Ga naar inhoud

Heel wat rommel op de pc vrees ik....


Aanbevolen berichten

Beste,

Ik vrees dat ik heel wat rommel op de pc staan heb....sedert vandaag krijg ik QVO6 er niet meer af (mijnen echtgenoot heeft muziek ofzo gedownload).....maar denk dat dit niet het enige is....heb ook spyhunter willen proberen maar die gaf massa s infecties, dan kan je die ook niet verwijderen of je moet de ganse versie aanschaffen, dus die zit er ook op, nu krijg ik ook "uw DSN instellingen zijn aangepast"? kunnen jullie mij misschien helpen om de boel weer een beetje op orde te krijgen....?

Alvast superbedankt!

Logfile of random's system information tool 1.09 (written by random/random)

Run by flokke at 2013-08-30 21:52:50

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 1753 GB (93%) free of 1876 GB

Total RAM: 4078 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:52:56, on 30/08/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\trend micro\flokke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R3 - URLSearchHook: (no name) - {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - (no file)

R3 - URLSearchHook: FreezbGames Toolbar - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: FreezbGames - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: FreezbGames Toolbar - {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - C:\Program Files (x86)\FreezbGames\prxtbFree.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ?

O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10978 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=24dbb830-5f3e-4715-95b6-9203cb207f73 /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\287f7c1c-3917-440a-935d-370494e9503a-1dc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"

C:\Windows\system32\IProsetMonitor.exe

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run

"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 2540

"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5b6994bf-e229-49a5-a639-7b2a85af5dc1 -SystemEventPortName:HostProcess-3ad50beb-aea3-49be-8390-07aa76ebd9c1 -IoCancelEventPortName:HostProcess-e7ef998c-df9a-4294-98a6-d2ef4ba6328e -NonStateChangingEventPortName:HostProcess-8fa7991c-b134-41f6-864b-6a9f0dd71212 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f2638670-700c-4706-8742-f959038f64a6 -DeviceGroupId:WpdFsGroup

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"

"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1;

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files\HP\HP Photosmart 6510 series\bin\HPNetworkCommunicator.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe"

"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on

"taskhost.exe"

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=46c6f644-ca21-4339-b4b6-3618f683c71e /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\388f0e36-4e6d-4912-bcf4-6752c51fbd3e-cc8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" QVO6

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\flokke\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HP Photo Creations Communicator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "http://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]

"Description"=

"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]

"Description"=A component of your photo software powered by RocketLife

"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.94 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\searchplugins\

askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2012-10-15 1968248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-28 553376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-27 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-28 211360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-10-15 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55d7c7bc-12a7-4f9b-81c0-600d9a182395}]

FreezbGames Toolbar - C:\Program Files (x86)\FreezbGames\prxtbFree.dll [2012-11-06 183112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-08-27 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{55d7c7bc-12a7-4f9b-81c0-600d9a182395} - FreezbGames Toolbar - C:\Program Files (x86)\FreezbGames\prxtbFree.dll [2012-11-06 183112]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-09 11613288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-04-18 39408]

"HP Photosmart 6510 series (NET)"=C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2011-09-16 2676584]

"Facebook Update"=C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-10 138096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]

"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-19 247296]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"aux5"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"aux6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"aux7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"aux8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

"aux9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-30 21:52:51 ----D---- C:\Program Files\trend micro

2013-08-30 21:52:50 ----D---- C:\rsit

2013-08-30 20:58:09 ----A---- C:\autoexec.bat

2013-08-30 20:57:11 ----A---- C:\Windows\system32\drivers\EsgScanner.sys

2013-08-30 20:56:27 ----D---- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP

2013-08-30 20:51:38 ----D---- C:\AdwCleaner

2013-08-30 17:34:43 ----D---- C:\ProgramData\eSafe

2013-08-27 17:35:25 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-08-27 17:35:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-08-27 17:35:25 ----A---- C:\Windows\system32\ieui.dll

2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-08-27 17:35:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-08-27 17:35:24 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-27 17:35:24 ----A---- C:\Windows\system32\iesysprep.dll

2013-08-27 17:35:24 ----A---- C:\Windows\system32\iesetup.dll

2013-08-27 17:35:24 ----A---- C:\Windows\system32\iertutil.dll

2013-08-27 17:35:24 ----A---- C:\Windows\system32\iernonce.dll

2013-08-27 17:35:24 ----A---- C:\Windows\system32\ie4uinit.exe

2013-08-27 17:35:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-08-27 17:35:23 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-08-27 17:35:23 ----A---- C:\Windows\system32\msfeeds.dll

2013-08-27 17:35:23 ----A---- C:\Windows\system32\jscript.dll

2013-08-27 17:35:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-08-27 17:35:22 ----A---- C:\Windows\system32\jscript9.dll

2013-08-27 17:35:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-08-27 17:35:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-08-27 17:35:21 ----A---- C:\Windows\system32\urlmon.dll

