ibizavirus

beste kweezie wabbit en kape, bedankt voor jullie hulp en tot ziens.

ok, delfix en ccleaner gedraaid. hoe kan ik het beste ccc bestanden verwijderen?

beste Kape, naar mijn gevoel is de comp weer op snelheid. de toekomst zal het verder uitwijzen. nogmaals bedankt voor je medewerking. vr gr Ron

Zoek.exe Version 4.0.0.5 Updated 09-October-2013 Tool run by Ron on 11/10/2013 at 19:49:56,87. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ron\Desktop\Nieuwe map\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-10-10-172828.log 50369 bytes C:\zoek-results2013-10-11-173239.log 21673 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.0) - Nederlands Adobe Reader X (10.1.3) - Espa¤ol AirPort AMD USB Filter Driver Apple Mobile Device Support Apple Software Update AquaSoft \"SlideShow 7 for YouTube\" ASRock IES v2.0.84 ASRock InstantBoot v1.24 ASRock OC Tuner v2.3.81 ATI Catalyst Install Manager AVG 2014 Bonjour Brother MFL-Pro Suite DCP-540CN Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CCLeaner y Manual de Usuario 1.00 Compatibilidad con Aplicaciones de Apple CopyTrans Suite Remove Only devolo dLAN-configuratiewizard devolo Informer DVD Shrink 3.2 DVDFab 8.0.5.5 (04/12/2010) Google Chrome Google Earth HitmanPro 3.7 hosts Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) iCloud iTunes iVIDI Plugin 1.3 Java 7 Update 25 Java Auto Updater JDownloader 0.9 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MobileCamStreamerT MobileMe Control Panel MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec NEC Electronics USB 3.0 Host Controller Driver Nokia Connectivity Cable Driver Nokia Ovi Suite Nokia Ovi Suite Software Updater Nokia PC Suite Nokia Software Updater Ovi Desktop Sync Engine OviMPlatform PC Connectivity Solution Picasa 3 QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Safari Sammsoft Toolbar Samsung Kies Samsung Mobile phone USB driver Drive Software Samsung PC Studio 3 USB Driver Installer Samsung SecretZone SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Sound Blaster X-Fi MB Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.0.6 Windows-stuurprogrammapakket - Nokia Modem (06/09/2010 7.01.0.8) Windows-stuurprogrammapakket - Nokia Modem (10/07/2010 4.6) Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows 7 Upgrade Advisor WinRAR Wireless Keyboard Driver Zero Assumption Recovery Version 9 ==== Deleting Services ====================== ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [19/06/2011 17:53] ==== Chrome Look ====================== PasswordBox - Free Password Manager - Ron - Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb Chrome In-App Payments service - Ron - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ron\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on 11/10/2013 at 20:53:03,33 ======================

@wabbit hole, geen probleem. had de comp snel nodig en was een beetje geirriteerd. bedankt voor je bijdrage en kape heeft mij zeker goed geholpen. we moeten idd blij zijn dat jullie vrijwilligers het oplossen voor ons leken. ga zo door. @kape, type foutje komt door spaanse taal. heb het echter wel goed gedaan met controlle in de aangegeven plaatsen. niks gevonden dus......nu??

ik heb direct in C gekeken en in start zoeken het woord BITQUARD ingetoetst. is dit voldoende omdat soms bestanden ontzichtbaar zijn. heb trouwens niks gevonden.

# AdwCleaner v3.007 - Report created 10/10/2013 at 21:12:34 # Updated 09/10/2013 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Ron - RON-DESKTOP-PC # Running from : C:\Users\Ron\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** [x] Not Deleted : C:\ProgramData\AVG Secure Search ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16448 ************************* AdwCleaner[R0].txt - [11497 octets] - [10/10/2013 21:06:04] AdwCleaner[s0].txt - [601 octets] - [10/10/2013 21:12:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [660 octets] ##########

