Ga naar inhoud

Een object van het type System Boolean niet converteren naar het type System.String.


vogeltje

Aanbevolen berichten

Logfile of random's system information tool 1.09 (written by random/random)Run by Peter at 2013-11-12 21:53:08

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 378 GB (54%) free of 699 GB

Total RAM: 8182 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:54:35, on 12/11/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files (x86)\ExpressFiles\EFUpdater.exe

C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe

C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Searchya Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Ask Toolbar BHO - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing)

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O3 - Toolbar: (no name) - {6e47d688-85ec-465a-9946-ec58220f14fc} - (no file)

O3 - Toolbar: Ask Toolbar - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing)

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe

O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN

O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O18 - Protocol: linkscanner - (no CLSID) - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: ASO3DiskOptimizer - Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13862 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=aee76b64-a761-4952-800d-b047f1e4e360 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\cb85be25-8c3f-4e23-b09c-192ee331d020-298-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"

C:\Windows\system32\svchost.exe -k NetworkService

taskeng.exe {A0FEF26B-B3DB-4944-8A6D-79087EE67DE8}

C:\Windows\SysWOW64\brsvc01a.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"

"C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

brss01a.exe

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

C:\Windows\SysWOW64\svchost.exe -k netsvcs

"C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe"

"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=5d2c1057-b888-4439-8115-1e189fe03b3b /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\354b5a3e-f443-4069-ae59-a345ebe98833-cd8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

C:\Windows\Explorer.EXE

"C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe"

"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Windows\ehome\ehtray.exe"

"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"

C:\Windows\ehome\ehmsas.exe -Embedding

"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"

"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS

taskeng.exe {A87DE60A-CC7B-455D-B945-AAABA0A81217}

"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN

"C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

"C:\Program Files (x86)\ExpressFiles\EFUpdater.exe"

"C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch

"C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe"

taskeng.exe {405A74FF-5A6E-46A8-802A-FEC17A23F4D8}

"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 4160

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3828

C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe"

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe"

"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe"

"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

"C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="6728.0.380038114\1279287436" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6728.1.735603423\1253062332" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6728.2.1231423720\1276455827" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0603 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3158 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6728.4.1611834849\1035779062" /prefetch:673131151

"C:\Film downloads\RSITx64.exe"

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job

C:\Windows\tasks\ASO-OneClickCare.job

C:\Windows\tasks\Driver Booster Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HPCeeScheduleForPeter.job

C:\Windows\tasks\PCDRScheduledMaintenance.job

C:\Windows\tasks\SpeedUpMyPC.job

C:\Windows\tasks\spmonitor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-01 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\Windows\system32\mscoree.dll [2009-11-08 444752]

{4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{6e47d688-85ec-465a-9946-ec58220f14fc}

{4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512]

"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]

"Akamai NetSession Interface"=C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]

"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2013-05-30 122984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]

"KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288]

"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]

"UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdateLBPShortCut"=c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePSTShortCut"=c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe [2009-02-02 210216]

"TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424]

"CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640]

"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200]

"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2009-01-09 114688]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952]

"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-19 1150976]

"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30 1517640]

"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-11-07 1707472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-06-19 52272]

"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"EnableLinkedConnections"=1

"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"ForceActiveDesktopOn"=0

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\academy-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bejeweledtwist-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blasterball3-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\buildalot2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chocolatier-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chuzzle-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deathonthenile-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diner dash-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dinerdash2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\farm-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fate-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\golf-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\insaniquarium-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jewelquest3-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\labelprint.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong_artifacts-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onplay.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdr5cuiw32.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdr.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pegglenights-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\penguins-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polar-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polarpool-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regcleanpro.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\slingo-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stoneloops-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sump.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tradewindscaravans-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\turbopizza-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins001.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtual villagers - the secret city-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtualvillagers-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wedding dash-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winbej2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zuma-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.cmd - open - NOTEPAD.EXE %1

.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2013-11-12 21:53:08 ----D---- C:\rsit

2013-11-12 21:53:08 ----D---- C:\Program Files\trend micro

2013-11-06 21:46:48 ----D---- C:\Program Files (x86)\Internet Explorer

2013-11-06 21:43:15 ----A---- C:\Windows\system32\jsproxy.dll

2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2013-11-06 21:43:14 ----A---- C:\Windows\system32\iepeers.dll

2013-11-06 21:43:14 ----A---- C:\Windows\system32\ieapfltr.dll

2013-11-06 21:43:14 ----A---- C:\Windows\system32\corpol.dll

2013-11-06 21:43:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-11-06 21:43:13 ----A---- C:\Windows\SYSWOW64\corpol.dll

2013-11-06 21:43:13 ----A---- C:\Windows\system32\url.dll

2013-11-06 21:43:13 ----A---- C:\Windows\system32\mshtmled.dll

2013-11-06 21:43:13 ----A---- C:\Windows\system32\iertutil.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\url.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-11-06 21:43:12 ----A---- C:\Windows\system32\wininet.dll

2013-11-06 21:43:12 ----A---- C:\Windows\system32\urlmon.dll

2013-11-06 21:43:12 ----A---- C:\Windows\system32\msfeeds.dll

2013-11-06 21:43:12 ----A---- C:\Windows\system32\ieui.dll

2013-11-06 21:43:11 ----A---- C:\Windows\SYSWOW64\mstime.dll

2013-11-06 21:43:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-11-06 21:43:11 ----A---- C:\Windows\system32\mstime.dll

2013-11-06 21:43:11 ----A---- C:\Windows\system32\mshtml.dll

2013-11-06 21:43:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-11-06 21:43:09 ----A---- C:\Windows\system32\ieframe.dll

2013-11-06 03:25:29 ----D---- C:\Program Files\Unlocker

2013-11-05 05:36:38 ----A---- C:\Windows\system32\avgrep.txt

2013-11-05 05:34:09 ----A---- C:\Windows\ntbtlog.txt

2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRVOff.ini

2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRV.ini

2013-11-05 05:17:19 ----A---- C:\Windows\system32\HideMyIpSRVOff.ini

2013-11-05 05:17:19 ----A---- C:\Windows\system32\drivers\hmip64.sys

2013-11-05 04:11:04 ----D---- C:\ProgramData\AskPartnerNetwork

2013-11-05 04:11:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork

2013-11-05 04:03:24 ----D---- C:\ProgramData\APN

2013-11-01 12:44:51 ----D---- C:\Users\Peter\AppData\Roaming\Nico Mak Computing

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtPgEx64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtDataProc64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys

2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoRes64.dat

2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoInstII64.dll

2013-11-01 09:49:07 ----A---- C:\Windows\system32\FMAPO64.dll

2013-11-01 09:49:07 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll

2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvwgf2umx.dll

2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvopencl.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvoglv64.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispgenco6433158.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispco6433158.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvid.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvenc.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll

2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvapi.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcuda.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcompiler.dll

2013-11-01 09:25:40 ----A---- C:\Windows\system32\SmartDefragBootTime.exe

2013-11-01 09:20:44 ----A---- C:\Windows\system32\PROUnstl.exe

2013-11-01 09:15:33 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys

2013-11-01 09:10:03 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-11-01 08:45:52 ----D---- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 08:45:52 ----D---- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 08:38:00 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer

2013-11-01 08:37:59 ----D---- C:\ProgramData\ProductData

2013-11-01 08:37:55 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-01 08:37:53 ----D---- C:\Users\Peter\AppData\Roaming\IObit

2013-11-01 08:37:53 ----D---- C:\ProgramData\IObit

2013-11-01 08:37:45 ----D---- C:\Program Files (x86)\IObit

2013-10-31 22:52:10 ----A---- C:\autoexec.bat

2013-10-31 22:51:49 ----D---- C:\Program Files (x86)\Enigma Software Group

2013-10-31 22:51:01 ----D---- C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP

2013-10-27 16:46:50 ----D---- C:\ProgramData\Package Cache

2013-10-26 14:46:46 ----D---- C:\Users\Peter\AppData\Roaming\HideIPEasy

2013-10-26 14:46:46 ----D---- C:\ProgramData\HideIPEasy

2013-10-24 04:53:40 ----D---- C:\Users\Peter\AppData\Roaming\7952

======List of files/folders modified in the last 1 month======

2013-11-12 21:53:20 ----D---- C:\Windows\Temp

2013-11-12 21:53:19 ----D---- C:\Windows\Prefetch

2013-11-12 21:53:08 ----RD---- C:\Program Files

2013-11-12 21:52:13 ----D---- C:\Film downloads

2013-11-12 21:47:20 ----D---- C:\Users\Peter\AppData\Roaming\Vso

2013-11-12 21:47:10 ----D---- C:\Users\Peter\AppData\Roaming\vlc

2013-11-12 21:37:47 ----D---- C:\ProgramData\MFAData

2013-11-12 15:20:35 ----D---- C:\Windows\system32\config

2013-11-12 15:20:31 ----D---- C:\Windows\Tasks

2013-11-12 15:20:31 ----D---- C:\Windows\system32\spool

2013-11-12 15:20:31 ----D---- C:\Windows\system32\Msdtc

2013-11-12 15:20:31 ----D---- C:\Windows\system32\CodeIntegrity

2013-11-12 15:20:31 ----D---- C:\Windows\system32\catroot2

2013-11-12 15:20:31 ----D---- C:\Windows\System32

2013-11-12 15:20:30 ----D---- C:\Windows\system32\wbem

2013-11-12 15:20:30 ----D---- C:\Windows\registration

2013-11-12 15:20:30 ----D---- C:\Windows\inf

2013-11-12 15:20:30 ----D---- C:\Windows

2013-11-12 15:20:30 ----D---- C:\Program Files (x86)\Protected Search

2013-11-12 06:24:32 ----D---- C:\Windows\system32\Tasks

2013-11-11 15:26:40 ----D---- C:\Program Files (x86)\Advanced System Protector

2013-11-11 15:24:11 ----SHD---- C:\System Volume Information

2013-11-09 17:17:10 ----D---- C:\Users\Peter\AppData\Roaming\Systweak

2013-11-09 17:17:10 ----D---- C:\ProgramData\Systweak

2013-11-08 06:15:12 ----SHD---- C:\Windows\Installer

2013-11-07 21:33:39 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-06 21:46:48 ----RD---- C:\Program Files (x86)

2013-11-06 21:46:48 ----D---- C:\Windows\SYSWOW64\migration

2013-11-06 21:46:48 ----D---- C:\Windows\SysWOW64

2013-11-06 21:46:48 ----D---- C:\Windows\system32\migration

2013-11-06 21:46:48 ----D---- C:\Program Files\Internet Explorer

2013-11-06 21:46:47 ----D---- C:\Windows\AppPatch

2013-11-06 21:45:13 ----D---- C:\Windows\winsxs

2013-11-06 21:44:48 ----D---- C:\Windows\system32\catroot

2013-11-06 03:18:16 ----D---- C:\Windows\Minidump

2013-11-06 03:18:12 ----D---- C:\Program Files\Google

2013-11-06 03:18:12 ----D---- C:\Program Files (x86)\Google

2013-11-06 03:16:43 ----HD---- C:\ProgramData

2013-11-06 02:27:57 ----D---- C:\Windows\rescache

2013-11-06 01:33:51 ----D---- C:\Windows\Panther

2013-11-06 01:29:25 ----RD---- C:\Windows\Offline Web Pages

2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\wbem

2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-11-06 01:29:23 ----D---- C:\Windows\system32\nl-NL

2013-11-06 01:29:20 ----SD---- C:\Windows\Downloaded Program Files

2013-11-05 19:40:25 ----D---- C:\Program Files (x86)\Advanced System Optimizer 3

2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013

2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-05 06:14:03 ----D---- C:\ProgramData\ScanSoft

2013-11-05 06:13:56 ----D---- C:\Program Files (x86)\Common Files

2013-11-05 05:17:19 ----D---- C:\Windows\SYSWOW64\drivers

2013-11-05 05:17:19 ----D---- C:\Windows\system32\drivers

2013-11-02 08:17:16 ----D---- C:\Program Files (x86)\ExpressFiles

2013-11-01 10:16:52 ----D---- C:\Users\Peter\AppData\Roaming\Uniblue

2013-11-01 10:16:51 ----D---- C:\Program Files (x86)\Uniblue

2013-11-01 10:10:12 ----D---- C:\Windows\SoftwareDistribution

2013-11-01 10:01:11 ----D---- C:\Windows\Debug

2013-11-01 09:49:26 ----D---- C:\Windows\SYSWOW64\RTCOM

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkAPO64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkApi64.dll

2013-11-01 09:46:37 ----D---- C:\Temp

2013-11-01 09:46:35 ----D---- C:\ProgramData\NVIDIA

2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvd3dumx.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvapi64.dll

2013-11-01 09:09:59 ----D---- C:\Windows\Logs

2013-11-01 09:09:58 ----D---- C:\ProgramData\VSO

2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\Nero

2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\HpUpdate

2013-10-28 06:41:06 ----D---- C:\Windows\Microsoft.NET

2013-10-28 06:16:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-10-27 16:52:00 ----D---- C:\Windows\SYSWOW64\en-US

2013-10-27 16:51:59 ----D---- C:\Windows\system32\en-US

2013-10-27 07:34:10 ----D---- C:\Muziek downloads

2013-10-20 16:13:05 ----D---- C:\ProgramData\TuneUp Software

2013-10-19 00:44:56 ----D---- C:\Acv

2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvsvc64.dll

2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvcpl.dll

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvvsvc.exe

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvshext.dll

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvmctray.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2012-04-08 568600]

R0 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2013-07-26 123704]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-19 503352]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/19 15:47:50]; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-03-19 146928]

R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip64.sys [2013-06-19 30056]

R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys [2009-02-18 487936]

R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-02-18 37888]

R3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2011-10-20 322760]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-01 3641688]

R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver; C:\Windows\system32\DRIVERS\jmccgp.sys [2013-07-26 17136]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-03 1885792]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 12537632]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 168960]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]

S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-26 250984]

S3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS [2013-07-26 52224]

S3 ST50220;Sonix ST50220 USB Video Camera Driver; C:\Windows\System32\Drivers\ST50220.sys [2008-05-29 44544]

S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]

S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-10 38400]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-11-07 166352]

R2 ASO3DiskOptimizer;ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2012-09-07 263520]

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-09-04 1432080]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 Brother XP spl Service;BrSplService; C:\Windows\SysWOW64\brsvc01a.exe [2004-06-14 57344]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]