2013-08-27 17:35:21 ----A---- C:\Windows\system32\jsproxy.dll

2013-08-27 17:35:20 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-08-27 17:35:20 ----A---- C:\Windows\system32\wininet.dll

2013-08-27 17:35:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-08-27 17:35:18 ----A---- C:\Windows\system32\mshtml.dll

2013-08-27 17:35:18 ----A---- C:\Windows\system32\ieframe.dll

2013-08-27 17:35:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-08-27 12:48:03 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

2013-08-27 11:09:02 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-27 11:09:02 ----A---- C:\Windows\system32\wintrust.dll

2013-08-27 11:09:02 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-27 11:09:02 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-27 11:09:02 ----A---- C:\Windows\system32\crypt32.dll

2013-08-27 11:08:58 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-27 11:08:58 ----A---- C:\Windows\system32\tzres.dll

2013-08-27 11:08:51 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-27 11:08:51 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-27 11:08:50 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-27 11:08:50 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-27 11:08:50 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-08-27 11:08:50 ----A---- C:\Windows\system32\drivers\tcpip.sys

======List of files/folders modified in the last 1 month======

2013-08-30 21:52:56 ----D---- C:\Windows\Prefetch

2013-08-30 21:52:51 ----RD---- C:\Program Files

2013-08-30 21:14:26 ----D---- C:\Windows\temp

2013-08-30 20:57:37 ----SHD---- C:\Windows\Installer

2013-08-30 20:57:37 ----D---- C:\Windows\system32\drivers

2013-08-30 20:57:09 ----D---- C:\Config.Msi

2013-08-30 20:57:08 ----D---- C:\sh4ldr

2013-08-30 20:57:02 ----SHD---- C:\System Volume Information

2013-08-30 20:56:27 ----D---- C:\Windows

2013-08-30 20:46:06 ----D---- C:\Users\flokke\AppData\Roaming\.minecraft

2013-08-30 20:21:08 ----D---- C:\Windows\system32\config

2013-08-30 20:07:52 ----D---- C:\Windows\SysWOW64

2013-08-30 20:07:39 ----D---- C:\Windows\inf

2013-08-30 20:07:29 ----RD---- C:\Program Files (x86)

2013-08-30 20:00:17 ----D---- C:\Windows\system32\Tasks

2013-08-30 20:00:16 ----D---- C:\Windows\Tasks

2013-08-30 17:59:57 ----D---- C:\Windows\Minidump

2013-08-30 17:34:43 ----D---- C:\ProgramData

2013-08-30 17:34:40 ----D---- C:\Program Files (x86)\Common Files

2013-08-30 17:34:15 ----A---- C:\Windows\SYSWOW64\msvcr100.dll

2013-08-30 17:34:15 ----A---- C:\Windows\SYSWOW64\msvcp100.dll

2013-08-30 12:37:52 ----D---- C:\Windows\system32\drivers\AVG

2013-08-28 15:27:50 ----D---- C:\Windows\rescache

2013-08-28 10:55:19 ----D---- C:\Windows\Panther

2013-08-28 10:55:16 ----D---- C:\Windows\debug

2013-08-28 10:07:45 ----D---- C:\Windows\System32

2013-08-28 10:07:45 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-08-27 21:37:24 ----RSD---- C:\Windows\assembly

2013-08-27 21:37:24 ----D---- C:\Windows\Microsoft.NET

2013-08-27 19:18:01 ----D---- C:\ProgramData\MFAData

2013-08-27 19:08:03 ----D---- C:\Windows\winsxs

2013-08-27 19:05:21 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-08-27 19:05:21 ----D---- C:\Windows\system32\nl-NL

2013-08-27 19:05:18 ----D---- C:\Program Files (x86)\Internet Explorer

2013-08-27 19:05:16 ----D---- C:\Program Files\Internet Explorer

2013-08-27 17:35:46 ----D---- C:\Windows\system32\catroot2

2013-08-27 17:35:46 ----D---- C:\Windows\system32\catroot

2013-08-27 17:32:25 ----D---- C:\Windows\system32\MRT

2013-08-27 17:31:15 ----A---- C:\Windows\system32\MRT.exe

2013-08-27 17:13:57 ----D---- C:\Windows\SoftwareDistribution

2013-08-27 16:52:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-27 11:17:30 ----D---- C:\Users\flokke\AppData\Roaming\HpUpdate

2013-08-27 11:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-08-10 22:32:22 ----D---- C:\Users\flokke\AppData\Roaming\SoftGrid Client

2013-08-07 04:22:02 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-17 315568]

R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-09 2565736]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288]

R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]

R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

S1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.736\Run\a2ddax64.sys []

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]

S3 IAMTVE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTVE.sys [2010-12-17 43416]

S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS; C:\Windows\system32\DRIVERS\IAMTXPE.sys [2010-12-17 51096]

S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2010-12-17 40144]