Zoek.exe Version 4.0.0.5 Updated 09-October-2013 Tool run by Ron on 10/10/2013 at 18:43:02,74. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ron\Desktop\Nieuwe map\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 10/10/2013 18:47:35 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] "ApnTBMon"=- ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\hosts\hosts-bho.dll" deleted "C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted "C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted "C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted "C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted "C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted "C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted "C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted "C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-chromeinstaller" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-enabler" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-updater" deleted "C:\windows\SysNative\tasks\Updater35382.exe" deleted "C:\windows\SysNative\tasks\BitGuard" deleted "C:\user.js" deleted "C:\prefs.js" deleted "C:\Windows\Syswow64\tmp8813.tmp" deleted "C:\Windows\Syswow64\tmp8814.tmp" deleted "C:\Users\Public\Desktop\YourFile Downloader.lnk" deleted "C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted "C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted "C:\Users\Ron\Desktop\Search.lnk" deleted "C:\Program Files (x86)\YourFileDownloader\htmlayout.dll" deleted "C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Users\Ron\AppData\Roaming\Vso" deleted "C:\Users\Ron\AppData\Roaming\Ezyn" deleted "C:\Users\Ron\AppData\Roaming\Temp" deleted "C:\Program Files (x86)\Plus-HD-2.3" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Program Files (x86)\Media Crawler" deleted "C:\ProgramData\BitGuard" not deleted "C:\Users\Ron\AppData\Roaming\OpenCandy" deleted "C:\Program Files (x86)\iVIDI.org plugin" deleted "C:\Program Files (x86)\YourFileDownloader" deleted "C:\Program Files (x86)\hosts" deleted "C:\Program Files (x86)\MyFree Codec" deleted "C:\Program Files (x86)\Plus-HD-2.3" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Users\Ron\AppData\Roaming\SpeedyPC Software" deleted "C:\Users\Ron\AppData\Roaming\ParetoLogic" deleted "C:\Users\Ron\AppData\Roaming\DriverCure" deleted "C:\Users\Ron\AppData\Roaming\Babylon" deleted "C:\Users\Ron\AppData\Roaming\File Scout" deleted "C:\Users\Ron\AppData\Roaming\Systweak" deleted "C:\Users\Ron\AppData\Roaming\YourFileDownloader" deleted "C:\Users\Ron\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\AskPartnerNetwork" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\BitGuard" not deleted "C:\ProgramData\SpeedyPC Software" deleted "C:\ProgramData\DSearchLink" deleted "C:\ProgramData\ParetoLogic" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Ron\AppData\Local\OpenCandy" deleted "C:\Users\Ron\AppData\Local\Updater35382" deleted "C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted "C:\Users\Ron\AppData\LocalLow\Delta" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\ProgramData\BitGuard\2.6.1694.246" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\ProgramData\BitGuard\2.6.1694.246" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ron\AppData\Local\Temp ==== 2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-10-08 20:09:24 AE2CF300E9EBB005C9AB088C38A8C6DF 2034 ----a-w- C:\Windows\Sysnative\.crusader 2013-09-30 19:04:24 D74615934916D983058244B8579C63F4 1648 ----a-w- C:\Windows\Sysnative\ASOROSet.bin 2013-09-29 17:52:48 283A67C518FE4B3BBAA5DEBFCD9E062F 318 ----a-w- C:\Windows\Sysnative\ayboot.ini ====== C:\Windows\Sysnative\drivers ===== 2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys ====== C:\Windows\Tasks ====== 2013-10-01 16:27:18 90B8842321E2B60751085C44FC7C51BD 3514 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3 2013-10-01 16:27:18 85D9F7A43B12ED2A6B6295B7D8E9213A 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job 2013-10-01 16:27:17 EDBB8309920517CCEFA1E48DC1B62AC6 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job 2013-10-01 16:27:17 0A0A525D9BEEA3F3D707B3989A8D0CE0 3588 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-08 20:04:31 -------- d-----w- C:\Program Files\HitmanPro 2013-10-08 11:55:00 -------- d-----w- C:\Program Files\trend micro 2013-10-01 16:26:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-09-29 17:44:09 -------- d-----w- C:\Program Files\Roboscan 2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iTunes 2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iPod ======= C:\Program Files (x86) ===== 2013-10-10 09:41:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2013-10-10 09:39:23 -------- d-----w- C:\Program Files (x86)\AVG 2013-10-01 20:27:36 -------- d-----w- C:\Program Files (x86)\Tododownloads 2013-09-21 07:26:42 -------- d-----w- C:\Program Files (x86)\iTunes ======= C: ===== ====== C:\Users\Ron\AppData\Roaming ====== 2013-10-10 09:44:37 -------- d-----w- C:\Users\Ron\AppData\Roaming\AVG2014 2013-10-10 09:43:40 -------- d-----w- C:\Users\Ron\AppData\Local\AVG Secure Search 2013-10-10 09:43:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2013-10-10 09:42:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2013-10-10 09:42:40 -------- d-----w- C:\Users\Ron\AppData\Roaming\TuneUp Software 2013-10-10 09:39:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2013-10-01 16:27:07 -------- d-----w- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com 2013-09-29 17:10:03 -------- d-----w- C:\Users\Ron\AppData\Local\Avg2014 2013-09-26 13:52:57 -------- d-----w- C:\Users\Ron\AppData\Locallow\Unitech LLC 2013-09-21 09:48:36 -------- d-----w- C:\Users\Ron\AppData\Local\avgchrome ====== C:\Users\Ron ====== 2013-10-10 09:42:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-10-10 09:42:05 -------- d-----w- C:\ProgramData\AVG Secure Search 2013-10-10 09:40:21 -------- d-----w- C:\ProgramData\AVG2014 2013-10-08 20:04:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-10-08 19:54:53 -------- d-----w- C:\ProgramData\HitmanPro 2013-10-01 16:26:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-09-29 17:44:11 -------- d-----w- C:\ProgramData\Roboscan 2013-09-21 07:27:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-09-21 07:26:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-21 07:04:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2013-09-21 06:40:05 -------- d-----w- C:\ProgramData\BitGuard ====== C: exe-files == 2013-10-10 10:30:20 43B63250671DDA87C44E00781D11F07D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IJXAKTK.exe 2013-10-10 09:42:14 3F8F7283423EF7905A0F98717E7466BC 144920 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe 2013-10-10 09:42:08 2EBE2FCD878BCDD8A94B1A7C7ADC7574 2374168 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe 2013-10-10 09:42:05 E4650A5D381FF79711FCA554167E0931 1734680 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe 2013-10-10 09:41:56 D2D205152397398A218DEB418757DB43 944664 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe 2013-10-10 09:41:56 B8CD822E488D17FF40B2EAA3AD8F7ADD 2404376 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe 2013-10-10 09:41:56 81AF02CFDC98FE4551308171C3687093 644120 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe 2013-10-10 09:41:56 266D63DF05B5ADB17E099E4D2585BC44 1959960 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe 2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe 2013-10-08 20:04:32 3EDAD05F378D4751E14CDA596A5E7E43 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-10-08 20:04:31 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2013-10-08 19:57:03 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Users\Ron\Desktop\comp\HitmanPro_x64.exe 2013-10-08 11:55:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ron.exe 2013-10-08 11:52:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ron\Desktop\comp\RSITx64.exe 2013-10-08 11:39:20 28930CA59C0EEAB65D2BA35CEFB81AAD 4425448 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RJXAKTK.exe 2013-10-04 16:46:28 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe === C: other files == 2013-10-10 16:42:17 1E4A05CF2B1C5B0DB896FA24E11B4C2E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IP8JTTH.com 2013-10-10 16:42:16 47E1B6DB7529FFC881F61A13FBE9866E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IHX6D2H.zip 2013-10-10 14:30:20 3D92DDBED8254EA0A089B166D434205B 1387038 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RP8JTTH.com 2013-10-10 14:27:27 2E56D5C213453581A5FA48B345F4FE96 3892784 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RHX6D2H.zip 2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-10-10 09:41:56 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "VolPanel"="C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe /r" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "WIRELESS-KB-LED-STATUS"="C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "AirPort Base Station Agent"="C:\Program Files (x86)\AirPort\APAgent.exe" "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry" "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "NokiaOviSuite2"="C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "UpdReg"="C:\\Windows\\UpdReg.EXE" ==== Startup Folders ====================== 2011-02-21 18:01:39 1310 ----a-w- C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{04BD2DB7-A77C-4FD7-9B39-8F9758A5441B}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\YourFile Update" [C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe] "C:\Windows\SysNative\tasks\{01A88DFD-FB20-4254-B31C-4CEF99B224B5}" [F:\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\{A226DC20-5B1B-4F37-B1F4-D289A3B868C0}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\{BA1EC3AE-6CB7-428E-A285-9AF4DE287ECA}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe] "C:\Windows\SysNative\tasks\{E47C8C26-B64C-4D35-84CE-4053DA9D744C}" [F:\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox in Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [19/06/2011 17:53] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaajlichkifkomgmecdgjpogphafeml - C:\ProgramData\AskPartnerNetwork\Toolbar\BLP-V7\CRX\ToolbarCR.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\Ron\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[] giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[] Sammsoft Toolbar - Ron - Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml YouTube - Ron - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Ron - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf PasswordBox - Free Password Manager - Ron - Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb iVIDI.org plugin - Ron - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol Chrome In-App Payments service - Ron - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda hosts - Ron - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa Plus-HD-2.3 - Ron - Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec Gmail - Ron - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaajlichkifkomgmecdgjpogphafeml_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Dogpile Web Search" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="Dogpile Web Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - Startup: MobileCamStreamer™.appref-ms O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ron\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\ProgramData\BitGuard" not found "C:\ProgramData\BitGuard" not found ==== EOF on 10/10/2013 at 19:28:28,79 ======================