R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]

R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-15 922912]

R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-11-01 288472]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-10-11 2409272]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]

S2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-05-30 16000]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648]

S3 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 30798512]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 27648]

S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-22 1012344]

S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]

S4 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2008-12-09 242424]

S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]

S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

@ vogeltje,

:welkom: op PCH!.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Peter at 2013-11-14 21:42:18

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 358 GB (51%) free of 699 GB

Total RAM: 8182 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:42:28, on 14/11/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ExpressFiles\EFUpdater.exe

C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Searchya Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Ask Toolbar BHO - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing)

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O3 - Toolbar: (no name) - {6e47d688-85ec-465a-9946-ec58220f14fc} - (no file)

O3 - Toolbar: Ask Toolbar - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing)

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe

O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN

O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart

O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O18 - Protocol: linkscanner - (no CLSID) - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: ASO3DiskOptimizer - Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13866 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=ceb53750-52d4-4164-be54-d41e0f78e529 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\7b94e044-f7bd-4f65-b51b-810add4f9019-29c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

wininit.exe

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\SysWOW64\brsvc01a.exe

taskeng.exe {3EB84A13-D5CE-42E0-8D35-08C62C8CF273}

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

taskeng.exe {890D3C43-381C-4CD7-BB82-54E7BCBF3BDC}

taskeng.exe {9982C4FA-31DB-48C9-A1A1-259390083486}

"C:\Program Files (x86)\ExpressFiles\EFUpdater.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch

brss01a.exe

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"

"C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

C:\Windows\SysWOW64\svchost.exe -k netsvcs

"C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe"

"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe"

"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Windows\ehome\ehtray.exe"

"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"

"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

"C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN

"C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun

"C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe"

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

C:\Windows\ehome\ehmsas.exe -Embedding

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=568cac2d-9040-4e58-821f-8e67cec22509 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f6b68271-0353-456a-adb8-27136819ef65-d9c-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess

C:\Windows\System32\svchost.exe -k swprv

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"

C:\Windows\system32\vssvc.exe

"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2188

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 2612

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

C:\Windows\system32\conime.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe"

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c

"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"

"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe"

"C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe"

"C:\Program Files\WinRAR\WinRAR.exe" x -iext -ow -ver "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part2.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part3.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part4.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part5.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part6.rar" -- "C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part1.rar" "C:\Film downloads\Voor Tom\Machtte Kills (2013)\"

"C:\Users\Peter\Desktop\RSITx64.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f167/een-object-van-het-type-system-66095-new/"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="5716.0.293326529\102109566" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5716.1.344493155\387118332" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5716.2.791265607\1340135522" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5716.3.1405962242\871466136" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0603 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3158 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5716.4.467888764\1042384261" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job

C:\Windows\tasks\ASO-OneClickCare.job

C:\Windows\tasks\Driver Booster Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HPCeeScheduleForPeter.job

C:\Windows\tasks\PCDRScheduledMaintenance.job

C:\Windows\tasks\SpeedUpMyPC.job

C:\Windows\tasks\spmonitor.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-01 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\Windows\system32\mscoree.dll [2009-11-08 444752]

{4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{6e47d688-85ec-465a-9946-ec58220f14fc}

{4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512]

"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]

"Akamai NetSession Interface"=C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]

"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2013-05-30 122984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]

"KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288]

"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600]

"UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdateLBPShortCut"=c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePSTShortCut"=c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe [2009-02-02 210216]

"TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424]

"CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640]

"DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200]

"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2009-01-09 114688]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952]

"BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-19 1150976]

"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30 1517640]

"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-11-07 1707472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-06-19 52272]

"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"EnableLinkedConnections"=1

"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"ForceActiveDesktopOn"=0

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\academy-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bejeweledtwist-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blasterball3-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\buildalot2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chocolatier-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chuzzle-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deathonthenile-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diner dash-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dinerdash2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\farm-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fate-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\golf-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\insaniquarium-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jewelquest3-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\labelprint.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong_artifacts-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onplay.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdr5cuiw32.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdr.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pegglenights-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\penguins-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polar-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polarpool-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regcleanpro.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\slingo-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stoneloops-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sump.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tradewindscaravans-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\turbopizza-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins001.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtual villagers - the secret city-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtualvillagers-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wedding dash-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winbej2-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zuma-wt.exe]

"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.cmd - open - NOTEPAD.EXE %1

.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 3 months======

2013-11-13 05:05:41 ----A---- C:\Windows\system32\IKEEXT.DLL

2013-11-13 05:05:41 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2013-11-13 05:05:40 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL

2013-11-13 05:05:37 ----A---- C:\Windows\system32\mshtml.dll

2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-11-13 05:05:34 ----A---- C:\Windows\system32\wininet.dll

2013-11-13 05:05:34 ----A---- C:\Windows\system32\urlmon.dll

2013-11-13 05:05:34 ----A---- C:\Windows\system32\mshtmled.dll

2013-11-13 05:05:34 ----A---- C:\Windows\system32\ieframe.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\url.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\mstime.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\iepeers.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\corpol.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\url.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\mstime.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\msfeeds.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\jsproxy.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\ieui.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\iertutil.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\iepeers.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\ieapfltr.dll

2013-11-13 05:05:33 ----A---- C:\Windows\system32\corpol.dll

2013-11-13 05:05:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-11-13 05:05:32 ----A---- C:\Windows\system32\crypt32.dll

2013-11-13 05:05:30 ----A---- C:\Windows\SYSWOW64\gdi32.dll

2013-11-13 05:05:30 ----A---- C:\Windows\system32\gdi32.dll

2013-11-13 05:05:30 ----A---- C:\Windows\system32\drivers\afd.sys

2013-11-12 21:53:08 ----D---- C:\rsit

2013-11-12 21:53:08 ----D---- C:\Program Files\trend micro

2013-11-06 21:46:48 ----D---- C:\Program Files (x86)\Internet Explorer

2013-11-06 03:25:29 ----D---- C:\Program Files\Unlocker

2013-11-05 05:36:38 ----A---- C:\Windows\system32\avgrep.txt

2013-11-05 05:34:09 ----A---- C:\Windows\ntbtlog.txt

2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRVOff.ini

2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRV.ini

2013-11-05 05:17:19 ----A---- C:\Windows\system32\HideMyIpSRVOff.ini

2013-11-05 05:17:19 ----A---- C:\Windows\system32\drivers\hmip64.sys

2013-11-05 04:11:04 ----D---- C:\ProgramData\AskPartnerNetwork

2013-11-05 04:11:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork

2013-11-05 04:03:24 ----D---- C:\ProgramData\APN

2013-11-01 12:44:51 ----D---- C:\Users\Peter\AppData\Roaming\Nico Mak Computing

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtPgEx64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtDataProc64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys

2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoRes64.dat

2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoInstII64.dll

2013-11-01 09:49:07 ----A---- C:\Windows\system32\FMAPO64.dll

2013-11-01 09:49:07 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll

2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvwgf2umx.dll

2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvopencl.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvoglv64.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispgenco6433158.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispco6433158.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvid.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvenc.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys

2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll

2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvapi.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcuda.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcompiler.dll