S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2010-12-17 42192]

S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2010-10-28 32936]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-10-25 164008]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-12-04 989800]

R2 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2013-08-08 559552]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]

R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-07-17 1025408]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-27 257416]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-27 117656]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-10 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 5217db3eb6d8b-AdwCleaner3.pngAdwCleaner by Xplode naar je bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55d7c7bc-12a7-4f9b-81c0-600d9a182395}];r64
C:\Program Files (x86)\FreezbGames;fs
{55d7c7bc-12a7-4f9b-81c0-600d9a182395};c
C:\ProgramData\eSafe;fs
{22dfbf5b-a7cd-4b25-9471-3dc68c71855f};c
C:\Program Files (x86)\Media Finder;fs
{08B0E5C0-4FCB-11CF-AAA5-00401C608501};c
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Look
  • Chrome Look
  • Firefox Defaults
  • Reset Chrome
  • Shortcut Fix
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht, samen met dat logje van AdwCleaner..

Link naar reactie
Delen op andere sites

logje na de zoek.zip....adw cleaner eerst opnieuw draaien.....logje kwijt en vind ook niet terug via linkje....of is de volgorde heel belangrijk??

Bedankt.

Zoek.exe Version 4.0.0.4 Updated 31-08-2013

Tool run by flokke on za 31/08/2013 at 18:43:18,28.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.784\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

31/08/2013 18:45:38 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84FC3FF9-4D6D-4839-A971-E88D0E5D4D1B} deleted successfully

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9C3D7599-A3B8-4C55-B942-8BD8596EAB75} deleted successfully

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F79FBFF-3E40-4E57-AF4C-4CB6FC22E4C4} deleted successfully

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CBE17A83-0474-41D8-82DB-EFB9ECB791AD} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} deleted successfully

HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js:

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

user.js not found

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20133108_1848_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55d7c7bc-12a7-4f9b-81c0-600d9a182395}]

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\FreezbGames" not found

"C:\ProgramData\eSafe" not found

"C:\Program Files (x86)\Media Finder" not found

"C:\user.js" deleted

"C:\Users\flokke\Downloads\SoftonicDownloader_voor_minecraft (1).exe" deleted

"C:\Users\flokke\Downloads\SoftonicDownloader_voor_minecraft.exe" deleted

"C:\Users\flokke\Downloads\SoftonicDownloader_voor_nero-kwikmedia.exe" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\user.js" deleted

"C:\Windows\Launcher.exe" deleted

"C:\Users\flokke\AppData\LocalLow\DataMngr" deleted

"C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" deleted

"C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-31 16:36:04 DE920917C435BE2D92A99F523890AD5B 230391230 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\flokke\AppData\Local\Temp ====

2013-08-30 18:57:11 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys

2013-08-30 18:55:56 9FF765D961D3C51E709781AA4061C5BB 46974032 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe

2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel4.exe

2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel3.exe

2013-08-30 14:20:22 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel2.exe

2013-08-30 14:20:21 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe

2013-08-30 14:20:13 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe

2013-08-21 10:20:01 D07444BDB22757545CD2FA91654F2FD0 328019 ----a-w- C:\Users\flokke\AppData\Local\Temp\Quarantine.exe

====== C:\Windows\SysWOW64 =====

2013-08-30 20:13:17 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-30 20:13:16 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-30 20:13:16 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2013-08-30 20:13:15 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2013-08-30 20:13:15 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2013-08-30 20:13:14 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-08-30 20:13:14 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2013-08-30 20:13:14 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2013-08-27 15:35:26 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-08-27 15:35:25 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-08-27 15:35:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-08-27 15:35:24 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-08-27 15:35:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-27 15:35:24 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-08-27 15:35:24 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-08-27 15:35:23 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-08-27 15:35:23 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-08-27 15:35:22 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-08-27 15:35:21 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-08-27 15:35:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-08-27 15:35:20 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-08-27 15:35:19 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-08-27 15:35:16 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-08-27 09:09:02 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-08-27 09:09:02 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

2013-08-27 09:09:02 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll

2013-08-27 09:09:02 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll

2013-08-27 09:08:58 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2013-08-27 09:08:51 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-27 09:08:50 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-30 20:13:16 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2013-08-30 20:13:16 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll

2013-08-30 20:13:15 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2013-08-27 15:35:26 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-08-27 15:35:25 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-08-27 15:35:24 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-08-27 15:35:24 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-08-27 15:35:24 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-08-27 15:35:24 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-08-27 15:35:24 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-08-27 15:35:24 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-08-27 15:35:23 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-08-27 15:35:23 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-08-27 15:35:22 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-08-27 15:35:21 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-08-27 15:35:21 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-08-27 15:35:20 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-08-27 15:35:18 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-08-27 15:35:18 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-08-27 09:09:02 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-08-27 09:09:02 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll

2013-08-27 09:09:02 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-08-27 09:09:02 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-08-27 09:08:58 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2013-08-27 09:08:51 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL

2013-08-27 09:08:50 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

====== C:\Windows\Sysnative\drivers =====

2013-08-27 09:08:50 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-08-27 09:08:50 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-30 19:52:51 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

======= C: =====

2013-08-30 18:58:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\flokke\AppData\Roaming ======

2013-08-27 17:10:33 -------- d-----w- C:\users\flokke\AppData\Local\MFAData

2013-08-27 17:10:33 -------- d-----w- C:\users\flokke\AppData\Local\Avg2013

====== C:\Users\flokke ======

2013-08-31 16:29:47 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner(1).exe

2013-08-30 19:52:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe

2013-08-30 18:51:31 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner.exe

2013-08-30 15:33:19 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar(1).exe

2013-08-30 15:32:51 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar.exe

====== C: exe-files ==

2013-08-31 16:37:50 A42FC4B9915761DD8F0AB43CBD4F3939 12252672 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\f8659932ffa99b44542b14cbd05bdc63a26d9930\ShockwavePlayer_12.0.3.133_SPS.exe

2013-08-31 16:37:43 3750B01AB357AC4575CC047013D2BEFF 17498624 ----a-w- C:\Program Files (x86)\Secunia\PSI\SUA\0a2bb793b17eb17cb6f38b9316bb53504cb86de2\AdobeFlashPlayer_11.8.800.94_ActiveX_SPS.exe

2013-08-31 16:29:47 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner(1).exe

2013-08-30 20:21:01 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP\WiseCustomCalla31.exe

2013-08-30 20:13:17 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-30 20:13:16 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-30 20:13:16 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-30 20:13:14 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-08-30 20:13:14 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2013-08-30 20:13:14 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2013-08-30 19:52:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\flokke.exe

2013-08-30 19:52:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\flokke\Downloads\RSITx64.exe

2013-08-30 18:56:27 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP\WiseCustomCalla37.exe

2013-08-30 18:55:56 9FF765D961D3C51E709781AA4061C5BB 46974032 ----a-w- C:\Users\flokke\AppData\Local\Temp\SHSetup.exe

2013-08-30 18:51:31 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\flokke\Downloads\adwcleaner.exe

2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel4.exe

2013-08-30 17:02:08 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel3.exe

2013-08-30 15:33:19 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar(1).exe

2013-08-30 15:32:51 EA3ECA8D0BAFB0F0921A5757EBE45ECC 302072 ----a-w- C:\Users\flokke\Downloads\WhiteLies-BigTV_4QO.rar.exe

2013-08-30 14:20:22 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel2.exe

2013-08-30 14:20:21 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel1.exe

2013-08-30 14:20:13 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\flokke\AppData\Local\Temp\i4jdel0.exe

2013-08-27 17:18:42 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\Program Files (x86)\AVG\AVG2012\idpfixx.exe

2013-08-27 17:10:32 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtestx.exe

2013-08-27 17:10:32 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrdtestx.exe

2013-08-27 17:10:32 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\ProgramData\MFAData\SelfUpd\avguirux.exe

2013-08-27 17:10:32 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avguirux.exe

2013-08-27 17:10:32 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe

2013-08-27 17:10:32 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgmfapx.exe

2013-08-27 17:10:31 E6FED737854FF6D1A4FB2486753CFEA2 278064 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrunasx.exe

2013-08-27 17:10:31 E6FED737854FF6D1A4FB2486753CFEA2 278064 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrunasx.exe

2013-08-27 17:10:31 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpx.exe

2013-08-27 17:10:31 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgntdumpx.exe

2013-08-27 17:10:31 039C9A504E58A0B97C653BD237B200B0 16944 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrdtesta.exe

2013-08-27 17:10:31 039C9A504E58A0B97C653BD237B200B0 16944 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrdtesta.exe

2013-08-27 17:10:27 9A5F8F497F5698288007484FCF15E34D 378720 ----a-w- C:\ProgramData\MFAData\SelfUpd\fixcfg.exe

2013-08-27 17:10:27 9A5F8F497F5698288007484FCF15E34D 378720 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\fixcfg.exe

2013-08-27 17:10:27 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\ProgramData\MFAData\SelfUpd\idpfixx.exe

2013-08-27 17:10:27 2AE999EC5269B489F5B9986F82C79FDD 648544 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\idpfixx.exe

2013-08-27 17:10:26 EA1145DEBCD508FD25BD1E95C4346929 193288 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwdsvc.exe

2013-08-27 17:10:26 EA1145DEBCD508FD25BD1E95C4346929 193288 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgwdsvc.exe

2013-08-27 17:10:26 66BC4A7C73DF8AC00F38F2085878F750 714736 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgwsc.exe

2013-08-27 17:10:26 66BC4A7C73DF8AC00F38F2085878F750 714736 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgwsc.exe

