Traag en sluit vanzelf af

[antijdelijk]

Hallo,

De PC is al een hele tijd erg traag en sluit soms vanzelf af. Dan duurt het een tijd vooraleer ik weer kan opstarten, zelfs in veilige modus lukt het niet. Er verschijnen ook de hele tijd advertenties en zoekopdrachten worden omgeleid.

Ik heb reeds een paar maal CCleaner gebruikt en Malware bytes laten scannen. Tijdens deze scans sloot de computer ook verschillende keren vanzelf af.

Hieronder de RSIT log die ik daarna gemaakt heb.

Alvast bedankt om hier eens naar te kijken.

Logfile of random's system information tool 1.08 (written by random/random)

Run by Vandenberghe at 2014-01-24 23:23:53

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 387 GB (81%) free of 477 GB

Total RAM: 1022 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:24:01, on 24/01/2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

C:\WINDOWS\system32\CmUCReye.exe

C:\WINDOWS\system32\ezNTSvc.exe

C:\WINDOWS\mHotkey.exe

C:\WINDOWS\CNYHKey.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Action Shop Offline Software\Agent.exe

C:\WINDOWS\vsnp2std.exe

C:\WINDOWS\system32\gearsec.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\iPod\bin\iPodService.exe

I:\RSIT-1.06.exe

C:\Program Files\trend micro\Vandenberghe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} - C:\Program Files\Torntv 2\Torntv 2-bho.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll

O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll (file missing)

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [CHotkey] mHotkey.exe

O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Action Shop Offline Software\Agent.exe"

O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130364442791

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131365030359

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab

O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://webmail.innogenetics.com/dwa7W.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\WINDOWS\system32\ezNTSvc.exe

O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe

O23 - Service: Google Updateservice (gupdate1c9a48faea7b2c) (gupdate1c9a48faea7b2c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

O23 - Service: WebCakeUpdater - cake bake - C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--

End of file - 14850 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

C:\WINDOWS\tasks\Driver Fetch.job

C:\WINDOWS\tasks\Google Software Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\jmuyus.job

C:\WINDOWS\tasks\OGADaily.job

C:\WINDOWS\tasks\OGALogon.job

C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job

C:\WINDOWS\tasks\Torntv 2-codedownloader.job

C:\WINDOWS\tasks\Torntv 2-enabler.job

C:\WINDOWS\tasks\Torntv 2-updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}]

Torntv 2 - C:\Program Files\Torntv 2\Torntv 2-bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-20 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]

Wincore Mediabar - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2004-12-02 1066968]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - Wincore Mediabar - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll []

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-01-20 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"CmUCRRun"=C:\WINDOWS\system32\CmUCReye.exe [2005-10-12 241664]

"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]

"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]

"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]

"CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912]

"ledpointer"=C:\WINDOWS\CNYHKey.exe [2005-11-10 5585408]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-01-11 15961088]

"ExtraFilmHemmaAgent"=C:\Program Files\Action Shop Offline Software\Agent.exe [2005-05-27 323584]

"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]

"EEventManager"=C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe [2006-10-12 102400]

"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]

"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-22 63712]

"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2010-06-01 126976]

"beid"=C:\Program Files\Belgium Identity Card\beid35gui.exe [2010-02-05 2056192]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-10-10 7286784]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-06-07 421776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 204288]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-05-10 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]

C:\WINDOWS\system32\LMIinit.dll [2012-05-11 87424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\WINDOWS\system32\EZUPBH~1.DLL [2006-10-25 49152]

"UPB:{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Hulp op afstand"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger"

"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax Console"

"C:\Program Files\CA\eTrust Antivirus\InocIT.exe"="C:\Program Files\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner"

"C:\Program Files\CA\eTrust Antivirus\Realmon.exe"="C:\Program Files\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor"

"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"="C:\Program Files\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server"

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"G:\DWizard624.exe"="G:\DWizard624.exe:*:Enabled:Setup Wizard Template"

"C:\Foto\bestelsoftware\dreamland - henzo\ActiveInstall_NL.exe"="C:\Foto\bestelsoftware\dreamland - henzo\ActiveInstall_NL.exe:*:Enabled:C:\Foto\bestelsoftware\dreamland - henzo\ActiveInstall_NL"