Zoek.exe Version 4.0.0.5 Updated 09-October-2013 Tool run by Ron on 10/10/2013 at 18:43:02,74. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ron\Desktop\Nieuwe map\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 10/10/2013 18:47:35 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] "ApnTBMon"=- ==== Deleting Files \ Folders ====================== "C:\Program Files (x86)\hosts\hosts-bho.dll" deleted "C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted "C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted "C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted "C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted "C:\Program Files (x86)\Mozilla Firefox\user.js" deleted "C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted "C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted "C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted "C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted "C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-chromeinstaller" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-enabler" deleted "C:\windows\SysNative\tasks\Plus-HD-2.3-updater" deleted "C:\windows\SysNative\tasks\Updater35382.exe" deleted "C:\windows\SysNative\tasks\BitGuard" deleted "C:\user.js" deleted "C:\prefs.js" deleted "C:\Windows\Syswow64\tmp8813.tmp" deleted "C:\Windows\Syswow64\tmp8814.tmp" deleted "C:\Users\Public\Desktop\YourFile Downloader.lnk" deleted "C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted "C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted "C:\Users\Ron\Desktop\Search.lnk" deleted "C:\Program Files (x86)\YourFileDownloader\htmlayout.dll" deleted "C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted "C:\Users\Ron\AppData\Roaming\Vso" deleted "C:\Users\Ron\AppData\Roaming\Ezyn" deleted "C:\Users\Ron\AppData\Roaming\Temp" deleted "C:\Program Files (x86)\Plus-HD-2.3" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Program Files (x86)\Media Crawler" deleted "C:\ProgramData\BitGuard" not deleted "C:\Users\Ron\AppData\Roaming\OpenCandy" deleted "C:\Program Files (x86)\iVIDI.org plugin" deleted "C:\Program Files (x86)\YourFileDownloader" deleted "C:\Program Files (x86)\hosts" deleted "C:\Program Files (x86)\MyFree Codec" deleted "C:\Program Files (x86)\Plus-HD-2.3" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Users\Ron\AppData\Roaming\SpeedyPC Software" deleted "C:\Users\Ron\AppData\Roaming\ParetoLogic" deleted "C:\Users\Ron\AppData\Roaming\DriverCure" deleted "C:\Users\Ron\AppData\Roaming\Babylon" deleted "C:\Users\Ron\AppData\Roaming\File Scout" deleted "C:\Users\Ron\AppData\Roaming\Systweak" deleted "C:\Users\Ron\AppData\Roaming\YourFileDownloader" deleted "C:\Users\Ron\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\AskPartnerNetwork" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\BitGuard" not deleted "C:\ProgramData\SpeedyPC Software" deleted "C:\ProgramData\DSearchLink" deleted "C:\ProgramData\ParetoLogic" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Premium" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Ron\AppData\Local\OpenCandy" deleted "C:\Users\Ron\AppData\Local\Updater35382" deleted "C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted "C:\Users\Ron\AppData\LocalLow\Delta" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\ProgramData\BitGuard\2.6.1694.246" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\ProgramData\BitGuard\2.6.1694.246" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ron\AppData\Local\Temp ==== 2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-10-08 20:09:24 AE2CF300E9EBB005C9AB088C38A8C6DF 2034 ----a-w- C:\Windows\Sysnative\.crusader 2013-09-30 19:04:24 D74615934916D983058244B8579C63F4 1648 ----a-w- C:\Windows\Sysnative\ASOROSet.bin 2013-09-29 17:52:48 283A67C518FE4B3BBAA5DEBFCD9E062F 318 ----a-w- C:\Windows\Sysnative\ayboot.ini ====== C:\Windows\Sysnative\drivers ===== 2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys ====== C:\Windows\Tasks ====== 2013-10-01 16:27:18 90B8842321E2B60751085C44FC7C51BD 3514 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3 2013-10-01 16:27:18 85D9F7A43B12ED2A6B6295B7D8E9213A 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job 2013-10-01 16:27:17 EDBB8309920517CCEFA1E48DC1B62AC6 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job 2013-10-01 16:27:17 0A0A525D9BEEA3F3D707B3989A8D0CE0 3588 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-08 20:04:31 -------- d-----w- C:\Program Files\HitmanPro 2013-10-08 11:55:00 -------- d-----w- C:\Program Files\trend micro 2013-10-01 16:26:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-09-29 17:44:09 -------- d-----w- C:\Program Files\Roboscan 2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iTunes 2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iPod ======= C:\Program Files (x86) ===== 2013-10-10 09:41:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2013-10-10 09:39:23 -------- d-----w- C:\Program Files (x86)\AVG 2013-10-01 20:27:36 -------- d-----w- C:\Program Files (x86)\Tododownloads 2013-09-21 07:26:42 -------- d-----w- C:\Program Files (x86)\iTunes ======= C: ===== ====== C:\Users\Ron\AppData\Roaming ====== 2013-10-10 09:44:37 -------- d-----w- C:\Users\Ron\AppData\Roaming\AVG2014 2013-10-10 09:43:40 -------- d-----w- C:\Users\Ron\AppData\Local\AVG Secure Search 2013-10-10 09:43:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2013-10-10 09:42:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2013-10-10 09:42:40 -------- d-----w- C:\Users\Ron\AppData\Roaming\TuneUp Software 2013-10-10 09:39:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2013-10-01 16:27:07 -------- d-----w- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com 2013-09-29 17:10:03 -------- d-----w- C:\Users\Ron\AppData\Local\Avg2014 2013-09-26 13:52:57 -------- d-----w- C:\Users\Ron\AppData\Locallow\Unitech LLC 2013-09-21 09:48:36 -------- d-----w- C:\Users\Ron\AppData\Local\avgchrome ====== C:\Users\Ron ====== 2013-10-10 09:42:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2013-10-10 09:42:05 -------- d-----w- C:\ProgramData\AVG Secure Search 2013-10-10 09:40:21 -------- d-----w- C:\ProgramData\AVG2014 2013-10-08 20:04:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-10-08 19:54:53 -------- d-----w- C:\ProgramData\HitmanPro 2013-10-01 16:26:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-09-29 17:44:11 -------- d-----w- C:\ProgramData\Roboscan 2013-09-21 07:27:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-09-21 07:26:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-21 07:04:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2013-09-21 06:40:05 -------- d-----w- C:\ProgramData\BitGuard ====== C: exe-files == 2013-10-10 10:30:20 43B63250671DDA87C44E00781D11F07D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IJXAKTK.exe 2013-10-10 09:42:14 3F8F7283423EF7905A0F98717E7466BC 144920 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe 2013-10-10 09:42:08 2EBE2FCD878BCDD8A94B1A7C7ADC7574 2374168 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe 2013-10-10 09:42:05 E4650A5D381FF79711FCA554167E0931 1734680 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe 2013-10-10 09:41:56 D2D205152397398A218DEB418757DB43 944664 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe 2013-10-10 09:41:56 B8CD822E488D17FF40B2EAA3AD8F7ADD 2404376 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe 2013-10-10 09:41:56 81AF02CFDC98FE4551308171C3687093 644120 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe 2013-10-10 09:41:56 266D63DF05B5ADB17E099E4D2585BC44 1959960 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe 2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe 2013-10-08 20:04:32 3EDAD05F378D4751E14CDA596A5E7E43 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-10-08 20:04:31 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2013-10-08 19:57:03 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Users\Ron\Desktop\comp\HitmanPro_x64.exe 2013-10-08 11:55:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ron.exe 2013-10-08 11:52:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ron\Desktop\comp\RSITx64.exe 2013-10-08 11:39:20 28930CA59C0EEAB65D2BA35CEFB81AAD 4425448 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RJXAKTK.exe 2013-10-04 16:46:28 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe === C: other files == 2013-10-10 16:42:17 1E4A05CF2B1C5B0DB896FA24E11B4C2E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IP8JTTH.com 2013-10-10 16:42:16 47E1B6DB7529FFC881F61A13FBE9866E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IHX6D2H.zip 2013-10-10 14:30:20 3D92DDBED8254EA0A089B166D434205B 1387038 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RP8JTTH.com 2013-10-10 14:27:27 2E56D5C213453581A5FA48B345F4FE96 3892784 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RHX6D2H.zip 2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-10-10 09:41:56 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "VolPanel"="C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe /r" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "WIRELESS-KB-LED-STATUS"="C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "AirPort Base Station Agent"="C:\Program Files (x86)\AirPort\APAgent.exe" "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll " ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry" "Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "NokiaOviSuite2"="C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "UpdReg"="C:\\Windows\\UpdReg.EXE" ==== Startup Folders ====================== 2011-02-21 18:01:39 1310 ----a-w- C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{04BD2DB7-A77C-4FD7-9B39-8F9758A5441B}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\YourFile Update" [C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe] "C:\Windows\SysNative\tasks\{01A88DFD-FB20-4254-B31C-4CEF99B224B5}" [F:\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\{A226DC20-5B1B-4F37-B1F4-D289A3B868C0}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\{BA1EC3AE-6CB7-428E-A285-9AF4DE287ECA}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe] "C:\Windows\SysNative\tasks\{E47C8C26-B64C-4D35-84CE-4053DA9D744C}" [F:\BurnoutLauncher.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox in Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [19/06/2011 17:53] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaajlichkifkomgmecdgjpogphafeml - C:\ProgramData\AskPartnerNetwork\Toolbar\BLP-V7\CRX\ToolbarCR.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\Ron\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[] giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[] Sammsoft Toolbar - Ron - Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml YouTube - Ron - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Ron - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf PasswordBox - Free Password Manager - Ron - Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb iVIDI.org plugin - Ron - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol Chrome In-App Payments service - Ron - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda hosts - Ron - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa Plus-HD-2.3 - Ron - Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec Gmail - Ron - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaajlichkifkomgmecdgjpogphafeml_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage deleted successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Google" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="Dogpile Web Search" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="Dogpile Web Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="%s - Google Search" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="Upgrade to Google Chrome" "Default_Search_URL"="Upgrade to Google Chrome" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - Startup: MobileCamStreamer™.appref-ms O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ron\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found "C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\ProgramData\BitGuard" not found "C:\ProgramData\BitGuard" not found ==== EOF on 10/10/2013 at 19:28:28,79 ======================