2013-08-27 17:10:26 371BA71B566260932DCCCF843BF6C7E7 2598520 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgtray.exe

2013-08-27 17:10:26 371BA71B566260932DCCCF843BF6C7E7 2598520 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgtray.exe

2013-08-27 17:10:26 2DD7A30B6FB4CB90C40F77E560CB3125 4373552 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgui.exe

2013-08-27 17:10:26 2DD7A30B6FB4CB90C40F77E560CB3125 4373552 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgui.exe

2013-08-27 17:10:25 EAFCC38FFC6ECC3CEB86662F28FF792A 267616 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgstrmx.exe

2013-08-27 17:10:25 EAFCC38FFC6ECC3CEB86662F28FF792A 267616 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgstrmx.exe

2013-08-27 17:10:25 CC05E065818421AD83D370EF6072FDBC 740704 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsystx.exe

2013-08-27 17:10:25 CC05E065818421AD83D370EF6072FDBC 740704 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsystx.exe

2013-08-27 17:10:25 406D3F757C9E75101E6E51835AAC312B 793952 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmax.exe

2013-08-27 17:10:25 406D3F757C9E75101E6E51835AAC312B 793952 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsrmax.exe

2013-08-27 17:10:25 2B02B843669EDA943000F53905065E75 1204576 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsysta.exe

2013-08-27 17:10:25 2B02B843669EDA943000F53905065E75 1204576 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsysta.exe

2013-08-27 17:10:25 27C125BB0261496674CA41FBB1978C31 487776 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgstrma.exe

2013-08-27 17:10:25 27C125BB0261496674CA41FBB1978C31 487776 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgstrma.exe

2013-08-27 17:10:25 0D082FB144AC46B0ADC63E5B223E7597 11383392 ----a-w- C:\ProgramData\MFAData\SelfUpd\AVGTBInstall.exe

2013-08-27 17:10:25 0D082FB144AC46B0ADC63E5B223E7597 11383392 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\AVGTBInstall.exe

2013-08-27 17:10:24 CB7C95F140DCBC45B0937F843D63F4D8 1252192 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmaa.exe

2013-08-27 17:10:24 CB7C95F140DCBC45B0937F843D63F4D8 1252192 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsrmaa.exe

2013-08-27 17:10:24 C6316A424C10A25B580D86C098BB0634 1407096 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgrsa.exe

2013-08-27 17:10:24 C6316A424C10A25B580D86C098BB0634 1407096 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgrsa.exe

2013-08-27 17:10:24 B6B1EFDC773741CC050203C4C4840B38 92000 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsetmgrcmd.exe

2013-08-27 17:10:24 B6B1EFDC773741CC050203C4C4840B38 92000 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsetmgrcmd.exe

2013-08-27 17:10:24 4AE532194AE7D2FE6378C1166B006B49 990840 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.exe

2013-08-27 17:10:24 4AE532194AE7D2FE6378C1166B006B49 990840 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgscanx.exe

2013-08-27 17:10:24 1DD558221D629C02C4B017D16C51B6DF 1373024 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgsetmgr.exe

2013-08-27 17:10:24 1DD558221D629C02C4B017D16C51B6DF 1373024 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgsetmgr.exe

2013-08-27 17:10:24 10AEE3CEE4801E5962AF1B8E17DAD353 1728120 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.exe

2013-08-27 17:10:24 10AEE3CEE4801E5962AF1B8E17DAD353 1728120 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgscana.exe

2013-08-27 17:10:23 FE6ED6DE378C50774D710243F4B39CBC 1114232 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpa.exe

2013-08-27 17:10:23 FE6ED6DE378C50774D710243F4B39CBC 1114232 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgntdumpa.exe

2013-08-27 17:10:23 9348B6026ACA7F46521055EB2ACF0A61 459312 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgndisa.exe

2013-08-27 17:10:23 9348B6026ACA7F46521055EB2ACF0A61 459312 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgndisa.exe

2013-08-27 17:10:23 3C9B25C38E7A2BA07FB4F7DB351D6FF0 146784 ----a-w- C:\ProgramData\MFAData\SelfUpd\avglscanx.exe

2013-08-27 17:10:23 3C9B25C38E7A2BA07FB4F7DB351D6FF0 146784 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avglscanx.exe

2013-08-27 17:10:23 2D7F84ABE95B6AECEF89C0FBB5C9DD96 2018352 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgnsa.exe

2013-08-27 17:10:23 2D7F84ABE95B6AECEF89C0FBB5C9DD96 2018352 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgnsa.exe

2013-08-27 17:10:23 231B6AD3DB2866BC3FDB9979E6B2B61E 5174392 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgidsagent.exe

2013-08-27 17:10:23 231B6AD3DB2866BC3FDB9979E6B2B61E 5174392 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgidsagent.exe

2013-08-27 17:10:22 F3EBE5508BC9EA8AB88DB5A46397EE09 686712 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpx.exe

2013-08-27 17:10:22 F3EBE5508BC9EA8AB88DB5A46397EE09 686712 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdumpx.exe

