows\SYSWOW64\javaws.exe
2014-08-07 11:12:12 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-07 11:12:12 —-A—- C:\Windows\SYSWOW64\javaw.exe
2014-08-07 11:12:12 —-A—- C:\Windows\SYSWOW64\java.exe
2014-08-07 11:12:03 —-D—- C:\Program Files (x86)\Java
2014-08-01 11:06:58 —-A—- C:\Windows\system32\wups2.dll
2014-08-01 11:06:58 —-A—- C:\Windows\system32\wucltux.dll
2014-08-01 11:06:58 —-A—- C:\Windows\system32\wuaueng.dll
2014-08-01 11:06:58 —-A—- C:\Windows\system32\wuauclt.exe
2014-08-01 11:06:43 —-A—- C:\Windows\SYSWOW64\wups.dll
2014-08-01 11:06:43 —-A—- C:\Windows\SYSWOW64\wudriver.dll
2014-08-01 11:06:43 —-A—- C:\Windows\SYSWOW64\wuapi.dll
2014-08-01 11:06:43 —-A—- C:\Windows\system32\wups.dll
2014-08-01 11:06:43 —-A—- C:\Windows\system32\wudriver.dll
2014-08-01 11:06:43 —-A—- C:\Windows\system32\wuapi.dll
2014-08-01 11:06:15 —-A—- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-01 11:06:15 —-A—- C:\Windows\SYSWOW64\wuapp.exe
2014-08-01 11:06:15 —-A—- C:\Windows\system32\wuwebv.dll
2014-08-01 11:06:15 —-A—- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2014-08-31 20:38:39 —-D—- C:\Windows\Prefetch
2014-08-31 20:38:36 —-D—- C:\Windows\Temp
2014-08-31 20:38:28 —-D—- C:\Program Files
2014-08-31 20:37:00 —-D—- C:\Users\Irma\AppData\Roaming\BitTorrent
2014-08-31 20:30:47 —-D—- C:\Windows\system32\config
2014-08-31 20:28:57 —-SHD—- C:\System Volume Information
2014-08-31 19:23:35 —-D—- C:\Users\Irma\AppData\Roaming\vlc
2014-08-31 17:03:36 —-A—- C:\Windows\SYSWOW64\log.txt
2014-08-31 17:02:33 —-D—- C:\Users\Irma\AppData\Roaming\Dropbox
2014-08-31 17:02:00 —-D—- C:\ProgramData\clear.fi
2014-08-30 00:17:13 —-SHD—- C:\Windows\Installer
2014-08-30 00:04:48 —-D—- C:\Windows
2014-08-29 18:43:00 —-AD—- C:\ProgramData\Temp
2014-08-29 18:42:54 —-D—- C:\Program Files (x86)\SpywareBlaster
2014-08-29 15:00:47 —-D—- C:\Windows\winsxs
2014-08-29 14:59:03 —-D—- C:\Windows\SysWOW64
2014-08-29 14:59:03 —-D—- C:\Windows\System32
2014-08-29 14:31:01 —-D—- C:\Windows\inf
2014-08-29 14:31:01 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-08-28 19:59:53 —-D—- C:\Windows\system32\catroot
2014-08-26 23:15:13 —-D—- C:\Windows\system32\drivers
2014-08-26 23:14:59 —-RD—- C:\Program Files (x86)
2014-08-26 22:28:14 —-D—- C:\Windows\system32\catroot2
2014-08-26 13:45:15 —-D—- C:\Windows\rescache
2014-08-26 12:44:17 —-D—- C:\Windows\Branding
2014-08-26 00:36:26 —-D—- C:\Windows\SYSWOW64\nl-NL
2014-08-26 00:36:26 —-D—- C:\Windows\system32\nl-NL
2014-08-26 00:36:26 —-D—- C:\Windows\system32\DriverStore
2014-08-26 00:36:26 —-D—- C:\Windows\system32\drivers\nl-NL
2014-08-26 00:36:26 —-D—- C:\Windows\PolicyDefinitions
2014-08-26 00:16:48 —-D—- C:\Windows\system32\Tasks
2014-08-26 00:16:47 —-D—- C:\Windows\Tasks
2014-08-25 16:37:27 —-HD—- C:\ProgramData
2014-08-25 12:11:53 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-15 11:04:01 —-D—- C:\Program Files (x86)\Internet Explorer
2014-08-14 19:29:39 —-D—- C:\Windows\debug
2014-08-14 10:38:49 —-A—- C:\Windows\wininit.ini
2014-08-14 01:10:29 —-D—- C:\Windows\Microsoft.NET
2014-08-14 01:10:01 —-RSD—- C:\Windows\assembly
2014-08-14 00:52:18 —-RSD—- C:\Windows\Fonts
2014-08-14 00:52:18 —-D—- C:\Windows\ehome
2014-08-14 00:52:13 —-D—- C:\Program Files\Internet Explorer
2014-08-14 00:52:12 —-D—- C:\Windows\SYSWOW64\en-US
2014-08-14 00:52:12 —-D—- C:\Windows\system32\en-US
2014-08-14 00:17:48 —-D—- C:\Windows\system32\MRT
2014-08-14 00:15:08 —-A—- C:\Windows\system32\MRT.exe
2014-08-14 00:08:49 —-SD—- C:\Windows\system32\CompatTel
2014-08-12 23:31:56 —-D—- C:\Users\Irma\AppData\Roaming\dvdcss
2014-08-07 11:12:36 —-D—- C:\ProgramData\Oracle
2014-08-07 11:12:25 —-D—- C:\Program Files (x86)\Common Files
2014-08-05 09:20:00 —-N—- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys
S3 cleanhlp;cleanhlp; \??\C:\Users\Irma\Desktop\EmsisoftEmergencyKit\Run\cleanhlp64.sys
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
Ben

