virus

[ibizavirus]

lukt niet, ik krijg dit bericht. C:\users\ron\appdata\local\temp\zoek.hta is geen geldige win32-toepassing.

wat te doen?

10 oktober 2013 aangepast door kape
quote verwijderd

[kape]

Heb je alle bestanden van de zoek.zip samen uitgepakt naar een zelfde map ? En dan de toepassing zoek.exe opgestart. Op basis van je vorig bericht zou ik denken dat je de bestanden slechts in een tijdelijke map (temp) hebt opgeslagen.

[ibizavirus]

Zoek.exe Version 4.0.0.5 Updated 09-October-2013

Tool run by Ron on 10/10/2013 at 18:43:02,74.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Ron\Desktop\Nieuwe map\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

10/10/2013 18:47:35 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

"ApnTBMon"=-

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\hosts\hosts-bho.dll" deleted

"C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted

"C:\Program Files (x86)\Mozilla Firefox\user.js" deleted

"C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted

"C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-chromeinstaller" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-enabler" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-updater" deleted

"C:\windows\SysNative\tasks\Updater35382.exe" deleted

"C:\windows\SysNative\tasks\BitGuard" deleted

"C:\user.js" deleted

"C:\prefs.js" deleted

"C:\Windows\Syswow64\tmp8813.tmp" deleted

"C:\Windows\Syswow64\tmp8814.tmp" deleted

"C:\Users\Public\Desktop\YourFile Downloader.lnk" deleted

"C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted

"C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted

"C:\Users\Ron\Desktop\Search.lnk" deleted

"C:\Program Files (x86)\YourFileDownloader\htmlayout.dll" deleted

"C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Users\Ron\AppData\Roaming\Vso" deleted

"C:\Users\Ron\AppData\Roaming\Ezyn" deleted

"C:\Users\Ron\AppData\Roaming\Temp" deleted

"C:\Program Files (x86)\Plus-HD-2.3" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Program Files (x86)\Media Crawler" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\Users\Ron\AppData\Roaming\OpenCandy" deleted

"C:\Program Files (x86)\iVIDI.org plugin" deleted

"C:\Program Files (x86)\YourFileDownloader" deleted

"C:\Program Files (x86)\hosts" deleted

"C:\Program Files (x86)\MyFree Codec" deleted

"C:\Program Files (x86)\Plus-HD-2.3" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Users\Ron\AppData\Roaming\SpeedyPC Software" deleted

"C:\Users\Ron\AppData\Roaming\ParetoLogic" deleted

"C:\Users\Ron\AppData\Roaming\DriverCure" deleted

"C:\Users\Ron\AppData\Roaming\Babylon" deleted

"C:\Users\Ron\AppData\Roaming\File Scout" deleted

"C:\Users\Ron\AppData\Roaming\Systweak" deleted

"C:\Users\Ron\AppData\Roaming\YourFileDownloader" deleted

"C:\Users\Ron\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Ask" deleted

"C:\ProgramData\AskPartnerNetwork" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\ProgramData\SpeedyPC Software" deleted

"C:\ProgramData\DSearchLink" deleted

"C:\ProgramData\ParetoLogic" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Premium" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\Ron\AppData\Local\OpenCandy" deleted

"C:\Users\Ron\AppData\Local\Updater35382" deleted

"C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted

"C:\Users\Ron\AppData\LocalLow\Delta" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Ron\AppData\Local\Temp ====

2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-10-08 20:09:24 AE2CF300E9EBB005C9AB088C38A8C6DF 2034 ----a-w- C:\Windows\Sysnative\.crusader

2013-09-30 19:04:24 D74615934916D983058244B8579C63F4 1648 ----a-w- C:\Windows\Sysnative\ASOROSet.bin

2013-09-29 17:52:48 283A67C518FE4B3BBAA5DEBFCD9E062F 318 ----a-w- C:\Windows\Sysnative\ayboot.ini

====== C:\Windows\Sysnative\drivers =====

2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

====== C:\Windows\Tasks ======

2013-10-01 16:27:18 90B8842321E2B60751085C44FC7C51BD 3514 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3

2013-10-01 16:27:18 85D9F7A43B12ED2A6B6295B7D8E9213A 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job