2013-11-01 09:25:40 ----A---- C:\Windows\system32\SmartDefragBootTime.exe

2013-11-01 09:20:44 ----A---- C:\Windows\system32\PROUnstl.exe

2013-11-01 09:15:33 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys

2013-11-01 09:10:03 ----A---- C:\Windows\system32\drivers\mbam.sys

2013-11-01 08:45:52 ----D---- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 08:45:52 ----D---- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 08:38:00 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer

2013-11-01 08:37:59 ----D---- C:\ProgramData\ProductData

2013-11-01 08:37:55 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-01 08:37:53 ----D---- C:\Users\Peter\AppData\Roaming\IObit

2013-11-01 08:37:53 ----D---- C:\ProgramData\IObit

2013-11-01 08:37:45 ----D---- C:\Program Files (x86)\IObit

2013-10-31 22:52:10 ----A---- C:\autoexec.bat

2013-10-31 22:51:49 ----D---- C:\Program Files (x86)\Enigma Software Group

2013-10-31 22:51:01 ----D---- C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP

2013-10-27 16:46:50 ----D---- C:\ProgramData\Package Cache

2013-10-26 14:46:46 ----D---- C:\Users\Peter\AppData\Roaming\HideIPEasy

2013-10-26 14:46:46 ----D---- C:\ProgramData\HideIPEasy

2013-10-24 04:53:40 ----D---- C:\Users\Peter\AppData\Roaming\7952

2013-10-10 04:25:41 ----A---- C:\Windows\system32\win32k.sys

2013-10-10 04:25:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-10 04:25:36 ----A---- C:\Windows\system32\cdd.dll

2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll

2013-10-10 04:25:28 ----A---- C:\Windows\system32\FntCache.dll

2013-10-10 04:25:28 ----A---- C:\Windows\system32\DWrite.dll

2013-10-10 04:25:28 ----A---- C:\Windows\system32\d3d10warp.dll

2013-10-10 04:25:28 ----A---- C:\Windows\system32\d3d10level9.dll

2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10core.dll

2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll

2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll

2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10.dll

2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10core.dll

2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10_1core.dll

2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10_1.dll

2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10.dll

2013-10-10 04:25:27 ----A---- C:\Windows\system32\d2d1.dll

2013-10-10 04:25:25 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-10 04:25:25 ----A---- C:\Windows\system32\atmfd.dll

2013-10-10 04:25:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-10 04:25:24 ----A---- C:\Windows\system32\atmlib.dll

2013-10-10 04:25:23 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2013-10-10 04:25:23 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys

2013-10-10 04:25:21 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-10 04:25:21 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-10 04:25:20 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 04:25:20 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-10 04:25:19 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-10 04:25:19 ----A---- C:\Windows\system32\comctl32.dll

2013-10-07 09:26:33 ----D---- C:\Users\Peter\AppData\Roaming\OpenOffice

2013-10-07 09:25:09 ----D---- C:\Program Files (x86)\OpenOffice 4

2013-09-15 17:01:35 ----D---- C:\Studietoelage aanvraag Maité Willem 2013

2013-09-14 12:00:43 ----D---- C:\Users\Peter\AppData\Roaming\Zeon

2013-09-11 06:10:24 ----A---- C:\Windows\system32\themeui.dll

2013-09-11 06:10:23 ----A---- C:\Windows\SYSWOW64\themeui.dll

2013-09-05 00:43:42 ----A---- C:\Windows\system32\drivers\avgrkx64.sys

2013-09-02 20:49:11 ----D---- C:\Temp

2013-08-28 04:27:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-28 04:27:12 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-22 21:31:56 ----D---- C:\Users\Peter\AppData\Roaming\vlc

2013-08-21 19:18:30 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-08-21 19:15:11 ----D---- C:\Users\Peter\AppData\Roaming\PerformerSoft

2013-08-21 19:14:39 ----D---- C:\Users\Peter\AppData\Roaming\Mozilla

2013-08-21 19:14:35 ----D---- C:\ProgramData\Babylon

======List of files/folders modified in the last 3 months======

2013-11-14 21:42:26 ----D---- C:\Windows\Temp

2013-11-14 21:41:29 ----D---- C:\Windows\Prefetch

2013-11-14 21:40:55 ----D---- C:\Film downloads

2013-11-14 21:25:43 ----D---- C:\ProgramData\MFAData

2013-11-14 21:21:45 ----D---- C:\Muziek downloads

2013-11-14 21:20:58 ----D---- C:\Windows\system32\Tasks

2013-11-13 21:38:33 ----SHD---- C:\Windows\Installer

2013-11-13 06:17:24 ----D---- C:\Windows\rescache

2013-11-13 05:59:09 ----D---- C:\Windows\SysWOW64

2013-11-13 05:59:08 ----D---- C:\Windows\System32

2013-11-13 05:59:07 ----D---- C:\Windows\SYSWOW64\migration

2013-11-13 05:59:07 ----D---- C:\Program Files\Internet Explorer

2013-11-13 05:59:06 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-11-13 05:59:06 ----D---- C:\Windows\system32\nl-NL

2013-11-13 05:59:06 ----D---- C:\Windows\system32\migration

2013-11-13 05:59:06 ----D---- C:\Windows\AppPatch

2013-11-13 05:59:05 ----D---- C:\Windows\system32\drivers

2013-11-13 05:25:02 ----D---- C:\ProgramData\Microsoft Help

2013-11-13 05:23:35 ----D---- C:\Windows\winsxs

2013-11-13 05:23:16 ----D---- C:\Windows\system32\catroot

2013-11-13 05:23:11 ----D---- C:\Windows\system32\MRT

2013-11-13 05:21:12 ----D---- C:\Windows\Debug

2013-11-13 05:21:09 ----A---- C:\Windows\system32\mrt.exe

2013-11-13 05:19:00 ----SHD---- C:\System Volume Information

2013-11-13 05:04:52 ----D---- C:\Windows\system32\catroot2

2013-11-13 04:46:16 ----D---- C:\Users\Peter\AppData\Roaming\Vso

2013-11-12 21:53:08 ----RD---- C:\Program Files

2013-11-12 15:20:35 ----D---- C:\Windows\system32\config

2013-11-12 15:20:31 ----D---- C:\Windows\Tasks

2013-11-12 15:20:31 ----D---- C:\Windows\system32\spool

2013-11-12 15:20:31 ----D---- C:\Windows\system32\Msdtc

2013-11-12 15:20:31 ----D---- C:\Windows\system32\CodeIntegrity

2013-11-12 15:20:30 ----D---- C:\Windows\system32\wbem

2013-11-12 15:20:30 ----D---- C:\Windows\registration

2013-11-12 15:20:30 ----D---- C:\Windows\inf

2013-11-12 15:20:30 ----D---- C:\Windows

2013-11-12 15:20:30 ----D---- C:\Program Files (x86)\Protected Search

2013-11-11 15:26:40 ----D---- C:\Program Files (x86)\Advanced System Protector

2013-11-09 17:17:10 ----D---- C:\Users\Peter\AppData\Roaming\Systweak

2013-11-09 17:17:10 ----D---- C:\ProgramData\Systweak

2013-11-07 21:33:39 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-06 21:46:48 ----RD---- C:\Program Files (x86)