lukt niet, ik krijg dit bericht. C:\users\ron\appdata\local\temp\zoek.hta is geen geldige win32-toepassing. wat te doen?

beste kape, geen probleem,bedankt voor uw reactie.was idd een puinhoop maar kon een aantal opdrachten niet normaal uitvoeren. dat is nu opgelost doordat het me lukte om hitman pro te draaien. hierbij het logje: Logfile of random's system information tool 1.09 (written by random/random) Run by Ron at 2013-10-10 14:10:13 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 93 GB (47%) free of 200 GB Total RAM: 2047 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:10:23, on 10/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\AirPort\APAgent.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe C:\Windows\sysWow64\SearchProtocolHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe C:\Program Files\trend micro\Ron.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Dogpile Web Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: CrossriderApp0033426 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.0.12\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.0.12\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - Startup: MobileCamStreamer™.appref-ms O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13075 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=7c78b171-a056-4840-b4eb-f4271c1c2a62 /coreSdkOptions=4364 /logConfFile="C:\Windows\TEMP\b8589721-3e0e-4d37-90a7-8e11fb280b27-194-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe" C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\HitmanPro\hmpsched.exe" C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" taskeng.exe {144A90B1-A5C4-46FF-AE7B-7E36F5A1A64C} "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "1334613241-726781886-1670771562791279311091154955-1137833191-4062281181456002608 "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-da71cf1c-9b90-4946-9567-28a473791d94 -SystemEventPortName:HostProcess-78fd8260-ed4c-4942-aa51-30a1f693d787 -IoCancelEventPortName:HostProcess-04ef8643-63a5-4ca3-8da7-c21dcda9c0c4 -NonStateChangingEventPortName:HostProcess-b9f3ab32-0ab3-488c-b251-9aae7f00934f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b4a8140a-8805-4f27-bb1f-b4607c96b30d "taskhost.exe" taskeng.exe {F4AD7073-702D-4262-B45C-E1FFA52A0DA1} "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry "C:\Windows\PixArt\Pac207\Monitor.exe" "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN "C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe" "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr "C:\Program Files (x86)\AirPort\APAgent.exe" "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Users\Ron\AppData\Local\Apps\2.0\THBL8J95.NQP\QV6XPABQ.8MM\mobi..tion_85aa1d8dc31f9333_0001.0000_feb2a90fa8d015f9\mobilecamstreamer.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=dc62995f-c909-4a56-973a-682b33782439 /coreSdkOptions=4096 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\ad028d1d-7e20-4732-b310-72685bf50c3e-ac8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe /pipeName=3a63e803-5ee0-4e17-8a4c-ac0b216b8f0e /coreSdkOptions=8192 /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Users\Ron\AppData\Local\Avg2014\temp\" /logPath="C:\Users\Ron\AppData\Local\Avg2014\log\" "C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-409059723-2902863822-1341115650-100019_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-409059723-2902863822-1341115650-100019 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 "C:\Program Files (x86)\Internet Explorer\iexplore.exe" Windows 7 virus "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5204 CREDAT:203009 "C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe" /createbg C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -Embedding "C:\Users\Ron\Desktop\comp\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job C:\Windows\tasks\Plus-HD-2.3-codedownloader.job C:\Windows\tasks\Plus-HD-2.3-enabler.job C:\Windows\tasks\Plus-HD-2.3-updater.job C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] Plus-HD-2.3 - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho64.dll [2013-09-29 945000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] hosts - C:\Program Files (x86)\hosts\hosts-bho64.dll [2013-09-26 940544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] Plus-HD-2.3 - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll [2013-09-29 602984] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] hosts - C:\Program Files (x86)\hosts\hosts-bho.dll [2013-09-26 598528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-29 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.0.0.12\AVG Secure Search_toolbar.dll [2013-10-10 3353624] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-29 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {98889811-442D-49dd-99D7-DC866BE87DBC} {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\17.0.0.12\AVG Secure Search_toolbar.dll [2013-10-10 3353624] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-08 10060832] "RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920] "Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-02-13 1509232] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-09-15 59720] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304] "NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496] "VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2009-05-04 241789] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-05-26 1159168] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688] "AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-09-27 59240] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "WIRELESS-KB-LED-STATUS"=C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe [2010-04-30 846336] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128] "AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-01 1673680] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-08-26 4851248] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-10-10 2404376] C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MobileCamStreamer™.appref-ms OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .txt - open - ======List of files/folders created in the last 1 month====== 2013-10-10 11:44:37 ----D---- C:\Users\Ron\AppData\Roaming\AVG2014 2013-10-10 11:42:40 ----D---- C:\Users\Ron\AppData\Roaming\TuneUp Software 2013-10-10 11:42:14 ----A---- C:\Windows\system32\drivers\avgtpx64.sys 2013-10-10 