"C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe"="C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe:*:Enabled:Nero MediaHome"

"C:\Foto\bestelsoftware\dreamland - henzo\Henzo imager.exe"="C:\Foto\bestelsoftware\dreamland - henzo\Henzo imager.exe:*:Enabled:C:\Foto\bestelsoftware\dreamland - henzo\Henzo imager"

"C:\Program Files\ViRsLab\ViRsLab.exe"="C:\Program Files\ViRsLab\ViRsLab.exe:*:Enabled:VirusResponse Lab 2009"

"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\KetnetKick2\Main.exe"="C:\Program Files\KetnetKick2\Main.exe:*:Enabled:KetnetKick2"

"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Documents and Settings\All Users\Application Data\8fd5feb\MS8fd5.exe"="C:\Documents and Settings\All Users\Application Data\8fd5feb\MS8fd5.exe:*:Enabled:My Security Engine"

"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Installer voor AVG"

"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth"

"C:\Documents and Settings\Vandenberghe\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Vandenberghe\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Installer voor AVG"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\TornTV.com\Torntv Downloader.exe"="C:\Program Files\TornTV.com\Torntv Downloader.exe:*:Disabled:Torntv Downloader"

"C:\Documents and Settings\Esprit\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Esprit\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Hulp op afstand"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger"

"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax Console"

"C:\Program Files\CA\eTrust Antivirus\InocIT.exe"="C:\Program Files\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner"

"C:\Program Files\CA\eTrust Antivirus\Realmon.exe"="C:\Program Files\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor"

"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"="C:\Program Files\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

======List of files/folders created in the last 1 months======

2014-01-24 22:57:46 ----D---- C:\WINDOWS\LastGood

2014-01-24 22:57:32 ----D---- C:\Documents and Settings\Vandenberghe\Application Data\TuneUp Software

2014-01-24 22:46:55 ----D---- C:\rsit

2014-01-24 21:32:22 ----ASH---- C:\hiberfil.sys

2014-01-21 04:13:11 ----D---- C:\Documents and Settings\Vandenberghe\Application Data\TuxPaint

======List of files/folders modified in the last 1 months======

2014-01-24 23:23:55 ----D---- C:\Program Files\Trend Micro

2014-01-24 23:21:31 ----D---- C:\Program Files\NortonInstaller

2014-01-24 23:19:42 ----D---- C:\WINDOWS\system32\drivers

2014-01-24 23:19:42 ----AD---- C:\Program Files

2014-01-24 23:19:39 ----SD---- C:\WINDOWS\Tasks

2014-01-24 23:13:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2014-01-24 23:10:14 ----D---- C:\Documents and Settings\All Users\Application Data\ExtraFilm

2014-01-24 23:09:50 ----D---- C:\Program Files\ExtraFilm Designer BE NL

2014-01-24 23:08:14 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts

2014-01-24 23:03:23 ----D---- C:\Program Files\Desk 365

2014-01-24 23:02:27 ----SHD---- C:\WINDOWS\Installer

2014-01-24 23:02:22 ----D---- C:\Config.Msi

2014-01-24 23:02:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2014-01-24 22:59:49 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

2014-01-24 22:58:55 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2012

2014-01-24 22:58:41 ----D---- C:\Program Files\Common Files\AVG Secure Search

2014-01-24 22:58:38 ----D---- C:\WINDOWS\system32\drivers\AVG

2014-01-24 22:58:16 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search

2014-01-24 22:57:49 ----D---- C:\WINDOWS\inf

2014-01-24 22:57:47 ----D---- C:\WINDOWS\Temp

2014-01-24 22:57:46 ----D---- C:\WINDOWS

2014-01-24 22:56:40 ----RSHDC---- C:\WINDOWS\system32\dllcache

2014-01-24 22:56:31 ----D---- C:\WINDOWS\system32

2014-01-24 22:45:55 ----D---- C:\Program Files\Torntv 2

2014-01-24 22:45:37 ----A---- C:\WINDOWS\ModemLog_Creatix V.92 Data Fax Modem.txt