2013-11-06 03:18:16 ----D---- C:\Windows\Minidump

2013-11-06 03:18:12 ----D---- C:\Program Files\Google

2013-11-06 03:18:12 ----D---- C:\Program Files (x86)\Google

2013-11-06 03:16:43 ----HD---- C:\ProgramData

2013-11-06 01:33:51 ----D---- C:\Windows\Panther

2013-11-06 01:29:25 ----RD---- C:\Windows\Offline Web Pages

2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\wbem

2013-11-06 01:29:20 ----SD---- C:\Windows\Downloaded Program Files

2013-11-05 19:40:25 ----D---- C:\Program Files (x86)\Advanced System Optimizer 3

2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013

2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-05 06:14:03 ----D---- C:\ProgramData\ScanSoft

2013-11-05 06:13:56 ----D---- C:\Program Files (x86)\Common Files

2013-11-05 05:17:19 ----D---- C:\Windows\SYSWOW64\drivers

2013-11-02 08:17:16 ----D---- C:\Program Files (x86)\ExpressFiles

2013-11-01 10:16:52 ----D---- C:\Users\Peter\AppData\Roaming\Uniblue

2013-11-01 10:16:51 ----D---- C:\Program Files (x86)\Uniblue

2013-11-01 10:10:12 ----D---- C:\Windows\SoftwareDistribution

2013-11-01 09:49:26 ----D---- C:\Windows\SYSWOW64\RTCOM

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkAPO64.dll

2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkApi64.dll

2013-11-01 09:46:35 ----D---- C:\ProgramData\NVIDIA

2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll

2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll

2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvd3dumx.dll

2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvapi64.dll

2013-11-01 09:09:59 ----D---- C:\Windows\Logs

2013-11-01 09:09:58 ----D---- C:\ProgramData\VSO

2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\Nero

2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\HpUpdate

2013-10-28 06:41:06 ----D---- C:\Windows\Microsoft.NET

2013-10-28 06:16:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2013-10-27 16:52:00 ----D---- C:\Windows\SYSWOW64\en-US

2013-10-27 16:51:59 ----D---- C:\Windows\system32\en-US

2013-10-20 16:13:05 ----D---- C:\ProgramData\TuneUp Software

2013-10-19 00:44:56 ----D---- C:\Acv

2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvsvc64.dll

2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvcpl.dll

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvvsvc.exe

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvshext.dll

2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvmctray.dll

2013-10-11 15:38:12 ----A---- C:\Windows\system32\TURegOpt.exe

2013-10-11 15:38:08 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll

2013-10-11 15:38:08 ----A---- C:\Windows\SYSWOW64\authuitu.dll

2013-10-11 15:38:08 ----A---- C:\Windows\system32\uxtuneup.dll

2013-10-11 15:38:08 ----A---- C:\Windows\system32\authuitu.dll

2013-10-10 05:46:10 ----RSD---- C:\Windows\assembly

2013-10-10 05:25:39 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 17:12:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-10-07 09:25:25 ----RSD---- C:\Windows\Fonts

2013-10-07 09:24:45 ----D---- C:\Program Files (x86)\OpenOffice.org 3

2013-10-05 21:31:48 ----D---- C:\Mike

2013-09-22 13:23:05 ----D---- C:\Program Files (x86)\DVDFab 9

2013-09-22 13:23:03 ----D---- C:\Users\Peter\AppData\Roaming\DVDFab9

2013-09-19 04:44:11 ----D---- C:\ProgramData\Wincert

2013-09-03 13:35:10 ----N---- C:\Windows\system32\MpSigStub.exe

2013-08-25 11:59:09 ----D---- C:\Windows\system

2013-08-24 13:47:09 ----D---- C:\Program Files (x86)\SMINST

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2012-04-08 568600]

R0 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2013-07-26 123704]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-19 503352]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/19 15:47:50]; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-03-19 146928]

R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip64.sys [2013-06-19 30056]

R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys [2009-02-18 487936]

R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-02-18 37888]

R3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2011-10-20 322760]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-01 3641688]

R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver; C:\Windows\system32\DRIVERS\jmccgp.sys [2013-07-26 17136]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-03 1885792]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 12537632]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 168960]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]

S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-26 250984]

S3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS [2013-07-26 52224]

S3 ST50220;Sonix ST50220 USB Video Camera Driver; C:\Windows\System32\Drivers\ST50220.sys [2008-05-29 44544]

S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]

S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-10 38400]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-11-07 166352]

R2 ASO3DiskOptimizer;ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2012-09-07 263520]

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-09-04 1432080]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 Brother XP spl Service;BrSplService; C:\Windows\SysWOW64\brsvc01a.exe [2004-06-14 57344]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]

R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512]

R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-15 922912]

R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-11-01 288472]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-10-11 2409272]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]

S2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-05-30 16000]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648]

S3 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 30798512]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 27648]

S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-22 1012344]

S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]

S4 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2008-12-09 242424]

S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]

S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {4849502D-5637-006A-76A7-7A786E7484D7};c
 C:\Program Files (x86)\AskPartnerNetwork;fs
 {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6};c
 {6e47d688-85ec-465a-9946-ec58220f14fc};c
 {4849502D-5637-006A-76A7-7A786E7484D7};c
 ApnTBMon;s
 {B658800C-F66E-4EF3-AB85-6C0C227862A9};c
 APNMCP;s
 C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job;f
 C:\Windows\tasks\ASO-OneClickCare.job;f
 C:\Windows\tasks\Driver Booster Update.job;f
 C:\Windows\tasks\SpeedUpMyPC.job;f
 C:\Windows\tasks\spmonitor.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}];r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "ApnTBMon"=-;r64
 C:\ProgramData\AskPartnerNetwork;fs
 C:\Program Files (x86)\AskPartnerNetwork;fs
 C:\ProgramData\APN;fs
 C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP;f
 C:\ProgramData\Babylon;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 14-November-2013

Tool run by Peter on vr 15/11/2013 at 21:56:14,44.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Film downloads\zoek.scr [script inserted] [Checkboxes used]

==== System Restore Info ======================

15/11/2013 21:58:16 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\PROGRA~2\GUM6135.tmp deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\TuneUp Utilities 2011 deleted successfully

C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Program Files\Google deleted successfully

C:\ProgramData\AOL deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Browser Manager deleted successfully

C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted successfully

C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully

C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC} deleted successfully

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\Users\Peter\AppData\Roaming\7952 deleted successfully

C:\Users\Peter\AppData\Roaming\HpUpdate deleted successfully

C:\Users\Peter\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\Peter\AppData\Roaming\Opera deleted successfully

C:\Users\Peter\AppData\Roaming\PerformerSoft deleted successfully

C:\Users\Peter\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Peter\AppData\Roaming\YourFileDownloader deleted successfully

C:\Users\Peter\AppData\Local\Opera deleted successfully

C:\Users\Peter\AppData\Local\PackageAware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} deleted successfully

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{6e47d688-85ec-465a-9946-ec58220f14fc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\APNMCP deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASO3DiskOptimizer deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ASO3DiskOptimizer deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"ApnTBMon"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Babylon not found