31-08-2014 20:57

Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
piefpafpoef

03-09-2014 16:11

Hay Ben,
hierbij het zoek logje :
Zoek.exe v5.0.0.0 Updated 03-September-2014
Tool run by Irma on wo 03-09-2014 at 15:44:20,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Irma\Desktop\zoek.exe
==== System Restore Info ======================
3-9-2014 15:44:58 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\PokerStars.EU deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Irma\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Irma\AppData\Roaming\TP deleted successfully
C:\Users\Irma\AppData\Local\PokerStars.EU deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Irma\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Irma\AppData\Roaming\Mozilla\Firefox\Profiles\0snpc061.default
user.js not found
—- Lines CT2849859 removed from prefs.js —-
user_pref(“CT2849859.1000234.TWC_TMP_city”, “AMERSFOORT”);
user_pref(“CT2849859.1000234.TWC_TMP_country”, “NL”);
user_pref(“CT2849859.1000234.TWC_locId”, “NLXX0056”);
user_pref(“CT2849859.1000234.TWC_location”, “Amersfoort, Netherlands”);
user_pref(“CT2849859.1000234.TWC_region”, “OT”);
user_pref(“CT2849859.1000234.TWC_temp_dis”, “c”);
user_pref(“CT2849859.1000234.TWC_wind_dis”, “kmh”);
user_pref(“CT2849859.1000234.weatherData”, “{\”icon\“:\”26.png\“,\”temperature\“:\”-3°C\“,\”temperatureClear\“:\”-3°C\“,\”highTemperature\“:\”-3°C\
user_pref(“CT2849859.CBOpenMAMSettings.enc”, “MA==”);
user_pref(“CT2849859.ENABALE_HISTORY”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.FirstTime”, “true”);
user_pref(“CT2849859.FirstTimeFF3”, “true”);
user_pref(“CT2849859.LoginRevertSettingsEnabled”, true);
user_pref(“CT2849859.PairingKey.enc”, “NTJBNUI4Qzk5MkQ1QUEzOUUwMDBDNzIzNjk1MTlFNjQ4NjY3QzgyRQ==”);
user_pref(“CT2849859.RevertSettingsEnabled”, true);
user_pref(“CT2849859.UserID”, “UN44629532387150877”);
user_pref(“CT2849859.addressBarTakeOverEnabledInHidden”, “true”);
user_pref(“CT2849859.autoDisableScopes”, -1);
user_pref(“CT2849859.cbcountry_001.enc”, “Tkw=”);
user_pref(“CT2849859.cbfirsttime.enc”, “U3VuIEphbiAyMCAyMDEzIDE4OjUyOjM0IEdNVCswMTAw”);
user_pref(“CT2849859.defaultSearch”, “false”);
user_pref(“CT2849859.embeddedsData”, "[{\“appId\”:\“129349798533094661\”,\“apiPermissions\”:{\“crossDomainAjax\”:true,\“getMainFrameTitle\”:true,\"get
user_pref(“CT2849859.enableAlerts”, “always”);
user_pref(“CT2849859.enableSearchFromAddressBar”, “false”);
user_pref(“CT2849859.firstTimeDialogOpened”, “true”);
user_pref(“CT2849859.fixPageNotFoundError”, “true”);
user_pref(“CT2849859.fixPageNotFoundErrorInHidden”, “true”);
user_pref(“CT2849859.fixUrls”, true);
user_pref(“CT2849859.installType”, “xpe”);
user_pref(“CT2849859.isCheckedStartAsHidden”, true);
user_pref(“CT2849859.isEnableAllDialogs”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.isFirstTimeToolbarLoading”, “false”);
user_pref(“CT2849859.isNewTabEnabled”, false);
user_pref(“CT2849859.isPerformedSmartBarTransition”, “true”);
user_pref(“CT2849859.isToolbarShrinked”, “{\”dataType\“:\”string\“,\”data\“:\”false\“}”);
user_pref(“CT2849859.isWelcomPage”, “{\”dataType\“:\”boolean\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.migrateAppsAndComponents”, true);
user_pref(“CT2849859.navigationAliasesJson”, “{\”EB_SEARCH_TERM\“:\”\“,\”EB_MAIN_FRAME_URL\“:\”\“,\”EB_MAIN_FRAME_TITLE\“:\”\“,\”EB_TOOLBAR_SUB_DOMAIN
user_pref(“CT2849859.openThankYouPage”, “true”);
user_pref(“CT2849859.openUninstallPage”, “false”);
user_pref(“CT2849859.revertSettingsEnabled”, “false”);
user_pref(“CT2849859.scriptSource.enc”, “aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv”);