2013-10-01 16:27:17 EDBB8309920517CCEFA1E48DC1B62AC6 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job

2013-10-01 16:27:17 0A0A525D9BEEA3F3D707B3989A8D0CE0 3588 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-08 20:04:31 -------- d-----w- C:\Program Files\HitmanPro

2013-10-08 11:55:00 -------- d-----w- C:\Program Files\trend micro

2013-10-01 16:26:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2013-09-29 17:44:09 -------- d-----w- C:\Program Files\Roboscan

2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iTunes

2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iPod

======= C:\Program Files (x86) =====

2013-10-10 09:41:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2013-10-10 09:39:23 -------- d-----w- C:\Program Files (x86)\AVG

2013-10-01 20:27:36 -------- d-----w- C:\Program Files (x86)\Tododownloads

2013-09-21 07:26:42 -------- d-----w- C:\Program Files (x86)\iTunes

======= C: =====

====== C:\Users\Ron\AppData\Roaming ======

2013-10-10 09:44:37 -------- d-----w- C:\Users\Ron\AppData\Roaming\AVG2014

2013-10-10 09:43:40 -------- d-----w- C:\Users\Ron\AppData\Local\AVG Secure Search

2013-10-10 09:43:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014

2013-10-10 09:42:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014

2013-10-10 09:42:40 -------- d-----w- C:\Users\Ron\AppData\Roaming\TuneUp Software

2013-10-10 09:39:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014

2013-10-01 16:27:07 -------- d-----w- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com

2013-09-29 17:10:03 -------- d-----w- C:\Users\Ron\AppData\Local\Avg2014

2013-09-26 13:52:57 -------- d-----w- C:\Users\Ron\AppData\Locallow\Unitech LLC

2013-09-21 09:48:36 -------- d-----w- C:\Users\Ron\AppData\Local\avgchrome

====== C:\Users\Ron ======

2013-10-10 09:42:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-10-10 09:42:05 -------- d-----w- C:\ProgramData\AVG Secure Search

2013-10-10 09:40:21 -------- d-----w- C:\ProgramData\AVG2014

2013-10-08 20:04:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2013-10-08 19:54:53 -------- d-----w- C:\ProgramData\HitmanPro

2013-10-01 16:26:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2013-09-29 17:44:11 -------- d-----w- C:\ProgramData\Roboscan

2013-09-21 07:27:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-09-21 07:26:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-09-21 07:04:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2013-09-21 06:40:05 -------- d-----w- C:\ProgramData\BitGuard

====== C: exe-files ==

2013-10-10 10:30:20 43B63250671DDA87C44E00781D11F07D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IJXAKTK.exe

2013-10-10 09:42:14 3F8F7283423EF7905A0F98717E7466BC 144920 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe

2013-10-10 09:42:08 2EBE2FCD878BCDD8A94B1A7C7ADC7574 2374168 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe

2013-10-10 09:42:05 E4650A5D381FF79711FCA554167E0931 1734680 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe

2013-10-10 09:41:56 D2D205152397398A218DEB418757DB43 944664 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe

2013-10-10 09:41:56 B8CD822E488D17FF40B2EAA3AD8F7ADD 2404376 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe

2013-10-10 09:41:56 81AF02CFDC98FE4551308171C3687093 644120 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe

2013-10-10 09:41:56 266D63DF05B5ADB17E099E4D2585BC44 1959960 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe

2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe

2013-10-08 20:04:32 3EDAD05F378D4751E14CDA596A5E7E43 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe

2013-10-08 20:04:31 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-10-08 19:57:03 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Users\Ron\Desktop\comp\HitmanPro_x64.exe

2013-10-08 11:55:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ron.exe

2013-10-08 11:52:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ron\Desktop\comp\RSITx64.exe

2013-10-08 11:39:20 28930CA59C0EEAB65D2BA35CEFB81AAD 4425448 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RJXAKTK.exe

2013-10-04 16:46:28 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe

=== C: other files ==

2013-10-10 16:42:17 1E4A05CF2B1C5B0DB896FA24E11B4C2E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IP8JTTH.com

2013-10-10 16:42:16 47E1B6DB7529FFC881F61A13FBE9866E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IHX6D2H.zip