11:42:05 ----D---- C:\ProgramData\AVG Secure Search 2013-10-10 11:41:56 ----D---- C:\Program Files (x86)\AVG Secure Search 2013-10-10 11:40:22 ----HD---- C:\$AVG 2013-10-10 11:40:21 ----D---- C:\ProgramData\AVG2014 2013-10-10 11:39:23 ----D---- C:\Program Files (x86)\AVG 2013-10-10 11:33:18 ----D---- C:\ProgramData\MFAData 2013-10-08 22:04:31 ----D---- C:\Program Files\HitmanPro 2013-10-08 21:54:53 ----D---- C:\ProgramData\HitmanPro 2013-10-08 13:55:00 ----D---- C:\Program Files\trend micro 2013-10-08 13:54:57 ----D---- C:\rsit 2013-10-01 22:28:02 ----D---- C:\Program Files\CCleaner 2013-10-01 22:27:36 ----D---- C:\Program Files (x86)\Tododownloads 2013-10-01 18:27:07 ----D---- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com 2013-10-01 18:26:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2013-10-01 18:26:59 ----D---- C:\Program Files\SUPERAntiSpyware 2013-09-30 21:16:10 ----D---- C:\Users\Ron\AppData\Roaming\ParetoLogic 2013-09-30 21:15:49 ----D---- C:\ProgramData\ParetoLogic 2013-09-29 19:54:52 ----D---- C:\Users\Ron\AppData\Roaming\Systweak 2013-09-29 19:53:27 ----A---- C:\Windows\system32\roboot64.exe 2013-09-29 19:52:48 ----A---- C:\Windows\system32\ayboot.ini 2013-09-29 19:44:11 ----D---- C:\ProgramData\Roboscan 2013-09-29 19:44:09 ----D---- C:\Program Files\Roboscan 2013-09-29 11:49:55 ----D---- C:\ProgramData\DSearchLink 2013-09-29 11:49:41 ----D---- C:\Program Files (x86)\Plus-HD-2.3 2013-09-29 11:49:03 ----D---- C:\Program Files (x86)\Media Crawler 2013-09-26 15:25:43 ----A---- C:\prefs.js 2013-09-26 15:24:43 ----D---- C:\Program Files (x86)\iVIDI.org plugin 2013-09-26 15:23:50 ----D---- C:\Program Files (x86)\hosts 2013-09-21 09:26:42 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-21 09:26:42 ----D---- C:\Program Files\iTunes 2013-09-21 09:26:42 ----D---- C:\Program Files\iPod 2013-09-21 09:26:42 ----D---- C:\Program Files (x86)\iTunes 2013-09-21 08:40:05 ----D---- C:\ProgramData\BitGuard ======List of files/folders modified in the last 1 month====== 2013-10-10 14:04:38 ----D---- C:\Windows\Temp 2013-10-10 12:45:41 ----D---- C:\Windows\system32\drivers 2013-10-10 12:20:31 ----D---- C:\Windows\inf 2013-10-10 12:20:31 ----D---- C:\Windows 2013-10-10 11:45:02 ----D---- C:\Windows\System32 2013-10-10 11:45:02 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-10 11:43:31 ----SHD---- C:\Windows\Installer 2013-10-10 11:43:30 ----SHD---- C:\Config.Msi 2013-10-10 11:42:05 ----HD---- C:\ProgramData 2013-10-10 11:41:56 ----RD---- C:\Program Files (x86) 2013-10-10 11:41:33 ----D---- C:\Windows\Prefetch 2013-10-10 11:40:02 ----SHD---- C:\System Volume Information 2013-10-10 11:38:44 ----D---- C:\Windows\SysWOW64 2013-10-10 11:27:40 ----D---- C:\Windows\SYSWOW64\drivers 2013-10-08 22:40:02 ----D---- C:\Windows\system32\Tasks 2013-10-08 22:40:00 ----D---- C:\Windows\Tasks 2013-10-08 22:40:00 ----D---- C:\Program Files (x86)\Common Files 2013-10-08 22:04:31 ----RD---- C:\Program Files 2013-10-08 21:53:32 ----D---- C:\Users\Ron\AppData\Roaming\vlc 2013-10-08 16:55:50 ----A---- C:\Windows\BRWMARK.INI 2013-10-08 16:55:50 ----A---- C:\Windows\BRPP2KA.INI 2013-10-06 19:22:00 ----D---- C:\Windows\system32\config 2013-10-04 13:17:28 ----D---- C:\Windows\system32\NDF 2013-10-01 22:38:58 ----D---- C:\Users\Ron\AppData\Roaming\FrostWire 2013-10-01 22:38:58 ----D---- C:\ProgramData\LogMeIn 2013-10-01 22:38:33 ----D---- C:\Windows\Panther 2013-10-01 22:38:33 ----D---- C:\Windows\ModemLogs 2013-10-01 22:38:32 ----D---- C:\Windows\SoftwareDistribution 2013-10-01 22:38:32 ----D---- C:\Windows\Minidump 2013-10-01 22:38:32 ----D---- C:\Windows\Logs 2013-10-01 22:38:32 ----D---- C:\Windows\debug 2013-10-01 22:27:42 ----SD---- C:\ProgramData\Microsoft 2013-09-30 13:21:56 ----D---- C:\Windows\system32\FxsTmp 2013-09-29 15:16:30 ----D---- C:\Windows\system32\catroot 2013-09-29 15:16:29 ----D---- C:\Windows\system32\DriverStore 2013-09-29 15:10:21 ----D---- C:\ProgramData\AVG 2013-09-29 14:37:20 ----D---- C:\Windows\winsxs 2013-09-26 15:24:31 ----D---- C:\Users\Ron\AppData\Roaming\OpenCandy 2013-09-23 11:24:23 ----D---- C:\Users\Ron\AppData\Roaming\Apple Computer 2013-09-21 09:03:54 ----D---- C:\Program Files\Common Files\Apple ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-08-22 192824] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-08-22 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-08-01 31544] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-08-01 147768] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-08-22 241464] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-08-22 212280] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-10 46368] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\Windows\sysWOW64\drivers\npf_devolo.sys [2010-06-10 34048] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-08 2267552] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-02-18 82816] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456] R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 102368] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344] S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [] S3 mdf15;mdf15; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288] S3 mvd21;mvd21; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-12-02 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008] S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 146920] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 203104] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-01 164816] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-08-27 3534896] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-08-20 300640] R2 Bonjour Service;Servicio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-10-08 109352] R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-10 1734680] R3 iPod Service;Servicio del iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Servicio de Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 136176] S2 SZASSIST;SecretZone Assist Service; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-02-17 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-02-17 79360] S3 gupdatem;Servicio de Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 136176] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832] S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-02-17 79360] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-19 1255736] -----------------EOF-----------------