2013-08-27 17:10:22 ECC96985954185DFCF455FBBB8037A1B 338784 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrvx.exe

2013-08-27 17:10:22 ECC96985954185DFCF455FBBB8037A1B 338784 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcsrvx.exe

2013-08-27 17:10:22 D312256C89C2244B435406DBB95C6E0A 5959728 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcrema.exe

2013-08-27 17:10:22 D312256C89C2244B435406DBB95C6E0A 5959728 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcrema.exe

2013-08-27 17:10:22 B96E3E543675039FC93D14EDF627231A 520032 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrva.exe

2013-08-27 17:10:22 B96E3E543675039FC93D14EDF627231A 520032 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcsrva.exe

2013-08-27 17:10:22 B082D1AA020008B26D08B838C5B1E6BB 2698112 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdiagex.exe

2013-08-27 17:10:22 B082D1AA020008B26D08B838C5B1E6BB 2698112 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdiagex.exe

2013-08-27 17:10:22 9F0678A35B06CA75A8495762CE274495 493920 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgex.exe

2013-08-27 17:10:22 9F0678A35B06CA75A8495762CE274495 493920 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcfgex.exe

2013-08-27 17:10:22 938928B014F2ABA4C1293EA4D8714020 1607040 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgemca.exe

2013-08-27 17:10:22 938928B014F2ABA4C1293EA4D8714020 1607040 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgemca.exe

2013-08-27 17:10:22 74CE9F4CBDCC147BB16042FAC323E970 1194104 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpa.exe

2013-08-27 17:10:22 74CE9F4CBDCC147BB16042FAC323E970 1194104 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgdumpa.exe

2013-08-27 17:10:22 6C469E3CB15CF33AD3E757096E6C7026 2321560 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgfws.exe

2013-08-27 17:10:22 6C469E3CB15CF33AD3E757096E6C7026 2321560 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgfws.exe

2013-08-27 17:10:22 343083A60B4B41C35E3F739F469763A0 879736 ----a-w- C:\ProgramData\MFAData\SelfUpd\avgcmgr.exe

2013-08-27 17:10:22 343083A60B4B41C35E3F739F469763A0 879736 ----a-w- C:\Backup My Data\All Users\MFAData\SelfUpd\avgcmgr.exe

2013-08-27 15:35:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-27 15:35:24 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-08-27 15:35:24 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-08-27 15:35:23 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-08-27 15:35:23 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-08-27 09:05:01 D6E84508BBE50BBEEFAF02C865A96836 1070672 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_714BFB3B4B0991F6.exe

2013-08-27 09:04:03 42D0D34CAA293C83B4433A537DF13895 530912 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4413.1752\GoogleToolbarInstaller_updater_signed.exe

=== C: other files ==

2013-08-30 18:58:09 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2013-08-30 18:57:11 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\flokke\AppData\Local\Temp\ESGScanner.sys

2013-08-27 17:18:44 F3914E3EAC657FB3795F29CB9E82378D 274718 ----a-w- C:\ProgramData\AVG2012\IDS\config\internalList.zip

2013-08-27 17:18:44 F3914E3EAC657FB3795F29CB9E82378D 274718 ----a-w- C:\Backup My Data\All Users\AVG2012\IDS\config\internalList.zip

2013-08-27 09:08:50 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-08-27 09:08:50 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-567849164-2293785916-1661875517-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Folders ======================

2012-09-24 15:24:57 1948 ----a-w- C:\users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk

2012-12-04 20:37:19 1110 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27/08/2013 11:10]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000Core.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 11:43]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-567849164-2293785916-1661875517-1000UA.job --a------ C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe [10/07/2013 11:43]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/04/2012 21:02]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/04/2012 21:02]

C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

- PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16

F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer

87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

faklkmlkcleeoibffcbligohmkciloif - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

"Backup.Old.Start Page"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://newtab.certified-toolbar.com/nie?si=33953&tid=2958&new=true"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://newtab.certified-toolbar.com/nie?si=33953&tid=2958&new=true"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=33953&home=true&tid=2958"

"Default_Search_URL"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q="

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Search_URL"="http://www.google.com/"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Search_URL"="http://www.google.com/"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Search_URL"="http://www.google.com/"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.be/"

"Backup.Old.Start Page"="http://www.google.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully

C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\flokke\Desktop\Continue FoxTab PDF Reader Installation - kopie.lnk - C:\Users\flokke\AppData\Local\Temp\ICReinstall_PDFReaderSetup_V3.exe /RR

C:\Users\flokke\Desktop\Continue FoxTab PDF Reader Installation.lnk - C:\Users\flokke\AppData\Local\Temp\ICReinstall_PDFReaderSetup_V3.exe /RR

C:\Users\flokke\Desktop\Diaper Dash - kopie.lnk - C:\Zylom Games\Diaper Dash\diaperdash.exe

