Safe Saver verwijderen

[TessvandenBroek]

Hallo,

Zoals vele anderen, zoals ik inmiddels heb gemerkt, heb ik last van de extensie safe saver.

Ik heb al van alles geprobeerd maar het wil maar niet verdwijnen.

Kan iemand mij helpen?

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

[TessvandenBroek]

Logfile of random's system information tool 1.09 (written by random/random)

Run by Tessa_2 at 2014-01-08 17:19:21

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 70 GB (31%) free of 227 GB

Total RAM: 3069 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:19:34, on 8-1-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16526)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Program Files\KPN\bin\sprtcmd.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe

C:\Users\Tessa_2\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_nl.exe

C:\Users\Tessa_2\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\conime.exe

C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Tessa_2\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Tessa_2\Downloads\RSIT (1).exe

C:\Program Files\trend micro\Tessa_2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"

O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"

O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"

O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Google Update] "C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tessa_2\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Users\Tessa_2\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: PolderbitS Audio Driver Monitor.lnk = C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_nl.exe

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor V12 (AdobeActiveFileMonitor12.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe

O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

O23 - Service: Update WebConnect - WebConnect - C:\Program Files\WebConnect\updateWebConnect.exe

O23 - Service: Util WebConnect - WebConnect - C:\Program Files\WebConnect\bin\utilWebConnect.exe

--

End of file - 13576 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000UA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002UA.job

C:\Windows\tasks\HPCeeScheduleForTessa_2.job

C:\Windows\tasks\SLOW-PCfighter.job

C:\Windows\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2299176]

"DVDAgent"=C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]

"TSMAgent"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-09-25 1152296]

"CLMLServer for HP TouchSmart"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-09-25 189736]

"UCam_Menu"=C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-09-23 912688]

"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-26 210216]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]

"TVAgent"=C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [2009-02-09 206120]

"KPN"=C:\Program Files\KPN\bin\sprtcmd.exe [2008-06-06 198184]

"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2012-02-23 59240]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-21 458844]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-10-03 13826664]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2013-12-13 1573184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]

"Google Update"=C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-18 136176]

"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-11-11 2283808]

"uTorrent"=C:\Users\Tessa_2\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-16 900440]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe [2013-06-03 472984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aimersoft Helper Compact.exe]

c:\program files\common files\aimersoft\aimersoft helper compact\ashelper.exe [2013-05-29 1734144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

c:\program files\common files\apple\apple application support\apsdaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

c:\program files\divx\divx update\divxupdate.exe [2013-08-29 1861968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

c:\program files\itunes\ituneshelper.exe [2013-09-17 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

c:\program files\quicktime\qttask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

c:\users\tessa_2\appdata\roaming\utorrent\utorrent.exe [2013-11-16 900440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

PolderbitS Audio Driver Monitor.lnk - C:\Program Files\PolderbitS\Recorder\Driver\PBDriverMonitor_nl.exe

C:\Users\Tessa_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Tessa_2\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"msacm.l3codecp"=l3codecp.acm

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave4"=wdmaud.drv

"mixer4"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave5"=wdmaud.drv

"mixer5"=wdmaud.drv

"vidc.dvsd"=mcdvd_32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.dvacm_vspx6"=c:\PROGRA~1\Corel\CORELV~2\COMMON~1\Vio\Dvacm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-07 22:36:41 ----D---- C:\Program Files\Free Video to GIF Converter