2014-01-24 22:45:25 ----D---- C:\WINDOWS\system32\CatRoot2

2014-01-24 22:44:44 ----D---- C:\WINDOWS\system32\Lang

2014-01-24 22:42:41 ----HD---- C:\WINDOWS\PIF

2014-01-24 22:41:52 ----A---- C:\WINDOWS\SchedLgU.Txt

2014-01-24 21:49:17 ----D---- C:\Program Files\PDFCreator

2014-01-24 21:49:10 ----D---- C:\WINDOWS\system32\LogFiles

2014-01-24 21:49:03 ----D---- C:\WINDOWS\Debug

2014-01-24 21:49:01 ----D---- C:\WINDOWS\Minidump

2014-01-24 20:42:22 ----D---- C:\Program Files\CCleaner

2014-01-24 19:33:59 ----A---- C:\WINDOWS\NeroDigital.ini

2014-01-24 19:31:02 ----D---- C:\Bart

2014-01-24 19:28:21 ----D---- C:\Loft

2014-01-24 19:17:39 ----D---- C:\WINDOWS\Prefetch

2014-01-24 19:16:57 ----D---- C:\Delta Water Engineering

2014-01-20 10:43:01 ----D---- C:\Program Files\Common Files\Symantec Shared

2014-01-20 10:35:43 ----D---- C:\Documents and Settings\All Users\Application Data\Norton

2014-01-20 03:02:26 ----D---- C:\WINDOWS\system32\CatRoot

2014-01-20 03:00:31 ----D---- C:\Program Files\Internet Explorer

2014-01-20 03:00:11 ----D---- C:\WINDOWS\ie8updates

2014-01-19 03:21:48 ----A---- C:\WINDOWS\system32\MRT.exe

2014-01-15 02:43:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2014-01-15 02:27:35 ----D---- C:\WINDOWS\system32\cache

2013-12-27 10:56:44 ----D---- C:\WINDOWS\system32\MRT

2013-12-26 10:13:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-15 691696]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-10-26 19915]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]

R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []

R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []

R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-12-06 826752]

R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]

R3 AgereSoftModem;Creatix V.92 Data Fax Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-06-30 1094848]

R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 CMISTOR;CMIUCR.SYS CM220 Card Reader Driver; C:\WINDOWS\system32\DRIVERS\cmiucr.SYS [2005-10-04 72320]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-01-13 4137984]

R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]

R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-10-10 3530432]

R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]

R4 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys []

R4 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys []

R4 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys []

R4 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys []

R4 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys []

R4 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys []

S0 rseb;rseb; C:\WINDOWS\system32\drivers\rseb.sys []

S1 ctredrv.sys;ctredrv.sys; \??\C:\WINDOWS\system32\drivers\ctredrv.sys []

S3 61883;61883-eenheidsapparaat; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2010-06-08 33536]

S3 Avc;AVC-apparaat; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 Bridge;MAC-brug; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]

S3 BridgeMP;MAC-brugminipoort; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]

S3 catchme;catchme; \??\C:\DOCUME~1\VANDEN~1\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 hitmanpro3;Hitman Pro 3 Support Driver; \??\C:\WINDOWS\system32\drivers\hitmanpro3.sys []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-05-09 41888]

S3 MPE;BDA MPE-filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]

S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-05-09 1276832]

S3 RT2500USB;RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-07-14 241536]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552]

S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2007-04-11 35328]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []

S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-04-25 43520]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 wandrv;WAN Network Driver; C:\WINDOWS\system32\DRIVERS\wandrv.sys [2001-08-09 22608]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

S4 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [2006-02-09 266338]

R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [2006-02-09 118880]

R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe [2006-02-09 1073152]

R2 ezntsvc;EasyBits Magic Desktop Services for Windows NT; C:\WINDOWS\system32\ezNTSvc.exe [2006-10-25 32768]

R2 gearsec;gearsec; C:\WINDOWS\system32\gearsec.exe [2003-12-01 53248]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-11-15 73728]

R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2012-05-11 374152]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-10-10 131139]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-10-28 167936]