user_pref(“CT2849859.search.searchAppId”, “129349798533094661”);
user_pref(“CT2849859.search.searchCount”, “1”);
user_pref(“CT2849859.searchInNewTabEnabled”, “false”);
user_pref(“CT2849859.searchInNewTabEnabledInHidden”, “true”);
user_pref(“CT2849859.searchProtector.notifyChanges”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.selectToSearchBoxEnabled”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.serviceLayer_service_login_isFirstLoginInvoked”, “{\”dataType\“:\”boolean\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.serviceLayer_service_login_loginCount”, “{\”dataType\“:\”number\“,\”data\“:\”4\“}”);
user_pref(“CT2849859.serviceLayer_service_toolbarGrouping_activeCTID”, “{\”dataType\“:\”string\“,\”data\“:\”CT2849859\“}”);
user_pref(“CT2849859.serviceLayer_service_toolbarGrouping_activeDownloadUrl”, “{\”dataType\“:\”string\“,\”data\“:\”http://BittorrentBarNL.OurToolbar.c
user_pref(“CT2849859.serviceLayer_service_toolbarGrouping_activeToolbarName”, “{\”dataType\“:\”string\“,\”data\“:\”BittorrentBar_NL\“}”);
user_pref(“CT2849859.serviceLayer_service_toolbarGrouping_invoked”, “{\”dataType\“:\”string\“,\”data\“:\”true\“}”);
user_pref(“CT2849859.serviceLayer_services_appTrackingFirstTime_lastUpdate”, “1358704351800”);
user_pref(“CT2849859.serviceLayer_services_appsMetadata_lastUpdate”, “1358704351706”);
user_pref(“CT2849859.serviceLayer_services_gottenAppsContextMenu_lastUpdate”, “1358704353247”);
user_pref(“CT2849859.serviceLayer_services_login_10.13.40.15_lastUpdate”, “1358704352638”);
user_pref(“CT2849859.serviceLayer_services_otherAppsContextMenu_lastUpdate”, “1358704353302”);
user_pref(“CT2849859.serviceLayer_services_searchAPI_lastUpdate”, “1358704350636”);
user_pref(“CT2849859.serviceLayer_services_serviceMap_lastUpdate”, “1358704350446”);
user_pref(“CT2849859.serviceLayer_services_toolbarContextMenu_lastUpdate”, “1358704353124”);
user_pref(“CT2849859.serviceLayer_services_toolbarSettings_lastUpdate”, “1358713055376”);
user_pref(“CT2849859.serviceLayer_services_translation_lastUpdate”, “1358704351806”);
user_pref(“CT2849859.settingsINI”, true);
user_pref(“CT2849859.shouldFirstTimeDialog”, “false”);
user_pref(“CT2849859.smartbar.CTID”, “CT2849859”);
user_pref(“CT2849859.smartbar.Uninstall”, “0”);
user_pref(“CT2849859.smartbar.toolbarName”, “BittorrentBar_NL ”);
user_pref(“CT2849859.startPage”, “false”);
user_pref(“CT2849859.toolbarBornServerTime”, “20-1-2013”);
user_pref(“CT2849859.toolbarCurrentServerTime”, “20-1-2013”);
user_pref(“CT2849859.toolbarDisabled”, “true”);
user_pref(“CT2849859.uTTorrents.enc”, "eyJidWlsZCI6Mjg3MDYsImxhYmVsIjpbXSwidG9ycmVudHMiOltdLCJ0b3JyZW50YyI6IjE4NDM5OTQ5NzQiLCJyc3NmZWVkcyI6W10sInJzc2Z
user_pref(“CT2849859.url_history0001.enc”, "aHR0cDovL2FudGl2aXJ1cy5zdGFydHBhZ2luYS5ubC9wcmlrYm9yZC86OjpjbGlja2hhbmRsZXI6OjoxMzU4NzA4MDEzMDM2LCwsaHR0cD
user_pref(“CT2849859_Firefox.csv”, "
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“BitTorrent”=“C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED”
“RESTART_STICKY_NOTES”=“C:\Windows\System32\StikyNot.exe”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“AvastUI.exe”=“C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“QuickTime Task”=“C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“iTunesHelper”=“C:\Program Files (x86)\iTunes\iTunesHelper.exe”
“BitTorrent”=“C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED”
“RESTART_STICKY_NOTES”=“C:\Windows\System32\StikyNot.exe”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“Persistence”=“C:\Windows\system32\igfxpers.exe”
“RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“SynTPEnh”=“%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ”