zelf opgelost, beetje jammer dat er geen respons meer kwam:hmmmm:weet nu eigenlijk niet of de comp schoon is.

gelukt. hoop dat je er wat aan hebt kweezie wabbit. grt,ron

Logfile of random's system information tool 1.09 (written by random/random)Run by Ron at 2013-10-08 13:54:57 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 87 GB (43%) free of 200 GB Total RAM: 2047 MB (19% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:55:10, on 08/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\AirPort\APAgent.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\program files (x86)\hosts\hosts-bg.exe C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\trend micro\Ron.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Dogpile Web Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: CrossriderApp0033426 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MobileCamStreamer™.appref-ms O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12826 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe" C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe taskeng.exe {0B3E801D-AC23-4E77-9080-E2747293A9DC} C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-980607c9-4422-4f47-ba59-8992bd7fdd3d -SystemEventPortName:HostProcess-3e117b83-4cfe-4602-a271-ab85f1e062ae -IoCancelEventPortName:HostProcess-e0412cb5-898a-4202-8e0e-7973e6a3a0a7 -NonStateChangingEventPortName:HostProcess-24a20bb4-e08f-45fa-9b03-78934dd45410 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:622e24dc-3a2d-4689-a0ae-559454875931 "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {B7BA870F-3E3F-48CE-936D-EB4EA93659C3} "C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry "C:\Windows\PixArt\Pac207\Monitor.exe" "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload "C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe" "C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN "C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe" "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\AirPort\APAgent.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe" "C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" /PROTECT "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Users\Ron\AppData\Local\Apps\2.0\THBL8J95.NQP\QV6XPABQ.8MM\mobi..tion_85aa1d8dc31f9333_0001.0000_feb2a90fa8d015f9\mobilecamstreamer.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\svchost.exe -k SDRSVC "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" -Embedding C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -Embedding "C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding "C:\Program Files (x86)\Internet Explorer\iexplore.exe" "C:\program files (x86)\hosts\hosts-bg.exe" /createbg "C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe" /createbg "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:7056 CREDAT:137545 "C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e C:\Windows\splwow64.exe 8192 C:\Windows\system32\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9} "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall C:\Windows\system32\MsiExec.exe -Embedding F376A1342985DC7407FC291C150FF9DC C "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:7056 CREDAT:203044 "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:7056 CREDAT:203047 "C:\Users\Ron\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job C:\Windows\tasks\Plus-HD-2.3-codedownloader.job C:\Windows\tasks\Plus-HD-2.3-enabler.job C:\Windows\tasks\Plus-HD-2.3-updater.job C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] Plus-HD-2.3 - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho64.dll [2013-09-29 945000] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] hosts - C:\Program Files (x86)\hosts\hosts-bho64.dll [2013-09-26 940544] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] Plus-HD-2.3 - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll [2013-09-29 602984] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}] hosts - C:\Program Files (x86)\hosts\hosts-bho.dll [2013-09-26 598528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-29 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-29 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {98889811-442D-49dd-99D7-DC866BE87DBC} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-08 10060832] "RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920] "Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144] "KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-02-13 1509232] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-09-15 59720] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304] "NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496] "VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [2009-05-04 241789] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-05-26 1159168] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688] "AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-09-27 59240] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "WIRELESS-KB-LED-STATUS"=C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe [2010-04-30 846336] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128] "AirPort Base Station Agent"=C:\Program Files (x86)\AirPort\APAgent.exe [2009-11-11 771360] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-01 1673680] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MobileCamStreamer™.appref-ms OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .txt - open - ======List of files/folders created in the last 1 month====== 2013-10-08 13:55:00 ----D---- C:\Program Files\trend micro 2013-10-08 13:54:57 ----D---- C:\rsit 2013-10-01 22:28:02 ----D---- C:\Program Files\CCleaner 2013-10-01 22:27:36 ----D---- C:\Program Files (x86)\Tododownloads 2013-10-01 18:27:07 ----D---- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com 2013-10-01 18:26:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2013-10-01 