R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]

R2 WebCakeUpdater;WebCakeUpdater; C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe [2013-08-17 51992]

R2 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 821648]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]

S2 gupdate1c9a48faea7b2c;Google Updateservice (gupdate1c9a48faea7b2c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 133104]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-15 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 133104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-08-30 53337]

S3 nosGetPlusHelper;getPlus® Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-08-30 53337]

S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2006-04-11 79432]

S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-08-30 69718]

S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2012-05-11 136584]

S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-11-08 390528]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[kape]

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {D8278076-BC68-4484-9233-6E7F1628B56C};c
 {11111111-1111-1111-1111-110311551178};c
 C:\Program Files\Torntv 2;fs
 {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c};c
 {CCC7A320-B3CA-4199-B1A6-9F516DD69829};c
 {F2E259E8-0FC8-438C-A6E0-342DD80FA53E};c
 C:\Program Files\Copernic Agent;fs
 {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084};c
 {688DC797-DC11-46A7-9F1B-445F4F58CE6E};c
 {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1};c
 WebCakeUpdater;s
 C:\Program Files\Movdap;fs
 C:\WINDOWS\tasks\jmuyus.job;f
 C:\WINDOWS\tasks\Torntv 2-codedownloader.job;f
 C:\WINDOWS\tasks\Torntv 2-enabler.job;f
 C:\WINDOWS\tasks\Torntv 2-updater.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}];r
 C:\Program Files\BearShare Applications;fs
 C:\Program Files\Desk 365;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• HijackThis Log
  
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[antijdelijk]

Dit is de log.

Voorlopig is de pc al heel wat sneller maar ik kreeg tijdens het uitvoeren van het script de melding dat bepaalde files niet toegankelijk waren voor Hijack en dat ik het manueel moest oplossen. Geen idee wat ik hiermee aan moet vangen.

Verder zijn er nog altijd pop-ups te zien.

Zoek.exe v5.0.0.0 Updated 04-Januari-2014

Tool run by Vandenberghe on za 25/01/2014 at 19:46:18,39.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Vandenberghe\Bureaublad\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

25/01/2014 19:49:07 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\Spyware Doctor deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\ArcSoft PhotoImpression 6 deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\ArcSoft PhotoStudio 5.5 deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\AutoCAD 2000 deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\AutoCAD 2000 Migration Assistance deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\AviSynth 2.5 deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\File Scavenger 3.2 deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Fotoalbum.be deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Calendar Sync deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Updater deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Kruidvat - Fotoservice deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\MixMeister deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\PDFCreator deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\QuickTime deleted successfully

C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer deleted successfully

C:\Documents and Settings\Vandenberghe\Menu Start\Programma's\Blokker Offline Software deleted successfully

C:\Documents and Settings\All Users\Application Data\Electronic Arts deleted successfully

C:\Documents and Settings\All Users\Application Data\nView_Profiles deleted successfully

C:\Documents and Settings\All Users\Application Data\Prevx deleted successfully

C:\Documents and Settings\Esprit\Application Data\Lavasoft deleted successfully

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\Vandenberghe\Application Data\AdobeUM deleted successfully

C:\Documents and Settings\Vandenberghe\Application Data\Lavasoft deleted successfully

C:\Documents and Settings\Vandenberghe\Application Data\Media Player Classic deleted successfully

C:\Documents and Settings\Vandenberghe\Application Data\TuxPaint deleted successfully

C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory deleted successfully

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google deleted successfully

C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

C:\Documents and Settings\Default User\Local Settings\Application Data\ApplicationHistory deleted successfully

C:\Documents and Settings\Default User\Local Settings\Application Data\Google deleted successfully

C:\Documents and Settings\Default User\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\PackageAware deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google deleted successfully

C:\Documents and Settings\Quinten\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

C:\Documents and Settings\Vandenberghe\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{688DC797-DC11-46A7-9F1B-445F4F58CE6E} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\SearchScopes\{0DF562A7-D5BA-4E0F-BF27-6DC1D9930B82} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311551178} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{688DC797-DC11-46A7-9F1B-445F4F58CE6E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} deleted successfully

HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{688DC797-DC11-46A7-9F1B-445F4F58CE6E} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

C:\WINDOWS\system32\ezNTSvc.exe

C:\WINDOWS\system32\gearsec.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\CmUCReye.exe

C:\WINDOWS\mHotkey.exe

C:\WINDOWS\CNYHKey.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Action Shop Offline Software\Agent.exe

C:\WINDOWS\vsnp2std.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Documents and Settings\Vandenberghe\Bureaublad\zoek\zoek.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCakeUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater13.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vToolbarUpdater13.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater13.2.0 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\Desk 365 not found

C:\Program Files\Torntv 2 deleted

C:\Program Files\Copernic Agent deleted

C:\Program Files\BearShare Applications deleted

C:\Program Files\TornTV.com deleted

C:\Program Files\Betcat deleted

C:\Program Files\Common Files\337 deleted

C:\Program Files\WebCake deleted

C:\Program Files\Conduit deleted

C:\Program Files\Common Files\AVG Secure Search deleted

C:\Documents and Settings\Esprit\Application Data\Uniblue deleted

C:\Documents and Settings\Esprit\Application Data\Betcat deleted

C:\Documents and Settings\Esprit\Application Data\Tepfel deleted

C:\Documents and Settings\Esprit\Application Data\Movdap deleted

C:\Documents and Settings\Esprit\Application Data\Desk 365 deleted

C:\Documents and Settings\Esprit\Application Data\eIntaller deleted

C:\Documents and Settings\Esprit\Application Data\AVG Secure Search deleted

C:\Documents and Settings\Quinten\Application Data\Desk 365 deleted

C:\Documents and Settings\Quinten\Application Data\AVG Secure Search deleted

C:\Documents and Settings\All Users\Application Data\APN deleted

C:\Documents and Settings\All Users\Application Data\boost_interprocess deleted

C:\Documents and Settings\All Users\Application Data\Tarma Installer deleted

C:\Documents and Settings\All Users\Application Data\Trymedia deleted

C:\Documents and Settings\Esprit\Local Settings\Application Data\BearShare deleted

C:\Documents and Settings\Esprit\Local Settings\Application Data\ZoneAlarm deleted

C:\Documents and Settings\Esprit\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Quinten\Local Settings\Application Data\ZoneAlarm deleted

C:\Documents and Settings\Quinten\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Vandenberghe\Local Settings\Application Data\Conduit deleted

C:\WINDOWS\tasks\Torntv 2-codedownloader.job deleted

C:\WINDOWS\tasks\Torntv 2-enabler.job deleted

C:\WINDOWS\tasks\Torntv 2-updater.job deleted

C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted

C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job deleted

C:\WINDOWS\System32\InstallUtil.InstallLog deleted

C:\WINDOWS\System32\SET1DF.tmp deleted

C:\WINDOWS\System32\SET1EB.tmp deleted

C:\WINDOWS\System32\SET3CF.tmp deleted

"C:\WINDOWS\tasks\jmuyus.job" not deleted

"C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe" deleted

"C:\Program Files\Movdap\WBDesktop.Updater.1.0.0.16.exe" deleted

"C:\Program Files\Movdap" not deleted

"C:\Program Files\Movdap" not deleted

==== System Specs ======================

Windows: Windows XP Home Edition Service Pack 3 (Build 2600)

Memory (RAM): 1023 MB

CPU Info: Intel® Pentium® D CPU 3.00GHz

CPU Speed: 2988,3 MHz

Sound Card: Realtek HD Audio output |

Display Adapters: NVIDIA GeForce 6700 XL | LogMeIn Mirror Driver | NetMeeting driver | RDPDD Chained DD

Monitors: 1x; Plug en Play-monitor |

Screen Resolution: 1680 X 1050 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8139 Family PCI Fast Ethernet NIC

CD / DVD Drives: 2x (F: | G: | ) F: SONY DVD RW DW-G121A | G: SONY DVD-ROM DDU1615

Ports: COM3 | COM1 | COM2 LPT1

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 465,6GB | D: 451,2GB | E: 14,6GB