C:\Users\flokke\Desktop\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1

C:\Users\flokke\Desktop\Qoobox - kopie.lnk - C:\Qoobox

C:\Users\flokke\Desktop\Download\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1

C:\Users\flokke\Desktop\fotoos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1 - Snelkoppeling - kopie.lnk - C:\Users\flokke\Videos\DVD_Indiana Jones And The Raiders Of The Lost Ark 1

C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling (2).lnk - C:\Users\flokke

C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling (3).lnk - C:\Users\flokke

C:\Users\flokke\Desktop\fotoos\flokke - Snelkoppeling.lnk - C:\Users\flokke

C:\Users\flokke\Desktop\fotoos\Qoobox.lnk - C:\Qoobox

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Users\Public\Desktop\Benodigdheden kopen - HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\Bin\hpqDTSS.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\HP ePrintCenter - HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\ePrintCenterShortcut.url

C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe

C:\Users\Public\Desktop\HP Photosmart 6510 series.lnk - C:\Program Files (x86)\HP\HP Photosmart 6510 series\Bin\HP Photosmart 6510 series.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Public\Desktop\Nero Kwik Media.lnk - C:\Program Files (x86)\Nero\KM\KwikMedia.exe

C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe

C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Users Start Menu ======================

C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Photosmart 6510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1C2411DT05QB;CONNECTION=NW;MONITOR=1;

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free launcher for Minecraft Alpha.lnk - C:\Users\flokke\Desktop\minecraft.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\faklkmlkcleeoibffcbligohmkciloif deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1C2411DT05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\flokke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 6510 series (netwerk).lnk = ?

O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\flokke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 31/08/2013 at 19:05:05,64 ======================

- - - Updated - - -

logje adwcleaner :# AdwCleaner v3.001 - Report created 31/08/2013 at 19:15:28

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : flokke - FLOKKE-PC

# Running from : C:\Users\flokke\Downloads\adwcleaner(2).exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (nl)

[ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00]

AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14]

AdwCleaner[R2].txt - [18379 octets] - [31/08/2013 18:32:10]

AdwCleaner[R3].txt - [1573 octets] - [31/08/2013 19:14:57]

AdwCleaner[s0].txt - [15286 octets] - [31/08/2013 18:32:41]

AdwCleaner[s1].txt - [1506 octets] - [31/08/2013 19:15:28]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1566 octets] ##########

- - - Updated - - -

logje adwcleaner :# AdwCleaner v3.001 - Report created 31/08/2013 at 19:15:28

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : flokke - FLOKKE-PC

# Running from : C:\Users\flokke\Downloads\adwcleaner(2).exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Folder Deleted : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (nl)

[ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00]

AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14]

AdwCleaner[R2].txt - [18379 octets] - [31/08/2013 18:32:10]

AdwCleaner[R3].txt - [1573 octets] - [31/08/2013 19:14:57]

AdwCleaner[s0].txt - [15286 octets] - [31/08/2013 18:32:41]

AdwCleaner[s1].txt - [1506 octets] - [31/08/2013 19:15:28]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1566 octets] ##########

Link naar reactie
Delen op andere sites

eerste logje dan toch terug gevonden ergens in quarantaine? xD

# AdwCleaner v3.001 - Report created 31/08/2013 at 18:32:10

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : flokke - FLOKKE-PC

# Running from : C:\Users\flokke\Downloads\adwcleaner(1).exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END

File Found : C:\Program Files (x86)\Mozilla Firefox\user.js

File Found : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\searchplugins\Askcom.xml

File Found : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\user.js

File Found : C:\Windows\System32\roboot64.exe

Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Folder Found : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Folder Found C:\Program Files (x86)\Common Files\337

Folder Found C:\Program Files (x86)\Conduit

Folder Found C:\Program Files (x86)\FreezbGames

Folder Found C:\Program Files (x86)\Protected Search

Folder Found C:\Program Files (x86)\Red Sky

Folder Found C:\ProgramData\Ask

Folder Found C:\ProgramData\Babylon

Folder Found C:\ProgramData\boost_interprocess

Folder Found C:\ProgramData\eSafe

Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Found C:\ProgramData\Partner

Folder Found C:\ProgramData\Trymedia

Folder Found C:\Users\flokke\AppData\Local\Conduit

Folder Found C:\Users\flokke\AppData\Local\cool_mirage

Folder Found C:\Users\flokke\AppData\Local\DownTango

Folder Found C:\Users\flokke\AppData\Local\Ilivid Player

Folder Found C:\Users\flokke\AppData\Local\Temp\eIntaller

Folder Found C:\Users\flokke\AppData\LocalLow\Conduit

Folder Found C:\Users\flokke\AppData\LocalLow\FreezbGames

Folder Found C:\Users\flokke\AppData\LocalLow\PriceGong

Folder Found C:\Users\flokke\AppData\LocalLow\searchquband

Folder Found C:\Users\flokke\AppData\LocalLow\SimplyTech

Folder Found C:\Users\flokke\AppData\LocalLow\Softonic

Folder Found C:\Users\flokke\AppData\Roaming\Media Finder

Folder Found C:\Users\flokke\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