2014-01-07 22:16:54 ----D---- C:\Users\Tessa_2\AppData\Roaming\PDAppFlex

2014-01-07 22:05:24 ----D---- C:\Program Files\trend micro

2014-01-07 22:05:23 ----D---- C:\rsit

2014-01-06 19:24:42 ----D---- C:\Program Files\Adobe Download Assistant

2014-01-04 14:17:49 ----D---- C:\Program Files\MMiniMumPriCE

2014-01-04 14:17:43 ----D---- C:\Program Files\GreaatSave4UU

2014-01-01 13:51:56 ----D---- C:\ProgramData\GreaatSave4UU

2014-01-01 13:51:54 ----D---- C:\ProgramData\jfgcmiadpfdkdflaenpdabccfngpcnmm

2014-01-01 13:51:30 ----D---- C:\ProgramData\MMiniMumPriCE

2013-12-22 20:35:36 ----A---- C:\Windows\system32\vbscript.dll

2013-12-22 20:35:36 ----A---- C:\Windows\system32\mshtmled.dll

2013-12-22 20:35:32 ----A---- C:\Windows\system32\jsproxy.dll

2013-12-22 20:35:32 ----A---- C:\Windows\system32\ieui.dll

2013-12-22 20:35:29 ----A---- C:\Windows\system32\wininet.dll

2013-12-22 20:35:29 ----A---- C:\Windows\system32\msfeeds.dll

2013-12-22 20:35:29 ----A---- C:\Windows\system32\ieUnatt.exe

2013-12-22 20:35:27 ----A---- C:\Windows\system32\jscript.dll

2013-12-22 20:35:26 ----A---- C:\Windows\system32\url.dll

2013-12-22 20:35:26 ----A---- C:\Windows\system32\jscript9.dll

2013-12-22 20:35:25 ----A---- C:\Windows\system32\iertutil.dll

2013-12-22 20:35:23 ----A---- C:\Windows\system32\urlmon.dll

2013-12-22 20:35:21 ----A---- C:\Windows\system32\mshtml.dll

2013-12-22 20:35:15 ----A---- C:\Windows\system32\ieframe.dll

2013-12-21 16:36:29 ----D---- C:\Windows\Migration

2013-12-21 14:28:49 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2014-01-08 17:19:07 ----D---- C:\Windows\Temp

2014-01-08 17:18:09 ----D---- C:\Users\Tessa_2\AppData\Roaming\uTorrent

2014-01-08 17:11:10 ----D---- C:\Users\Tessa_2\AppData\Roaming\Dropbox

2014-01-07 23:01:54 ----D---- C:\Users\Tessa_2\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-01-07 23:01:39 ----SHD---- C:\Windows\Installer

2014-01-07 23:01:23 ----D---- C:\Program Files\Common Files\Adobe AIR

2014-01-07 22:59:33 ----D---- C:\Program Files\IObit

2014-01-07 22:56:16 ----D---- C:\Users\Tessa_2\AppData\Roaming\vlc

2014-01-07 22:36:41 ----D---- C:\Program Files

2014-01-07 22:31:22 ----D---- C:\Windows\system32\Tasks

2014-01-07 22:31:16 ----D---- C:\Windows\Tasks

2014-01-07 22:18:13 ----D---- C:\Users\Tessa_2\AppData\Roaming\Adobe

2014-01-07 22:18:05 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2014-01-07 21:39:13 ----SHD---- C:\System Volume Information

2014-01-07 21:16:13 ----D---- C:\Windows

2014-01-06 20:55:35 ----D---- C:\ProgramData\Adobe

2014-01-06 20:48:10 ----D---- C:\Program Files\Common Files\Adobe

2014-01-06 20:47:45 ----D---- C:\Program Files\Adobe

2014-01-06 20:46:31 ----D---- C:\Windows\system32\catroot

2014-01-06 20:43:15 ----D---- C:\Windows\system32\drivers

2014-01-06 20:43:15 ----D---- C:\Windows\inf

2014-01-06 20:43:15 ----D---- C:\Program Files\Common Files\PX Storage Engine

2014-01-06 20:26:51 ----HD---- C:\ProgramData

2014-01-06 17:23:52 ----D---- C:\Windows\system32\catroot2

2014-01-06 17:06:49 ----D---- C:\Windows\SoftwareDistribution

2014-01-06 17:04:46 ----D---- C:\Windows\Prefetch

2014-01-06 17:02:51 ----D---- C:\Windows\Debug

2014-01-06 07:51:55 ----D---- C:\Users\Tessa_2\AppData\Roaming\Spotify

2014-01-04 14:17:49 ----D---- C:\ProgramData\20c84055b9a0e07a

2014-01-01 22:00:29 ----D---- C:\ProgramData\ProductData

2013-12-30 17:34:31 ----D---- C:\Users\Tessa_2\AppData\Roaming\Synthesia

2013-12-28 14:32:34 ----D---- C:\Program Files\WebSearch

2013-12-28 14:32:33 ----D---- C:\Program Files\Ss-Helper

2013-12-22 20:52:32 ----D---- C:\Windows\system32\migration

2013-12-22 20:52:32 ----D---- C:\Windows\System32

2013-12-22 20:52:32 ----D---- C:\Program Files\Internet Explorer

2013-12-22 20:40:17 ----D---- C:\Windows\winsxs

2013-12-21 17:53:46 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-12-21 17:23:13 ----D---- C:\Windows\Microsoft.NET