Hard Disks - Free: C: 377,7GB | D: 353,2GB | E: 4,6GB

Manufacturer *: Phoenix Technologies, LTD

BIOS Info: AT/AT COMPATIBLE | 01/13/06 | IntelR - 42302e31

Time Zone: Romance (standaardtijd)

Motherboard *: MICRO-STAR INTERNATIONAL CO., LTD MS-7204

Country: België

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: AVG Anti-Virus Free Edition 2012 On-access scanning disabled (Outdated)

Firewall: AVG Internet Security 2012 enabled

Firewall: ZoneAlarm Firewall disabled

Internet Explorer version: 8.0.6001.18702

Google Chrome version: 31.0.1650.63

Adobe Reader version: 9.1.0.2009022700

Sun Java version: 1.7.0_45 (32-bit)

Shockwave Player version: 11.6.4r634

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\VANDEN~1\LOCALS~1\Temp ====

2014-01-24 21:57:59 E568B0FB03929300E1FD44B87D1713DC 1960984 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temp\UNINSTALL.EXE

2014-01-24 21:44:10 FC76205DB293EACB9B8E1E4F13EB56C6 19507200 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temp\EAD1.exe

2014-01-24 19:10:19 7760DAF1B6A7F13F06B25B5A09137CA1 24064 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\nsg2F.tmp\inetc.dll

2014-01-24 19:09:52 132E6153717A7F9710DCEA4536F364CD 6144 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\nsg2F.tmp\nsExec.dll

2014-01-24 19:09:42 C24568A3B0D7C8D7761E684EB77252B5 5120 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\nsg2F.tmp\ButtonEvent.dll

2014-01-24 19:09:25 C7CE0E47C83525983FD2C4C9566B4AAD 4096 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\nsg2F.tmp\UserInfo.dll

2014-01-24 19:09:24 BF712F32249029466FA86756F5546950 11264 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\nsg2F.tmp\System.dll

2014-01-24 19:07:11 EF39CCCC9AD927A25334AE0B41A8A343 527944 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\is-AF413.tmp\mbam.dll

2014-01-24 19:07:08 92DC6EF532FBB4A5C3201469A5B5EB63 23312 ----a-w- C:\Documents and Settings\Esprit\Local Settings\Temp\is-AF413.tmp\_isetup\_shfoldr.dll

2014-01-15 01:29:50 92EB5C4EAFA4AD24BB80908CDED3315F 1210320 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_27AF0.tmp\setup.exe

====== C:\WINDOWS\system32 =====

2014-01-25 18:24:56 B01416804D89B5EC1D206E6DF542DFAB 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl

2014-01-25 18:24:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\System32\javaws.exe

2014-01-25 18:24:45 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\System32\javaw.exe

2014-01-25 18:24:45 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll

2014-01-25 18:24:45 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\System32\java.exe

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-01-25 18:25:02 -------- d-----w- C:\Program Files\Common Files\Java

======= C: =====

====== C:\Documents and Settings\Vandenberghe\Application Data ======

2014-01-24 21:57:32 -------- d-----w- C:\Documents and Settings\Vandenberghe\Application Data\TuneUp Software

====== C:\Documents and Settings\Vandenberghe ======

2014-01-24 20:07:36 -------- d-sh--w- C:\Documents and Settings\Administrator\IETldCache

====== C: exe-files ==

2014-01-25 18:24:38 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe

2014-01-25 18:24:38 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe

2014-01-25 18:24:38 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe

2014-01-25 18:24:37 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe

2014-01-25 18:24:37 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe

2014-01-25 18:24:37 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe

2014-01-25 18:24:37 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe

2014-01-25 18:24:37 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe

2014-01-25 18:24:37 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe

2014-01-25 18:24:37 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe

2014-01-25 18:24:37 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe

2014-01-25 18:24:37 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe

2014-01-25 18:24:37 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe

2014-01-25 18:24:37 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe

2014-01-25 18:24:37 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe

2014-01-25 18:24:37 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe

2014-01-25 18:24:37 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe

2014-01-25 18:24:37 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe

2014-01-25 18:24:37 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe

2014-01-25 18:24:37 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe

2014-01-25 18:24:37 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe

2014-01-25 18:23:58 76C0E995B2F29E55580B8FD3F78CFB4F 915368 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\8CVYMZUL\JavaSetup7u45[2].exe