Folder Found C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack

Folder Found C:\Users\flokke\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

Shortcut Found : C:\Users\flokke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852

Key Found : HKCU\Software\1ClickDownload

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\Crossrider

Key Found : HKCU\Software\AppDataLow\Software\FreezbGames

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\Blabbers

Key Found : HKCU\Software\BrowserCompanion

Key Found : HKCU\Software\IGearSettings

Key Found : HKCU\Software\MediaFinder

Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{55D7C7BC-12A7-4F9B-81C0-600D9A182395}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55D7C7BC-12A7-4F9B-81C0-600D9A182395}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C522512A-9C2C-4DE5-9F63-976B560FEF14}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\1ClickDownload

Key Found : [x64] HKCU\Software\Blabbers

Key Found : [x64] HKCU\Software\BrowserCompanion

Key Found : [x64] HKCU\Software\IGearSettings

Key Found : [x64] HKCU\Software\MediaFinder

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : [x64] HKCU\Software\Softonic

Key Found : HKLM\Software\Babylon

Key Found : HKLM\Software\BrowserCompanion

Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{55D7C7BC-12A7-4F9B-81C0-600D9A182395}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99208DAB-EE64-4DC9-8340-497DA472A062}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\MF

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\PutLockerDownloader

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\Desksvc

Key Found : HKLM\Software\FreezbGames

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D240C25-B824-403D-BDCD-F8836B7A9EF7}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{728A9D16-E497-4C9F-ADEB-EF413C7FCB54}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft (1)_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft (1)_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft-server_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_minecraft-server_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_nero-kwikmedia_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_nero-kwikmedia_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55D7C7BC-12A7-4F9B-81C0-600D9A182395}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99208DAB-EE64-4DC9-8340-497DA472A062}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreezbGames Toolbar

Key Found : HKLM\Software\qvo6Software

Key Found : HKLM\Software\systweak

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [backup.old.Start Page]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{55D7C7BC-12A7-4F9B-81C0-600D9A182395}]

Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [backup.Old.Start Page] - hxxp://search.babylon.com/?affID=113480&tt=010812_hpdel_3112_4&babsrc=HP_ss&mntrId=ca8fa289000000000000485d60cef418

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [start Page] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [search Bar] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [search Page] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Page] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=33953&home=true&tid=2958

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Bar] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Page] - hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=

Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=33953&bs=true&tid=2958&q=%s

-\\ Mozilla Firefox v23.0.1 (nl)

[ File : C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "qvo6");

Line Found : user_pref("browser.search.order.1", "qvo6");

Line Found : user_pref("browser.search.selectedEngine", "qvo6");

Line Found : user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=hp&from=ild&uid=ST32000542AS_5XW29CSFXXXX5XW29CSF&ts=1377876852");

Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\AVG\\\\AVG2012\\\\Firefox4\[...]

-\\ Google Chrome v

[ File : C:\Users\flokke\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage

*************************

AdwCleaner[R0].txt - [18613 octets] - [30/08/2013 20:52:00]

AdwCleaner[R1].txt - [18674 octets] - [30/08/2013 20:53:14]

AdwCleaner[R2].txt - [18173 octets] - [31/08/2013 18:32:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [18234 octets] ##########

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Alvast bedankt....ziet er al stukken beter uit!:-)

Zoek.exe Version 4.0.0.4 Updated 31-08-2013

Tool run by flokke on zo 01/09/2013 at 19:58:43,50.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\flokke\AppData\Local\Temp\Rar$EXa0.133\zoek.exe [script inserted] [Checkboxes used]

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default\jetpack" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

- PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\flokke\AppData\Roaming\Mozilla\Firefox\Profiles\7oos7kup.default

0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16

F65284ABAC78410D561587F7C66043BA - C:\Users\flokke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\flokke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

EFC5F7D71CF84407ABEE5412AAD79153 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer

87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{5466DBE2-C698-46BA-B9C5-FDB0FF4E6EFD} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\flokke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\flokke\AppData\Local\Mozilla\Firefox\Profiles\7oos7kup.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\flokke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\flokke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 01/09/2013 at 20:03:50,33 ======================

Link naar reactie
Delen op andere sites

Met AVG en Malwarebytes lijk je qua beveiliging wel OK te zitten (indien deze permanent geupdate worden, natuurlijk), dus lijkt het eerder aan het "klik"-gedrag te liggen. Misschien toch iets beter uitkijken bij het internetten en/of downloaden van programma's. Een "foute" klik is snel gemaakt ... en dan krijg je heel wat ongewenst spul mee op de PC.

Nu het er "goed" uitziet, mag je de gebruikte tools verwijderen en nog wat restjes opruimen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.