2013-12-21 16:48:51 ----D---- C:\ProgramData\Microsoft Help

2013-12-21 16:43:45 ----RSD---- C:\Windows\assembly

2013-12-21 16:37:47 ----D---- C:\Windows\system32\en-US

2013-12-21 16:31:39 ----D---- C:\Windows\system32\MRT

2013-12-21 16:26:06 ----A---- C:\Windows\system32\mrt.exe

2013-12-21 15:54:03 ----D---- C:\Users\Tessa_2\AppData\Roaming\IObit

2013-12-21 15:18:33 ----D---- C:\Windows\system32\Msdtc

2013-12-21 15:18:25 ----D---- C:\Windows\system32\wbem

2013-12-21 15:15:10 ----D---- C:\Windows\system32\config

2013-12-21 15:14:11 ----RSD---- C:\Windows\Media

2013-12-21 15:14:10 ----D---- C:\Windows\system32\spool

2013-12-21 15:14:10 ----D---- C:\Windows\system32\CodeIntegrity

2013-12-21 15:14:01 ----D---- C:\ProgramData\IObit

2013-12-21 15:13:31 ----D---- C:\Windows\registration

2013-12-21 15:13:28 ----D---- C:\ProgramData\Real

2013-12-21 14:59:27 ----D---- C:\Windows\AppPatch

2013-12-16 21:08:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-12-16 18:23:52 ----SD---- C:\ProgramData\Microsoft

2013-12-13 14:35:59 ----D---- C:\Windows\panther

2013-12-13 14:35:46 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]

R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2013-07-19 46096]

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 15672]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]

R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-01-07 1326584]

R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-04-29 54784]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-02-18 149352]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-10-03 9905096]

R3 PbsAuDrv;PolderbitS Audio Driver; C:\Windows\system32\drivers\pbsaudrv.sys [2011-07-31 110816]

R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [2013-11-19 32288]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-07-22 123904]

R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 299312]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []

S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]

S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2008-06-23 80424]

S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-06-23 81960]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-06-23 16168]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]

S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-21 100184]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []

S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []

S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [2013-11-19 20944]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]

S4 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [2013-03-23 21480]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor12.0;Adobe Active File Monitor V12; C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [2013-09-25 181152]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-02 81920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]

R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]

R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]

R2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN); C:\Program Files\KPN\bin\sprtsvc.exe [2008-06-06 202016]

R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [2009-07-21 221266]

R2 TVCapSvc;TV Background Capture Service (TVBCS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]

R2 TVSched;TV Task Scheduler (TVTS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]

R2 Update WebConnect;Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [2013-10-06 65320]

R2 Util WebConnect;Util WebConnect; C:\Program Files\WebConnect\bin\utilWebConnect.exe [2013-10-07 65320]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]

R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-20 136176]

S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-30 72704]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-16 257416]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-20 136176]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 553288]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\MMiniMumPriCE;fs
 C:\Program Files\GreaatSave4UU;fs
 C:\ProgramData\GreaatSave4UU;fs
 C:\ProgramData\jfgcmiadpfdkdflaenpdabccfngpcnmm;fs
 C:\ProgramData\MMiniMumPriCE;fs
 C:\ProgramData\20c84055b9a0e07a;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[TessvandenBroek]

Zoek.exe v5.0.0.0 Updated 09-Januari-2014

Tool run by Tessa_2 on za 11-01-2014 at 14:44:38,21.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Tessa_2\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

11-1-2014 14:47:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\1ClickDownload deleted successfully