==== Startup Registry Disabled x64 ======================
“command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“hkey”=“HKLM”
“item”=“Adobe ARM”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“hkey”=“HKLM”
“item”=“APSDaemon”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\Acer\\clear.fi\\Movie\\clear.fiMovieService.exe\“”
“hkey”=“HKLM”
“item”=“ArcadeMovieService”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\“ -h -k”
“hkey”=“HKLM”
“item”=“BackupManagerTray”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Program Files (x86)\\Launch Manager\\LManager.exe”
“hkey”=“HKLM”
“item”=“LManager”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe”
“hkey”=“HKLM”
“item”=“Power Management”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\QuickTime\\QTTask.exe\“ -atboottime”
“hkey”=“HKLM”
“item”=“QuickTime Task”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“command”=“\”C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\“”
“hkey”=“HKLM”
“item”=“SuiteTray”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
==== Startup Folders ======================
2014-01-19 20:21:36 1051 —-a-w- C:\Users\Irma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:X6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\clear.fi”
“C:\Windows\SysNative\tasks\clear.fiAgent”
“C:\Windows\SysNative\tasks\DMREngine”
“C:\Windows\SysNative\tasks\EgisUpdate”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\PMMUpdate”
“C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2014-08-20 11:18:16 ——– d—–w- C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-25 14:37:27 ——– d—–w- C:\PROGRA~3\Fighters
==== Firefox Extensions Registry ======================
“wrc@avast.com”=“C:\Program Files\AVAST Software\Avast\WebRep\FF”
==== Firefox Extensions ======================
ProfilePath: C:\Users\Irma\AppData\Roaming\Mozilla\Firefox\Profiles\0snpc061.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Irma\AppData\Roaming\Mozilla\Firefox\Profiles\0snpc061.default
9EE20E6E2E3F94714D44F739B9A228F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll - Shockwave Flash
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Irma\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Irma\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.msn.com/?pc=AV01”
New Values:
“Start Page”=“http://www.msn.com/?pc=AV01”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}”
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=“http://www.google.com/search?q={searchTerms}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url=“Not_Found”
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url=“http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1887173693-2935056229-3156589105-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
==== HijackThis Entries ======================
R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 - HKCU\..\Run: “C:\Users\Irma\AppData\Roaming\BitTorrent\BitTorrent.exe” /MINIMIZED
O4 - HKCU\..\Run: C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘Default user’)
O4 - Startup: Dropbox.lnk = Irma\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Irma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Irma\AppData\Local\Mozilla\Firefox\Profiles\0snpc061.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=59 folders=9 616891 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Irma\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Irma\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log” not found
==== EOF on wo 03-09-2014 at 16:09:13,66 ======================
alvast bedankt, vr groet Irma
Ben