2014-01-25 18:16:08 76C0E995B2F29E55580B8FD3F78CFB4F 915368 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\8CVYMZUL\JavaSetup7u45[1].exe

2014-01-24 21:57:59 E568B0FB03929300E1FD44B87D1713DC 1960984 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temp\UNINSTALL.EXE

2014-01-24 21:47:00 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Vandenberghe.exe

2014-01-24 21:44:10 FC76205DB293EACB9B8E1E4F13EB56C6 19507200 ----a-w- C:\Documents and Settings\Vandenberghe\Local Settings\Temp\EAD1.exe

2014-01-23 22:18:09 ACCF09B6587E31C57E575D6FEE5ADA28 904272 ----a-w- C:\Documents and Settings\Esprit\Application Data\uTorrent\updates\3.3.2_30303.exe

2014-01-20 09:36:08 0A2CBA6BF5052F9C4DFEEF2DBF2794F6 343992 ----a-w- C:\Documents and Settings\Quinten\Local Settings\Temporary Internet Files\Content.IE5\DCS3AHDQ\SymInstallStub[1].exe

2014-01-20 02:38:42 1ACCA74287FE5D7449FBB2B9F0C83341 309328 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_D053C89A9DB0461F.exe

2014-01-20 02:38:36 228A4633D638F7EEA6400D5ED5274397 1071696 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe

2014-01-20 02:38:08 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe

2014-01-18 23:32:22 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-18 23:32:22 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-18 23:32:20 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-18 23:32:03 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-18 23:32:03 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-18 23:32:02 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-18 23:31:47 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

=== C: other files ==

2014-01-25 18:24:38 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

2014-01-25 18:21:29 2A58F4026C921B675CE0124AA5CE8E2B 168 ---ha-w- C:\Program Files\Common Files\X10\Common\x10prod.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2560884790-2154505214-3864628255-1008\Software\Microsoft\Windows\CurrentVersion\Run]

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CmUCRRun"="C:\WINDOWS\system32\CmUCReye.exe"

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"

"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC"

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC"

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName"

"CHotkey"="mHotkey.exe"

"ledpointer"="CNYHKey.exe"

"RTHDCPL"="RTHDCPL.EXE"

"ExtraFilmHemmaAgent"="C:\Program Files\Action Shop Offline Software\Agent.exe"

"snp2std"="C:\WINDOWS\vsnp2std.exe"

"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe"

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

"Google Quick Search Box"="C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun"

"beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"

"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

==== Startup Folders ======================

2006-09-04 17:49:45 664 ----a-w- C:\Documents and Settings\Esprit\Menu Start\Programma's\Opstarten\Juice.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15/01/2014 02:44]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\Driver Fetch.job --a------ [undetermined Task]

C:\WINDOWS\tasks\Google Software Updater.job --a------ [undetermined Task]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/03/2009 11:24]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/03/2009 11:24]

C:\WINDOWS\tasks\jmuyus.job --ahs---- [undetermined Task]

C:\WINDOWS\tasks\OGADaily.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04]

C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 17:04]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [15/03/2010 21:56]

==== Firefox Extensions ======================

ExtDir: C:\Documents and Settings\Esprit\Application Data\Mozilla\Firefox\Profiles\extensions

- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid.xpi

==== Firefox Plugins ======================

==== Deleted Firefox Extensions ======================

C:\Documents and Settings\Esprit\Application Data\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files\TornTV.com\torntv10.crx[]

fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files\Movdap\WebCakeLayers.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\Documents and Settings\All Users\Application Data\\ChromeExt\\avg.crx[]

Torntv 3 - Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj

WebCake - Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

AVG Secure Search - Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Google Docs - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Torntv 3 - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj

YouTube - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Web Cake - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

AVG Security Toolbar - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Google Wallet - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully

C:\Documents and Settings\Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bicnnkjibmphdeigoodpjlcklcnaobdj_0.localstorage deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bicnnkjibmphdeigoodpjlcklcnaobdj_0.localstorage-journal deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