C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} not found

C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found

C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC} not found

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found

"C:\Windows\Installer\651b5b.msi" not found

"C:\Windows\Installer\651b62.msi" not found

C:\ProgramData\AskPartnerNetwork deleted

C:\ProgramData\APN deleted

C:\PROGRA~2\Uniblue\SpeedUpMyPC deleted

C:\PROGRA~2\Advanced System Optimizer 3 deleted

C:\PROGRA~2\BearShare Applications\Mediabar deleted

C:\PROGRA~2\iMesh Applications deleted

C:\PROGRA~2\Protected Search deleted

C:\PROGRA~2\MyPC Backup deleted

C:\PROGRA~2\Red Sky deleted

C:\PROGRA~2\Search Results Toolbar deleted

C:\PROGRA~2\AVG Secure Search deleted

C:\found.000 deleted

C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted

C:\Users\Peter\AppData\Roaming\Uniblue deleted

C:\Users\Peter\AppData\Roaming\Searchya deleted

C:\Users\Peter\AppData\Roaming\GoforFiles deleted

C:\Users\Peter\AppData\Roaming\DDownTango6bToolbar deleted

C:\Users\Peter\AppData\Roaming\ExpressFiles deleted

C:\Users\Peter\AppData\Roaming\Systweak deleted

C:\ProgramData\BrowserProtect deleted

C:\ProgramData\Systweak deleted

C:\ProgramData\StarApp deleted

C:\ProgramData\Wincert deleted

C:\ProgramData\SweetIM deleted

C:\ProgramData\Uniblue\DriverScanner deleted

C:\ProgramData\AVG Secure Search deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\Package Cache deleted

C:\Users\Peter\AppData\Local\speeddial.crx deleted

C:\Users\Peter\AppData\Local\AVG Secure Search deleted

C:\Users\Peter\AppData\Local\BearShare deleted

C:\Users\Peter\AppData\Local\Systweak deleted

C:\Users\Peter\AppData\Local\DownTango deleted

C:\Users\Peter\AppData\Local\AskPartnerNetwork deleted

C:\Users\Peter\AppData\Local\Babylon deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\windows\SysNative\Tasks\Searchya deleted

C:\Windows\Tasks\SpeedUpMyPC.job deleted

C:\Windows\SysNative\sasnative64.exe deleted

C:\Users\Peter\AppData\LocalLow\express-files deleted

C:\Users\Peter\AppData\LocalLow\SweetIM deleted

C:\Users\Peter\AppData\LocalLow\AVG Secure Search deleted

C:\Users\Peter\AppData\LocalLow\IAC deleted

C:\Users\Peter\AppData\LocalLow\bearsharetoolbarguid deleted

C:\Users\Peter\AppData\LocalLow\Delta deleted

C:\Users\Peter\AppData\LocalLow\Smartbar deleted

C:\Users\Peter\AppData\LocalLow\DataMngr deleted

C:\Users\Peter\AppData\LocalLow\SimplyTech deleted

C:\Users\Peter\AppData\LocalLow\PriceGong deleted

C:\Users\Peter\AppData\LocalLow\Conduit deleted

C:\Users\Peter\AppData\LocalLow\Toolbar4 deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\windows\SysNative\tasks\ProtectedSearch deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\windows\SysNative\Tasks\Advanced System Protector deleted

C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted

C:\windows\SysNative\Tasks\EPUpdater deleted

C:\Windows\tasks\spmonitor.job deleted

C:\windows\SysNative\tasks\spmonitor deleted

C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job deleted

C:\Windows\tasks\ASO-OneClickCare.job deleted

C:\windows\SysNative\tasks\YourFile DownloaderUpdate deleted

C:\windows\SysNative\tasks\RegClean Pro deleted

C:\Windows\Launcher.exe deleted

C:\Users\Public\Desktop\Advanced System Protector.lnk deleted

C:\Users\Public\Desktop\SpeedUpMyPC.lnk deleted

C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted

"C:\Windows\tasks\Driver Booster Update.job" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCall.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla17.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla18.exe" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla19.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla2.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla20.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.dll" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.exe" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseData.ini" deleted

"C:\PROGRA~2\ExpressFiles\EFUpdater.exe" deleted

"C:\PROGRA~2\ExpressFiles\htmlayout.dll" deleted

"C:\PROGRA~2\Advanced System Protector\AdvancedSystemProtector.exe" deleted

"C:\PROGRA~2\Advanced System Protector\aspsys.dll" deleted

"C:\PROGRA~2\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL" deleted

"C:\PROGRA~2\Advanced System Protector\System.Data.SQLite.dll" deleted

"C:\PROGRA~2\Advanced System Protector\unrar.dll" deleted

"C:\PROGRA~2\Advanced System Protector\Xceed.Compression.dll" deleted

"C:\PROGRA~2\Advanced System Protector\Xceed.FileSystem.dll" deleted

"C:\PROGRA~2\Advanced System Protector\Xceed.Zip.dll" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\Program Files (x86)\AskPartnerNetwork" deleted

"C:\PROGRA~2\ExpressFiles" deleted

"C:\PROGRA~2\Advanced System Protector" not deleted

"C:\PROGRA~2\AskPartnerNetwork" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted

"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Peter\AppData\Local\Temp ====

2013-11-06 02:26:34 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\Peter\AppData\Local\Temp\69492353-BAB0-7891-8CCF-681D164AB388\Latest\IEHelper.dll

2013-11-06 02:26:34 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\Peter\AppData\Local\Temp\69492353-BAB0-7891-8CCF-681D164AB388\Latest\sqlite3.dll

2013-11-06 02:25:24 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\Peter\AppData\Local\Temp\E445E0A7-BAB0-7891-84DD-7DF30FFDE075\Latest\IEHelper.dll

2013-11-06 02:25:24 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\Peter\AppData\Local\Temp\E445E0A7-BAB0-7891-84DD-7DF30FFDE075\Latest\sqlite3.dll

2013-11-05 23:56:35 D8CD92EC440E97B9F146AB8AF5A22599 163720 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\psuser.dll

2013-11-05 23:56:35 CFAF7B67C78D09D79688AEDCA3D090E2 597896 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\npGoogleUpdate3.dll

2013-11-05 23:56:35 5A868A07FD086421BC103C8087023B31 163720 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\psmachine.dll

2013-11-05 23:56:33 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateBroker.exe

2013-11-05 23:56:33 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleCrashHandler.exe

2013-11-05 23:56:33 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateOnDemand.exe

2013-11-05 23:56:33 70AB209D149CB85AB9B8021947AFB6B0 26112 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateHelper.msi

2013-11-05 23:56:33 6D6B5D52BB81F82F5D0103E6175D1F4F 869256 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\goopdate.dll

2013-11-05 23:56:33 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdate.exe

2013-11-05 23:56:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateSetup.exe

2013-11-05 23:56:33 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleCrashHandler64.exe

====== C:\Windows\SysWOW64 =====

2013-11-14 22:28:12 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-14 22:28:05 DCB083DB10F5CD7570482954BDFE6DB3 3627008 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-11-14 22:28:05 94BA6C93133DE9808813EA28C85FA6F2 480256 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-11-14 22:28:02 CBB77FF32F63F6C5D0A64B33F3296401 671232 ----a-w- C:\Windows\SysWOW64\mstime.dll

2013-11-14 22:28:02 BEF8AD1543B64730785D2109C1D13439 389632 ----a-w- C:\Windows\SysWOW64\html.iec