C:\Program Files\Aimersoft deleted successfully

C:\Program Files\AVS4YOU deleted successfully

C:\Program Files\GreaatSave4UU deleted successfully

C:\Program Files\lucky leap deleted successfully

C:\Program Files\Mad Scientist Productions deleted successfully

C:\Program Files\MMiniMumPriCE deleted successfully

C:\Program Files\WebSearch deleted successfully

C:\Program Files\WildTangent Games deleted successfully

C:\Program Files\Zylom Games deleted successfully

C:\Users\Tessa_2\AppData\Roaming\EarMaster deleted successfully

C:\Users\Tessa_2\AppData\Roaming\Publish Providers deleted successfully

C:\Users\Tessa_2\AppData\Roaming\Samsung deleted successfully

C:\Users\Tessa_2\AppData\Roaming\Spesoft Audio Converter deleted successfully

C:\Users\Tessa_2\AppData\Roaming\WinRAR deleted successfully

C:\Users\Tessa_2\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util WebConnect deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util WebConnect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.Tessa_2\shell\open\command]

@="C:\\Users\\Tessa_2\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

C:\Program Files\MMiniMumPriCE not found

C:\Program Files\GreaatSave4UU not found

C:\ProgramData\GreaatSave4UU deleted

C:\ProgramData\jfgcmiadpfdkdflaenpdabccfngpcnmm deleted

C:\ProgramData\MMiniMumPriCE deleted

C:\ProgramData\20c84055b9a0e07a deleted

C:\Users\Tessa_2\AppData\LocalLow\{356C2782-4AB2-D5DF-4F57-E53A5F2014E8} deleted

C:\Users\Tessa_2\AppData\LocalLow\{6B784EC7-DCB3-2FBA-0108-85A80A8134B5} deleted

C:\Program Files\DoWWnload keeepeera deleted

C:\Program Files\SearchNewTab deleted

C:\Program Files\Ss-Helper deleted

C:\extensions.sqlite deleted

C:\found.000 deleted

C:\Users\Tessa_2\AppData\Roaming\ExpressFiles deleted

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\Users\Tessa_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender deleted

C:\Users\Tessa_2\AppData\LocalLow\ADSRemoval deleted

C:\Users\Tessa_2\AppData\LocalLow\boost_interprocess deleted

C:\Windows\system32\Tasks\Express FilesUpdate deleted

C:\END deleted

C:\Users\Tessa_2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adsremoval@adsremoval.net deleted

"C:\Program Files\WebConnect\updateWebConnect.exe" deleted

"C:\Program Files\WebConnect\updateWebConnect.exe" deleted

"C:\Program Files\WebConnect\bin\utilWebConnect.exe" deleted

"C:\Program Files\WebConnect\bin\utilWebConnect.exe" deleted

"C:\Program Files\WebConnect" not deleted

"C:\Program Files\WebConnect" not deleted

"C:\Program Files\WebConnect\bin" not deleted

"C:\Program Files\WebConnect\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Tessa_2\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-07 21:36:41 -------- d-----w- C:\Program Files\Free Video to GIF Converter

2014-01-07 21:05:24 -------- d-----w- C:\Program Files\trend micro

2014-01-06 18:24:42 -------- d-----w- C:\Program Files\Adobe Download Assistant

======= C: =====

====== C:\Users\Tessa_2\AppData\Roaming ======

2014-01-07 21:16:54 -------- d-----w- C:\Users\Tessa_2\AppData\Roaming\PDAppFlex

2013-12-21 13:58:16 -------- d-----w- C:\Users\Tessa_2\AppData\Local\ElevatedDiagnostics

2013-12-16 17:40:41 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps

2013-12-16 17:40:08 2DF7013699A9722671DE22E503BB7FFB 6070016 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

====== C:\Users\Tessa_2 ======

2014-01-08 16:18:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tessa_2\Downloads\RSIT (1).exe

2014-01-07 21:57:04 5B028722015240564755A49DDF48486C 2469824 ----a-w- C:\Users\Tessa_2\Downloads\AdobeDownloadAssistant (1).exe

2014-01-07 21:36:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video to GIF Converter

2014-01-07 21:33:46 13F8726DD5F1ECA5D7554A802E225248 8636780 ----a-w- C:\Users\Tessa_2\Downloads\freevideotogif.exe