2013-10-10 14:30:20 3D92DDBED8254EA0A089B166D434205B 1387038 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RP8JTTH.com

2013-10-10 14:27:27 2E56D5C213453581A5FA48B345F4FE96 3892784 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RHX6D2H.zip

2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-10-10 09:41:56 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Run]

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"VolPanel"="C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe /r"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"

"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"

"AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"WIRELESS-KB-LED-STATUS"="C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"AirPort Base Station Agent"="C:\Program Files (x86)\AirPort\APAgent.exe"

"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~3\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry"

"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"NokiaOviSuite2"="C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"UpdReg"="C:\\Windows\\UpdReg.EXE"

==== Startup Folders ======================

2011-02-21 18:01:39 1310 ----a-w- C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41]

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]

"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{04BD2DB7-A77C-4FD7-9B39-8F9758A5441B}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\YourFile Update" [C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe]

"C:\Windows\SysNative\tasks\{01A88DFD-FB20-4254-B31C-4CEF99B224B5}" [F:\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\{A226DC20-5B1B-4F37-B1F4-D289A3B868C0}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\{BA1EC3AE-6CB7-428E-A285-9AF4DE287ECA}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe]

"C:\Windows\SysNative\tasks\{E47C8C26-B64C-4D35-84CE-4053DA9D744C}" [F:\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox in Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [19/06/2011 17:53]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaajlichkifkomgmecdgjpogphafeml - C:\ProgramData\AskPartnerNetwork\Toolbar\BLP-V7\CRX\ToolbarCR.crx[]

dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\Ron\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[]

giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx[]

jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[]

Sammsoft Toolbar - Ron - Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml

YouTube - Ron - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Ron - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

PasswordBox - Free Password Manager - Ron - Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb

iVIDI.org plugin - Ron - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol

Chrome In-App Payments service - Ron - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

hosts - Ron - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa

Plus-HD-2.3 - Ron - Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec

Gmail - Ron - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaajlichkifkomgmecdgjpogphafeml_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Dogpile Web Search"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="Dogpile Web Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - Startup: MobileCamStreamer™.appref-ms

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll

O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Ron\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\ProgramData\BitGuard" not found

"C:\ProgramData\BitGuard" not found

==== EOF on 10/10/2013 at 19:28:28,79 ======================

[kape]

Uitstekend ... hiermee heb je nog een berg rommel van de PC gehaald en heel wat besmettingen opgeruimd. Doe nog even dit:

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

[ibizavirus]

Zoek.exe Version 4.0.0.5 Updated 09-October-2013

Tool run by Ron on 10/10/2013 at 18:43:02,74.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Ron\Desktop\Nieuwe map\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

10/10/2013 18:47:35 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

"ApnTBMon"=-

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\hosts\hosts-bho.dll" deleted

"C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted

"C:\Program Files (x86)\Mozilla Firefox\user.js" deleted

"C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted

"C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-codedownloader.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-enabler.job" deleted

"C:\Windows\tasks\Plus-HD-2.3-updater.job" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-chromeinstaller" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-enabler" deleted

"C:\windows\SysNative\tasks\Plus-HD-2.3-updater" deleted

"C:\windows\SysNative\tasks\Updater35382.exe" deleted

"C:\windows\SysNative\tasks\BitGuard" deleted

"C:\user.js" deleted

"C:\prefs.js" deleted

"C:\Windows\Syswow64\tmp8813.tmp" deleted

"C:\Windows\Syswow64\tmp8814.tmp" deleted

"C:\Users\Public\Desktop\YourFile Downloader.lnk" deleted

"C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted

"C:\Users\Ron\Desktop\SoftonicDownloader_voor_avg-antivirus-free-2014.exe" deleted

"C:\Users\Ron\Desktop\Search.lnk" deleted

"C:\Program Files (x86)\YourFileDownloader\htmlayout.dll" deleted

"C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Users\Ron\AppData\Roaming\Vso" deleted

"C:\Users\Ron\AppData\Roaming\Ezyn" deleted

"C:\Users\Ron\AppData\Roaming\Temp" deleted

"C:\Program Files (x86)\Plus-HD-2.3" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Program Files (x86)\Media Crawler" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\Users\Ron\AppData\Roaming\OpenCandy" deleted