C:\Documents and Settings\Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjoijdanhaiflhibkljeklcghcmmfffh_0.localstorage deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjoijdanhaiflhibkljeklcghcmmfffh_0.localstorage-journal deleted successfully

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

C:\Documents and Settings\Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"SearchMigratedDefaultURL"="{searchTerms} - Google Search"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="Google"

"Start Page"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Google"

"CustomizeSearch"="Google"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"SearchMigratedDefaultURL"="Bing"

"Start Page"="https://www.google.be/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{2C8E2C60-9822-4F3D-A715-A8ECB73C0757} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2 deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [CHotkey] mHotkey.exe

O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Action Shop Offline Software\Agent.exe"

O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130364442791

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1131365030359

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/DesktopModules/SpectorAlbum/ImageUploader3.cab

O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.smartphoto.be/ExtraFilmUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://webmail.innogenetics.com/dwa7W.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\WINDOWS\system32\ezNTSvc.exe

O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe

O23 - Service: Google Updateservice (gupdate1c9a48faea7b2c) (gupdate1c9a48faea7b2c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Esprit\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Quinten\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\Vandenberghe\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1160 folders=249 246113458 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\Esprit\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp will be emptied at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\Documents and Settings\Quinten\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\Vandenberghe\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\VANDEN~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\tasks\jmuyus.job" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\Movdap" not found

"C:\Program Files\Movdap" not found

"C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temp\History" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files" not deleted

==== EOF on za 25/01/2014 at 20:44:22,31 ======================

[kape]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[antijdelijk]

Hierbij het volgende logje.

Helaas nog niet van die hardnekkige pop-ups af die mij 1000-en euro's beloven ;-)

# AdwCleaner v3.016 - Report created 26/01/2014 at 10:10:58

# Updated 23/12/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Vandenberghe - LEEFRUIMTE

# Running from : C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\A2VBG6B0\adwcleaner[2].exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\BS_Player

Folder Deleted : C:\Documents and Settings\Esprit\Local Settings\Application Data\BS_Player

Folder Deleted : C:\Documents and Settings\Esprit\Menu Start\Programma's\TornTV.com

Folder Deleted : C:\Documents and Settings\Vandenberghe\Local Settings\Application Data\BS_Player

Folder Deleted : C:\Documents and Settings\Quinten\Local Settings\Application Data\BS_Player

File Deleted : C:\Documents and Settings\Esprit\Bureaublad\TornTV.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKCU\Software\BS_Player

Key Deleted : HKLM\SOFTWARE\BS_Player

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1098640

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2611275

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{920B0E8E-C749-4B3A-ABC9-774325D22723}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\TornTV.com\Torntv Downloader.exe]

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Crossrider

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\AskBarDis

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\qvo6Software

Key Deleted : HKLM\Software\Tarma Installer

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKLM\Software\Uniblue

Key Deleted : HKLM\Software\V9

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Esprit\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : urls_to_restore_on_startup

[ File : C:\Documents and Settings\Vandenberghe\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Quinten\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12310 octets] - [26/01/2014 10:09:13]

AdwCleaner[s0].txt - [12354 octets] - [26/01/2014 10:10:58]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12415 octets] ##########

[kape]

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.
  

[antijdelijk]

Nieuwe log:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2014.01.05.02

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Vandenberghe :: LEEFRUIMTE [administrator]

Bescherming: Uitgeschakeld

26/01/2014 18:14:36

mbam-log-2014-01-26 (18-14-36).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 325365

Verstreken tijd: 30 minuut/minuten, 40 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2

C:\Documents and Settings\Vandenberghe\Local Settings\Temporary Internet Files\Content.IE5\6WCKHRBV\SoftonicDownloader_voor_avg-antivirus-free-2014[1].exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Esprit\SendTo\Desk 365.lnk (PUP.Optional.Desk365.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

5 januari 2014 aangepast door kape
dubbellogs verwijderd

[kape]

En krijg je nu nog ongewenste meldingen ?

De datum van je PC staat blijkbaar ook niet helemaal correct: 26/01/2014 18:14:36

5 januari 2014 aangepast door kape