2013-11-14 22:28:02 B1BFB57EE386721291523F0F84A1B8F4 1383424 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-11-14 22:28:02 A5200E2D1322AF0F7D277183184B1F5A 180736 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-11-14 22:28:02 86341C8175272B17CC745D0CD0419189 498688 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-11-14 22:28:02 763D527FB0BED25520F9EC0FB3C70AB3 27648 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-11-14 22:28:02 548468398917AA0A2BABDBFC4B12E429 1177600 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-11-14 22:28:02 4BC634AC420F0A19C0877DFD107765FC 193024 ----a-w- C:\Windows\SysWOW64\iepeers.dll

2013-11-14 22:28:02 2F5B397636F8FE52DC30A6B4102FE6EE 6119424 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-11-14 22:28:02 223C58197AB81772A121F8E92ECFB1C7 19456 ----a-w- C:\Windows\SysWOW64\corpol.dll

2013-11-14 22:28:02 20CCD6A06E5908107B0FA0DE7C93EB3E 106496 ----a-w- C:\Windows\SysWOW64\url.dll

2013-11-14 22:28:02 1CF733C64CA2C8A334991EE11172F3EB 834048 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-11-14 22:28:02 1937AFFC20FEAFD62EA4B6B542F7E0B1 271872 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-11-14 22:28:01 9D2DE6F8E73ADAEB7F25F1E4DA553C80 380928 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2013-11-14 22:27:49 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-11-14 22:25:36 804513A03B06FE8DC56CAD879BA42FD6 304128 ----a-w- C:\Windows\SysWOW64\gdi32.dll

2013-11-05 04:17:19 6D9909BC35F789D4FF9243220694EE66 4392 ----a-w- C:\Windows\SysWOW64\HideMyIpSRVOff.ini

2013-11-05 04:17:19 5D446E440DC9F102342E77EBDE3682A4 8240 ----a-w- C:\Windows\SysWOW64\HideMyIpSRV.ini

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-11-14 22:28:13 0401A380C88754B2399F8043AC9B2BF9 462848 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL

2013-11-14 22:28:12 F947921ABCF504A7CA03F28709324F9D 781824 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL

2013-11-14 22:28:12 294362FF85B023080703240B0696D1D8 217074 ----a-w- C:\Windows\Sysnative\WFP.TMF

2013-11-14 22:28:09 A4B19D5D686C2DB90004875BD15AB509 5737984 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-11-14 22:28:05 8F4BEDAA4B06D1F4962A43CF3C7C033F 763392 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-11-14 22:28:02 F5C4F4FF16FDAF8B20D4447186A7D9C5 1383424 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-11-14 22:28:02 BCDDEA75EF56A5D76CE6051D60184AFB 249856 ----a-w- C:\Windows\Sysnative\iepeers.dll

2013-11-14 22:28:02 BCCAA65BDDDF000ED7D833BD7AE44769 33792 ----a-w- C:\Windows\Sysnative\corpol.dll

2013-11-14 22:28:02 A80333C6695E8260659F24F0F95DE1A9 623104 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-11-14 22:28:02 A1E6CB146F6DFE122E9D828EF3ED446D 7051776 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-11-14 22:28:02 89533400A5ED732B7DD0B4FFF5CA73C5 1032192 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-11-14 22:28:02 67460D3E934323F914F6BB529F47AF38 32256 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-11-14 22:28:02 64266732A841CD56E450B63BBEE96D2F 224768 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-11-14 22:28:02 53920CF165DC550F090B535EC87D9504 1430528 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-11-14 22:28:02 405B795794A087E36A183BACFB4C2708 1129984 ----a-w- C:\Windows\Sysnative\mstime.dll

2013-11-14 22:28:02 3AD2EF3A0B6F50DBAE8095B9C90B283F 422400 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2013-11-14 22:28:02 31D494735F33D1202D9949E4DDCBF0F4 485376 ----a-w- C:\Windows\Sysnative\html.iec

2013-11-14 22:28:02 2CEF39BCC201A3D0C8056BBCCD637B81 108544 ----a-w- C:\Windows\Sysnative\url.dll

2013-11-14 22:28:02 2202EBD33F34CAD2D41D290131C06EDD 377856 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-11-14 22:27:49 3B748E0A5FAA10E4DD2165A6E859C59C 1278976 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-11-14 22:25:36 8C92D6DB08B4632D9E680B783C02DE04 389632 ----a-w- C:\Windows\Sysnative\gdi32.dll

2013-11-05 04:36:38 210F65597C5D49E462BF47E845CE31F7 528 ----a-w- C:\Windows\Sysnative\avgrep.txt

2013-11-05 04:17:19 DE98A7BA286610F52872FFBFDF7785B3 4392 ----a-w- C:\Windows\Sysnative\HideMyIpSRVOff.ini

====== C:\Windows\Sysnative\drivers =====

2013-11-14 22:25:32 2BA159E1F9FD75F6A496742B20F1D9CF 404992 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-05 04:17:19 D32A664F2F0F396511D0403142C4C80B 30056 ----a-w- C:\Windows\Sysnative\drivers\hmip64.sys

2013-11-01 08:49:10 0F74F85AAB85B099BF900D6FF63D85B9 646313 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT

2013-11-01 08:49:10 0CDE7928C4B99C25AAED3B4E84E78168 3641688 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys

2013-11-01 08:45:26 5A81DCCDA60D41BAC26C00B650D8769D 12537632 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2013-11-01 08:15:33 B68385FD0CB677A1BB3EAB0BEB2999B7 17720 ----a-w- C:\Windows\Sysnative\drivers\SmartDefragDriver.sys

2013-11-01 08:10:03 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

====== C:\Windows\Tasks ======

2013-11-01 08:25:40 C380DA57651440D4D8934F8FA3B42905 3166 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag_Startup

2013-11-01 08:25:39 70394E5A240B76CF70C04E5F38E8A0D8 3164 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefragUpdate

2013-11-01 08:15:31 74100C64FA17818A612FF0EE7BE4619C 3214 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Scan

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-12 20:53:08 -------- d-----w- C:\Program Files\trend micro

2013-11-06 02:25:29 -------- d-----w- C:\Program Files\Unlocker

======= C:\PROGRA~2 =====

2013-11-06 20:46:48 -------- d-----w- C:\PROGRA~2\Internet Explorer

2013-11-01 07:37:45 -------- d-----w- C:\PROGRA~2\IObit

2013-10-31 21:51:49 -------- d-----w- C:\PROGRA~2\Enigma Software Group

2013-10-31 21:51:00 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard

======= C: =====

2013-10-31 21:52:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Peter\AppData\Roaming ======

2013-11-06 02:25:29 -------- d-----w- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker

2013-11-05 23:41:50 87720BD21772A6174705E3317322DD05 732 ----a-w- C:\Users\Peter\AppData\Local\d3d9caps64.dat

2013-11-01 07:45:52 -------- d-----w- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 07:38:00 -------- d-----w- C:\Users\Peter\AppData\Roaming\Apple Computer

2013-11-01 07:38:00 -------- d-----w- C:\Users\Peter\AppData\Locallow\IObit

2013-11-01 07:37:53 -------- d-----w- C:\Users\Peter\AppData\Roaming\IObit

2013-10-26 13:46:46 -------- d-----w- C:\Users\Peter\AppData\Roaming\HideIPEasy

2013-10-18 04:33:41 8C44D0657088A26BE0B4B4BB1FF6B78E 17136 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\prvlcl.dat