"C:\Program Files (x86)\iVIDI.org plugin" deleted

"C:\Program Files (x86)\YourFileDownloader" deleted

"C:\Program Files (x86)\hosts" deleted

"C:\Program Files (x86)\MyFree Codec" deleted

"C:\Program Files (x86)\Plus-HD-2.3" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Users\Ron\AppData\Roaming\SpeedyPC Software" deleted

"C:\Users\Ron\AppData\Roaming\ParetoLogic" deleted

"C:\Users\Ron\AppData\Roaming\DriverCure" deleted

"C:\Users\Ron\AppData\Roaming\Babylon" deleted

"C:\Users\Ron\AppData\Roaming\File Scout" deleted

"C:\Users\Ron\AppData\Roaming\Systweak" deleted

"C:\Users\Ron\AppData\Roaming\YourFileDownloader" deleted

"C:\Users\Ron\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Ask" deleted

"C:\ProgramData\AskPartnerNetwork" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\ProgramData\SpeedyPC Software" deleted

"C:\ProgramData\DSearchLink" deleted

"C:\ProgramData\ParetoLogic" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Premium" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\Ron\AppData\Local\OpenCandy" deleted

"C:\Users\Ron\AppData\Local\Updater35382" deleted

"C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted

"C:\Users\Ron\AppData\LocalLow\Delta" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Ron\AppData\Local\Temp ====

2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-10-08 20:09:24 AE2CF300E9EBB005C9AB088C38A8C6DF 2034 ----a-w- C:\Windows\Sysnative\.crusader

2013-09-30 19:04:24 D74615934916D983058244B8579C63F4 1648 ----a-w- C:\Windows\Sysnative\ASOROSet.bin

2013-09-29 17:52:48 283A67C518FE4B3BBAA5DEBFCD9E062F 318 ----a-w- C:\Windows\Sysnative\ayboot.ini

====== C:\Windows\Sysnative\drivers =====

2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

====== C:\Windows\Tasks ======

2013-10-01 16:27:18 90B8842321E2B60751085C44FC7C51BD 3514 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3

2013-10-01 16:27:18 85D9F7A43B12ED2A6B6295B7D8E9213A 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job

2013-10-01 16:27:17 EDBB8309920517CCEFA1E48DC1B62AC6 506 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job

2013-10-01 16:27:17 0A0A525D9BEEA3F3D707B3989A8D0CE0 3588 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-08 20:04:31 -------- d-----w- C:\Program Files\HitmanPro

2013-10-08 11:55:00 -------- d-----w- C:\Program Files\trend micro

2013-10-01 16:26:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2013-09-29 17:44:09 -------- d-----w- C:\Program Files\Roboscan

2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iTunes

2013-09-21 07:26:42 -------- d-----w- C:\Program Files\iPod

======= C:\Program Files (x86) =====

2013-10-10 09:41:56 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2013-10-10 09:39:23 -------- d-----w- C:\Program Files (x86)\AVG

2013-10-01 20:27:36 -------- d-----w- C:\Program Files (x86)\Tododownloads

2013-09-21 07:26:42 -------- d-----w- C:\Program Files (x86)\iTunes

======= C: =====

====== C:\Users\Ron\AppData\Roaming ======

2013-10-10 09:44:37 -------- d-----w- C:\Users\Ron\AppData\Roaming\AVG2014

2013-10-10 09:43:40 -------- d-----w- C:\Users\Ron\AppData\Local\AVG Secure Search

2013-10-10 09:43:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014

2013-10-10 09:42:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014

2013-10-10 09:42:40 -------- d-----w- C:\Users\Ron\AppData\Roaming\TuneUp Software

2013-10-10 09:39:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014

2013-10-01 16:27:07 -------- d-----w- C:\Users\Ron\AppData\Roaming\SUPERAntiSpyware.com

2013-09-29 17:10:03 -------- d-----w- C:\Users\Ron\AppData\Local\Avg2014

2013-09-26 13:52:57 -------- d-----w- C:\Users\Ron\AppData\Locallow\Unitech LLC

2013-09-21 09:48:36 -------- d-----w- C:\Users\Ron\AppData\Local\avgchrome

====== C:\Users\Ron ======

2013-10-10 09:42:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-10-10 09:42:05 -------- d-----w- C:\ProgramData\AVG Secure Search