03-09-2014 16:38

Hallo,
Voer zoek.exe nogmaals uit met de volgende code;
{2d8d9acc-f6d7-4362-8876-a275ca929591};c
Doe daarna;
Download AdwCleaner by Xplode naar het bureaublad.
* Sluit alle openstaande vensters.
* Dubbelklik op AdwCleaner om hem te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,
* Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Klik vervolgens op Scannen.
* Klik vervolgens op Verwijderen als er items zijn gevonden.
* Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt
Post aansluitend de inhoud van dit log in je volgende bericht.
piefpafpoef

03-09-2014 18:15

Hay Ben,
ik weet niet zeker of ik het goed heb gedaan
er is niets gevonden volgens mij, als ik af wil sluiten moet ik dan
sowiezo op verwijderen drukken ??
# AdwCleaner v3.309 - Rapport aangemaakt 03/09/2014 op 18:07:27
# Laatste Update 02/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruikersnaam : Irma - IRMA-PC
# Gestart vanuit : C:\Users\Irma\Desktop\adwcleaner_3.309.exe
# Optie : Scannen
***** *****
***** *****
***** *****
***** *****
***** *****
Sleutel Gevonden : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_any-video-converter_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_any-video-converter_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_bittorrent_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_bittorrent_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v32.0 (x86 nl)
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Ben

03-09-2014 18:17

Hallo,
Als je op het tabblad “Register” druk dan zie je het, dus scan opnieuw en druk daarna op verwijderen (tu)
piefpafpoef

03-09-2014 18:22

Hay Ben,
ik had op verwijderen gedrukt en de pc is opnieuw opgestart
heb ik het nu goed gedaan ??
Thnx !!
# AdwCleaner v3.309 - Rapport aangemaakt 03/09/2014 op 18:16:44
# Laatste Update 02/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruikersnaam : Irma - IRMA-PC
# Gestart vanuit : C:\Users\Irma\Desktop\adwcleaner_3.309.exe
# Optie : Verwijderen
***** *****
***** *****
***** *****
***** *****
***** *****
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_any-video-converter_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_any-video-converter_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_bittorrent_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_bittorrent_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v32.0 (x86 nl)
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Ben

03-09-2014 18:26

Hallo,
Je heb het heel goed gedaan, hoe staat het hierna met je probleem?
piefpafpoef

03-09-2014 18:32

Okay heel erg bedankt voor je hulp
ik moet nu even kijken hoe de laptop gaat…
ik neem aan dat je verder geen virussen ziet oid ?
en kan ik die adware zelf ook blijven gebruiken
of alleen met hulp van jullie ??
vr bedankt voor alle moeite !!
gr Irma
Ben

03-09-2014 18:36

Hallo,
De programma's die we gebruikt zijn kan je niet blijven gebruiken, MalwareBytes wel;
Download MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.
Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
Wanneer het installeren van Malwarebytes Anti-Malware gereed is krijgt je twee opties te zien die aangevinkt staan.
Haal het vinkje weg bij de probeerversie, want de “gewone” is volledig gratis en kan op jou computer blijven.
Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
De scan wordt nu automatisch gestart, gebruik de computer bij voorkeur niet tijdens de scan.
*Wanneer er geen bedreigingen zijn gedetecteerd klikt je na de scan op Bekijk gedetailleerd logboek.
Klik vervolgens op de knop Exporteer en kies de optie “Tekstbestand (*.txt)”.
Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
*Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
Selecteer het laatste Scanlogboek en klik op de knop Bekijk.
Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
MalwareBytes' Anti-Malware logbestand plaatsen
Voeg het logbestand wat je zojuist heeft opgeslagen toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)

Niet zeker of m'n laptop virus vrij is

piefpafpoef

Ben

piefpafpoef

Ben

piefpafpoef

Ben

piefpafpoef

Ben

piefpafpoef

Ben