====== C:\Users\Peter ======

2013-11-06 01:58:44 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (2).exe

2013-11-06 01:55:53 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (4).exe

2013-11-06 01:55:52 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (3).exe

2013-11-06 01:54:17 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (2).exe

2013-11-06 01:54:09 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (1).exe

2013-11-06 01:54:04 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup.exe

2013-11-06 00:56:45 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (1).exe

2013-11-06 00:49:53 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed.exe

2013-11-05 03:02:43 363A4A68A86441777924DF8219AEB72C 489392 ----a-w- C:\Users\Peter\Documents\APNSetup1.exe

2013-11-01 08:15:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

2013-11-01 08:01:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2

2013-11-01 07:45:52 -------- d-----w- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe

2013-11-01 07:38:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2013-11-01 07:37:59 -------- d-----w- C:\ProgramData\ProductData

2013-11-01 07:37:53 -------- d-----w- C:\ProgramData\IObit

2013-10-26 13:46:46 -------- d-----w- C:\ProgramData\HideIPEasy

2013-10-26 13:46:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP Easy

2013-10-23 14:33:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==

2013-11-14 22:28:02 8F12A96E94811AD0FAAE6950A0B343C5 389632 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe

2013-11-14 22:28:02 1232E2041A428E860F794392AA7B8912 304128 ----a-w- C:\Program Files (x86)\Internet Explorer\ieuser.exe

2013-11-12 20:53:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Peter.exe

2013-11-12 20:52:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Film downloads\RSITx64.exe

2013-11-12 05:23:57 4D0EE094196D56C30E34F92C851C0E9B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IR3NU9U.exe

2013-11-11 06:11:49 F5B8CF5BD7BFFAD1CF53BD08810B10CC 331712 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RR3NU9U.exe

=== C: other files ==

2013-11-15 20:51:52 1BBC4C5188C847EE6FAC6D94E1049F47 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IRFA52J.com

2013-11-15 20:37:37 90BD324DA65A123553AB4759378B6596 1394331 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RRFA52J.com

2013-11-14 22:25:32 2BA159E1F9FD75F6A496742B20F1D9CF 404992 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-11-14 22:24:38 996A3276CC02FFE94C81D1D305EBF713 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IR0LDMO.zip

2013-11-14 22:23:31 F929500C03A3E6B6D690983BCB0D1503 32047 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RR0LDMO.zip

2013-11-14 20:54:12 CB4F5E32EF002544FEE60898B3EDC794 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IJQF274.zip

2013-11-14 20:51:09 F929500C03A3E6B6D690983BCB0D1503 32047 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RJQF274.zip

2013-11-12 05:24:05 2EB0F5D7036A1CB096603EA4896D24D4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$ICIQIAD.zip

2013-11-11 11:19:20 F96078A869F5EC97363588128E8EC38F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IHBZ8NK.zip

2013-11-11 11:18:17 AD4D73F19FC3096DCE5D4E707E1800B1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$I8J8TFT.zip

2013-11-11 11:18:14 89C874C3738729E88A62DA3C42137443 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IYXVK4H.zip

2013-11-11 11:16:46 6EA30B18A524A27AE9DCA96829C67217 29638 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$R8J8TFT.zip

2013-11-11 11:16:13 2DDA225F2BA5F5350D58877635A90563 30624 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RYXVK4H.zip

2013-11-11 11:15:06 CC520186B880281E1F3BFF73E95AEB75 33602 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RCIQIAD.zip

2013-11-11 10:59:32 EF7B75190B50BF6B6C10CA355097357E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IVQK1BB.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "

"Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe "

"Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"

"KBD"="C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE"

"OsdMaestro"="c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe"

"UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 "

"UpdateLBPShortCut"="c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 "

"UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0 "

"UpdatePSTShortCut"="c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"TSMAgent"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

"CLMLServer for HP TouchSmart"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

"DVDAgent"="c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart "

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"

"DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden "

"Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe "

"Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe"

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"HP Health Check Scheduler"="\"c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe\""

"HP Software Update"="\"C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"BrMfcWnd"="\"C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe\" /AUTORUN"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03]

C:\Windows\tasks\HPCeeScheduleForPeter.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 17:17]

C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [02/02/2009 19:59]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\4693" [wscript.exe C:\Users\Peter\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\ASO-System Protector_startup" [C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\Windows\SysNative\tasks\FGRun" [C:\Users\Peter\AppData\Roaming\pack.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard online update program" [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe]

"C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"]

"C:\Windows\SysNative\tasks\HP online update program" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]

"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForPeter" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe]

"C:\Windows\SysNative\tasks\Peter DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"]

"C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"]

"C:\Windows\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe]

"C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe]

"C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe]

"C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe]

"C:\Windows\SysNative\tasks\Norton Management\Norton Error Analyzer" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Management\Norton Error Processor" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ajcghoegamlabppilamagaddfdfamden - C:\Program Files (x86)\LyricsArt\116.crx[]

gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Peter\AppData\Roaming\7go\7go.crx[]

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]

niapdbllcanepiiimjjndipklodoedlc - No path found[]

Google Docs - Peter - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Peter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Peter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Peter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Peter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Peter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutDtDtByCtCzztA0DzztAzztB0EtD0D0AtN0D0Tzu0CyEzztDtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0M1L1E1F1G2U&cr=790149319&ir="

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt"

"Default_Search_URL"="http://www.google.com"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutDtDtByCtCzztA0DzztAzztB0EtD0D0AtN0D0Tzu0CyEzztDtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0M1L1E1F1G2U&cr=790149319&ir="

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt"

"Default_Search_URL"="http://www.google.com"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=BE&userid=cfc0bbe8-3108-4859-9274-cd4029da5060&searchtype=ds&q={searchTerms}&installDate=01/01/1970"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Default_Search_URL"="http://www.google.com/"

"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Default_Search_URL"="http://www.google.com/"

"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231"

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q="

"SearchAssistant"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ajcghoegamlabppilamagaddfdfamden deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Peter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\PROGRA~2\Advanced System Protector" not found

==== EOF on vr 15/11/2013 at 22:22:28,61 ======================

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (2).exe;f
 C:\Users\Peter\Downloads\ChromeSetup (4).exe;f
 C:\Users\Peter\Downloads\ChromeSetup (3).exe;f
 C:\Users\Peter\Downloads\ChromeSetup (2).exe;f
 C:\Users\Peter\Downloads\ChromeSetup (1).exe;f
 C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (1).exe;f
 C:\Users\Peter\Documents\APNSetup1.exe;f
 autoclean;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 14-November-2013

Tool run by Peter on za 16/11/2013 at 9:20:23,13.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Film downloads\zoek.com [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-15-212228.log 52925 bytes

C:\zoek-results2013-11-16-081324.log 4392 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (2).exe" not found

"C:\Users\Peter\Downloads\ChromeSetup (4).exe" not found

"C:\Users\Peter\Downloads\ChromeSetup (3).exe" not found

"C:\Users\Peter\Downloads\ChromeSetup (2).exe" not found

"C:\Users\Peter\Downloads\ChromeSetup (1).exe" not found

"C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (1).exe" not found

"C:\Users\Peter\Documents\APNSetup1.exe" not found

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04]

Advanced SystemCare Surfing Protection - Peter - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Peter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on za 16/11/2013 at 9:34:08,88 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.