2013-10-10 09:40:21 -------- d-----w- C:\ProgramData\AVG2014

2013-10-08 20:04:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2013-10-08 19:54:53 -------- d-----w- C:\ProgramData\HitmanPro

2013-10-01 16:26:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2013-09-29 17:44:11 -------- d-----w- C:\ProgramData\Roboscan

2013-09-21 07:27:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-09-21 07:26:42 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-09-21 07:04:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2013-09-21 06:40:05 -------- d-----w- C:\ProgramData\BitGuard

====== C: exe-files ==

2013-10-10 10:30:20 43B63250671DDA87C44E00781D11F07D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IJXAKTK.exe

2013-10-10 09:42:14 3F8F7283423EF7905A0F98717E7466BC 144920 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe

2013-10-10 09:42:08 2EBE2FCD878BCDD8A94B1A7C7ADC7574 2374168 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe

2013-10-10 09:42:05 E4650A5D381FF79711FCA554167E0931 1734680 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe

2013-10-10 09:41:56 D2D205152397398A218DEB418757DB43 944664 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe

2013-10-10 09:41:56 B8CD822E488D17FF40B2EAA3AD8F7ADD 2404376 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe

2013-10-10 09:41:56 81AF02CFDC98FE4551308171C3687093 644120 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe

2013-10-10 09:41:56 266D63DF05B5ADB17E099E4D2585BC44 1959960 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe

2013-10-10 09:41:21 385BFA00009C3BFA7243691484372B65 4675096 ----a-w- C:\Users\Ron\AppData\Local\Temp\oi_{0C4C2C07-DF00-4CC5-BA68-D153F8AE1BB3}.exe

2013-10-08 20:04:32 3EDAD05F378D4751E14CDA596A5E7E43 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe

2013-10-08 20:04:31 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-10-08 19:57:03 290AF371D8D36E5590939018452C4640 9879648 ----a-w- C:\Users\Ron\Desktop\comp\HitmanPro_x64.exe

2013-10-08 11:55:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ron.exe

2013-10-08 11:52:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Ron\Desktop\comp\RSITx64.exe

2013-10-08 11:39:20 28930CA59C0EEAB65D2BA35CEFB81AAD 4425448 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RJXAKTK.exe

2013-10-04 16:46:28 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe

=== C: other files ==

2013-10-10 16:42:17 1E4A05CF2B1C5B0DB896FA24E11B4C2E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IP8JTTH.com

2013-10-10 16:42:16 47E1B6DB7529FFC881F61A13FBE9866E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$IHX6D2H.zip

2013-10-10 14:30:20 3D92DDBED8254EA0A089B166D434205B 1387038 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RP8JTTH.com

2013-10-10 14:27:27 2E56D5C213453581A5FA48B345F4FE96 3892784 ----a-w- C:\$Recycle.Bin\S-1-5-21-409059723-2902863822-1341115650-1000\$RHX6D2H.zip

2013-10-10 09:42:14 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-10-10 09:41:56 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Windows\CurrentVersion\Run]

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"VolPanel"="C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe /r"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"

"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"

"AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"WIRELESS-KB-LED-STATUS"="C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"AirPort Base Station Agent"="C:\Program Files (x86)\AirPort\APAgent.exe"

"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~3\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RunDLLEntry"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry"

"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"NokiaOviSuite2"="C:\\Program Files (x86)\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe -tray"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"UpdReg"="C:\\Windows\\UpdReg.EXE"

==== Startup Folders ======================

2011-02-21 18:01:39 1310 ----a-w- C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/08/2011 14:41]

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task d4259c1b-380d-4d31-983c-7fe48468cff3" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]

"C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task f60bdc71-37a2-4cf5-bd6b-e7c51d6dc16b" [C:\Program Files\SUPERAntiSpyware\SASTask.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{04BD2DB7-A77C-4FD7-9B39-8F9758A5441B}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\YourFile Update" [C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe]