18:26:59 ----D---- C:\Program Files\SUPERAntiSpyware 2013-09-30 21:16:10 ----D---- C:\Users\Ron\AppData\Roaming\ParetoLogic 2013-09-30 21:15:49 ----D---- C:\ProgramData\ParetoLogic 2013-09-29 19:54:52 ----D---- C:\Users\Ron\AppData\Roaming\Systweak 2013-09-29 19:53:27 ----A---- C:\Windows\system32\roboot64.exe 2013-09-29 19:52:48 ----A---- C:\Windows\system32\ayboot.ini 2013-09-29 19:44:11 ----D---- C:\ProgramData\Roboscan 2013-09-29 19:44:09 ----D---- C:\Program Files\Roboscan 2013-09-29 18:58:22 ----A---- C:\Windows\system32\drivers\avgfwd6a.sys 2013-09-29 11:49:55 ----D---- C:\ProgramData\DSearchLink 2013-09-29 11:49:41 ----D---- C:\Program Files (x86)\Plus-HD-2.3 2013-09-29 11:49:03 ----D---- C:\Program Files (x86)\Media Crawler 2013-09-26 15:25:43 ----A---- C:\prefs.js 2013-09-26 15:24:43 ----D---- C:\Program Files (x86)\iVIDI.org plugin 2013-09-26 15:23:50 ----D---- C:\Program Files (x86)\hosts 2013-09-21 09:26:42 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-21 09:26:42 ----D---- C:\Program Files\iTunes 2013-09-21 09:26:42 ----D---- C:\Program Files\iPod 2013-09-21 09:26:42 ----D---- C:\Program Files (x86)\iTunes 2013-09-21 08:40:05 ----D---- C:\ProgramData\BitGuard ======List of files/folders modified in the last 1 month====== 2013-10-08 13:55:03 ----D---- C:\Windows\Temp 2013-10-08 13:55:00 ----RD---- C:\Program Files 2013-10-08 13:32:38 ----D---- C:\Windows\Prefetch 2013-10-08 13:06:35 ----D---- C:\ProgramData\MFAData 2013-10-08 02:56:19 ----D---- C:\Windows 2013-10-07 17:32:50 ----D---- C:\Windows\inf 2013-10-07 16:48:50 ----D---- C:\Windows\system32\Tasks 2013-10-07 16:48:33 ----SHD---- C:\Config.Msi 2013-10-07 16:17:37 ----D---- C:\Windows\System32 2013-10-07 16:17:37 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-07 16:14:46 ----A---- C:\Windows\BRWMARK.INI 2013-10-07 16:14:46 ----A---- C:\Windows\BRPP2KA.INI 2013-10-07 13:41:24 ----SHD---- C:\System Volume Information 2013-10-06 19:22:00 ----D---- C:\Windows\system32\config 2013-10-05 13:23:11 ----SHD---- C:\Windows\Installer 2013-10-04 18:25:42 ----RD---- C:\Program Files (x86) 2013-10-04 13:17:28 ----D---- C:\Windows\system32\NDF 2013-10-04 09:46:11 ----D---- C:\Windows\system32\drivers 2013-10-01 22:38:58 ----D---- C:\Users\Ron\AppData\Roaming\FrostWire 2013-10-01 22:38:58 ----D---- C:\ProgramData\LogMeIn 2013-10-01 22:38:33 ----D---- C:\Windows\Panther 2013-10-01 22:38:33 ----D---- C:\Windows\ModemLogs 2013-10-01 22:38:32 ----D---- C:\Windows\SoftwareDistribution 2013-10-01 22:38:32 ----D---- C:\Windows\Minidump 2013-10-01 22:38:32 ----D---- C:\Windows\Logs 2013-10-01 22:38:32 ----D---- C:\Windows\debug 2013-10-01 22:27:42 ----SD---- C:\ProgramData\Microsoft 2013-10-01 18:27:18 ----D---- C:\Windows\Tasks 2013-10-01 18:27:07 ----HD---- C:\ProgramData 2013-09-30 21:36:14 ----D---- C:\Program Files (x86)\Common Files 2013-09-30 13:21:56 ----D---- C:\Windows\system32\FxsTmp 2013-09-29 18:59:57 ----D---- C:\Program Files (x86)\AVG 2013-09-29 18:54:38 ----D---- C:\Windows\SysWOW64 2013-09-29 18:54:37 ----D---- C:\Windows\SYSWOW64\drivers 2013-09-29 18:54:37 ----D---- C:\Windows\system32\drivers\AVG 2013-09-29 18:52:32 ----D---- C:\Users\Ron\AppData\Roaming\vlc 2013-09-29 15:16:30 ----D---- C:\Windows\system32\catroot 2013-09-29 15:16:29 ----D---- C:\Windows\system32\DriverStore 2013-09-29 15:10:21 ----D---- C:\ProgramData\AVG 2013-09-29 15:09:28 ----D---- C:\ProgramData\AVG10 2013-09-29 14:37:20 ----D---- C:\Windows\winsxs 2013-09-26 15:24:31 ----D---- C:\Users\Ron\AppData\Roaming\OpenCandy 2013-09-23 11:24:23 ----D---- C:\Users\Ron\AppData\Roaming\Apple Computer 2013-09-21 09:03:54 ----D---- C:\Program Files\Common Files\Apple ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552] R1 Avgtdia;AVG Network Redirector x64; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\Windows\sysWOW64\drivers\npf_devolo.sys [2010-06-10 34048] R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-08 2267552] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-02-18 82816] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456] R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S0 Avgrkx64;avgrkx64.sys; C:\Windows\C:\Windows\C:\Windows\System32\Drivers\avgrkx64.sys [] S1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-29 29976] S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 102368] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344] S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [] S3 mdf15;mdf15; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288] S3 mvd21;mvd21; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-12-02 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008] S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 146920] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 203104] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] S4 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [] S4 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-01 164816] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-09-23 2845664] R2 Bonjour Service;Servicio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R3 iPod Service;Servicio del iPod; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Servicio de Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 136176] S2 SZASSIST;SecretZone Assist Service; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-02-17 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-02-17 79360] S3 gupdatem;Servicio de Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20 136176] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832] S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2011-02-17 79360] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-19 1255736] -----------------EOF-----------------

ik kan log ook niet bijvoegen. kan ik het ergens anders naar toe sturen? ik kan dit veld bv niet aanklikken met de muis om iets te plakken.