"C:\Windows\SysNative\tasks\{01A88DFD-FB20-4254-B31C-4CEF99B224B5}" [F:\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\{A226DC20-5B1B-4F37-B1F4-D289A3B868C0}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\{BA1EC3AE-6CB7-428E-A285-9AF4DE287ECA}" [C:\Program Files (x86)\Electronic Arts\Burnout Paradise The Ultimate Box\BurnoutParadise.exe]

"C:\Windows\SysNative\tasks\{E47C8C26-B64C-4D35-84CE-4053DA9D744C}" [F:\BurnoutLauncher.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox in Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" [19/06/2011 17:53]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaajlichkifkomgmecdgjpogphafeml - C:\ProgramData\AskPartnerNetwork\Toolbar\BLP-V7\CRX\ToolbarCR.crx[]

dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\Ron\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[]

giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files (x86)\iVIDI.org plugin\ividiplg.crx[]

jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[]

Sammsoft Toolbar - Ron - Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml

YouTube - Ron - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Ron - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

PasswordBox - Free Password Manager - Ron - Default\Extensions\dljbcjbfojhlfhgenhepllagfecdpchb

iVIDI.org plugin - Ron - Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol

Chrome In-App Payments service - Ron - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

hosts - Ron - Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa

Plus-HD-2.3 - Ron - Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec

Gmail - Ron - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaajlichkifkomgmecdgjpogphafeml_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_nnlomafmkpiclmaaekkhpoecnclldmaa_0 deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage deleted successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Dogpile Web Search"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="Dogpile Web Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_USERS\S-1-5-21-409059723-2902863822-1341115650-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajlichkifkomgmecdgjpogphafeml deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-21-409059723-2902863822-1341115650-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - Startup: MobileCamStreamer™.appref-ms

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E04BF841-9AE5-4672-A4CE-4C920C64E85C}: NameServer = 192.168.1.1,80.58.61.250

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll

O20 - AppInit_DLLs: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ron\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Ron\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\SysNative\tasks\Plus-HD-2.3-codedownloader" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\ProgramData\BitGuard" not found

"C:\ProgramData\BitGuard" not found

==== EOF on 10/10/2013 at 19:28:28,79 ======================

[ibizavirus]

# AdwCleaner v3.007 - Report created 10/10/2013 at 21:12:34

# Updated 09/10/2013 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Ron - RON-DESKTOP-PC

# Running from : C:\Users\Ron\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\AVG Secure Search

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

*************************

AdwCleaner[R0].txt - [11497 octets] - [10/10/2013 21:06:04]

AdwCleaner[s0].txt - [601 octets] - [10/10/2013 21:12:34]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [660 octets] ##########

[kape]

Kan je voor de zekerheid even bekijken of je deze map C:\ProgramData\BitGuard nog op de PC kan vinden ?

[ibizavirus]

ik heb direct in C gekeken en in start zoeken het woord BITQUARD ingetoetst. is dit voldoende omdat soms bestanden ontzichtbaar zijn.

heb trouwens niks gevonden.

[kweezie wabbit]

zelf opgelost, beetje jammer dat er geen respons meer kwam:hmmmm:weet nu eigenlijk niet of de comp schoon is.

Sorry hoor maar wij zijn hier allemaal vrijwilligers en ik heb het de laatste tijd erg druk.

Kape heeft het echter goed overgenomen

ik heb direct in C gekeken en in start zoeken het woord BITQUARD ingetoetst. is dit voldoende omdat soms bestanden ontzichtbaar zijn.

heb trouwens niks gevonden.

Je hebt waarschijnlijk een tikfoutje gemaakt.

Je moet zoeken naar BitGuard en niet naar BITQUARD

[ibizavirus]

Sorry hoor maar wij zijn hier allemaal vrijwilligers en ik heb het de laatste tijd erg druk.

Kape heeft het echter goed overgenomen

Je hebt waarschijnlijk een tikfoutje gemaakt.

Je moet zoeken naar BitGuard en niet naar BITQUARD

@wabbit hole,

geen probleem. had de comp snel nodig en was een beetje geirriteerd. bedankt voor je bijdrage en kape heeft mij zeker goed geholpen.

we moeten idd blij zijn dat jullie vrijwilligers het oplossen voor ons leken.

ga zo door.

@kape,

type foutje komt door spaanse taal. heb het echter wel goed gedaan met controlle in de aangegeven plaatsen.

niks gevonden dus......nu??