2014-01-07 21:24:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

2014-01-07 21:04:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tessa_2\Downloads\RSIT.exe

2014-01-07 21:02:59 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tessa_2\Downloads\RSITx64.exe

2014-01-06 18:25:39 -------- d-----w- C:\Users\Tessa_2\Adobe Photoshop Elements 12

2014-01-06 18:20:50 5B028722015240564755A49DDF48486C 2469824 ----a-w- C:\Users\Tessa_2\Downloads\AdobeDownloadAssistant.exe

2014-01-03 17:49:42 99FFAFD8FE735B7B920FD108BC933C3E 321216 ----a-w- C:\Users\Tessa_2\Downloads\OpenSubtitles.exe

====== C: exe-files ==

2014-01-08 16:18:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tessa_2\Downloads\RSIT (1).exe

2014-01-07 21:59:58 9973DCFD2D080C325F865C08D13610DB 130408 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe

2014-01-07 21:59:58 960FC5D26E103A124E0F4CE82D038C36 103272 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe

2014-01-07 21:59:58 77D4A137779DB57638C9CB9048973B68 54632 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe

2014-01-07 21:59:58 77D4A137779DB57638C9CB9048973B68 54632 ----a-w- C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe

2014-01-07 21:59:58 42D121320D4642A8E6212561F19F88B1 59392 ----a-w- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe

2014-01-07 21:57:04 5B028722015240564755A49DDF48486C 2469824 ----a-w- C:\Users\Tessa_2\Downloads\AdobeDownloadAssistant (1).exe

2014-01-07 21:36:41 651581BD30245789E80B7F41685A33DD 2043392 ----a-w- C:\Program Files\Free Video to GIF Converter\FreeVideotoGIFConverter.exe

2014-01-07 21:36:41 405E4EC3FB49A2F1A4A1494FCFFF9082 715038 ----a-w- C:\Program Files\Free Video to GIF Converter\unins000.exe

2014-01-07 21:33:46 13F8726DD5F1ECA5D7554A802E225248 8636780 ----a-w- C:\Users\Tessa_2\Downloads\freevideotogif.exe

2014-01-07 21:26:52 2D54675B0D9A9DCC3493A39BA7D3FC26 1167184 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\adsremoval\unins000.exe

2014-01-07 21:26:41 6120A0AD956D6F3157597CBFDE504207 561472 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Promote.exe

2014-01-07 21:26:05 6B798A617DC2CBF95CB352ADF1EF7BC3 11654912 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Update\imfpatch.exe

2014-01-07 21:24:58 E8E8A70102A95CABDDF8FE040961721D 2339136 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\AdbUpdate.exe

2014-01-07 21:24:23 D9E58E313B404BF2D35CD20BBD90BBA2 2436592 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\ADSRemovalSetup.exe

2014-01-07 21:24:14 2F28FCA1AECCCA9C06A5043B0702FBBE 1753920 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF_ActionCenterDownloader.exe

2014-01-07 21:24:12 DF551690EEB462238A09BE3AB6D43ECE 547672 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\TaskSchedule.exe

2014-01-07 21:24:12 C0227B33BAB59AE7BDF36FF7D4EFDD9A 50640 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IWsIMF.exe

2014-01-07 21:24:12 754366C45EA31251FA0D9E82885E6B19 2126144 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\UninstallPromote.exe

2014-01-07 21:24:07 EAEA4B0005869A4ABE6070BD364143B7 341824 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

2014-01-07 21:24:07 EAEA4B0005869A4ABE6070BD364143B7 341824 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\bak.IMFsrv.exe

2014-01-07 21:24:07 8CAEC53A5597AAA5383A416F85ACC71E 63296 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\SendBugReport.exe

2014-01-07 21:24:06 D9A3A088C517B8C94EE12184A389F4D5 128832 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\BlueBirdInit.exe

2014-01-07 21:24:06 9FE8A0FB5CB7AE05CA0456519EE39594 1572672 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\bak.IMF.exe

2014-01-07 21:24:06 1B7B925448187118F0455C05D9DCB6EB 1573184 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

2014-01-07 21:24:05 5833949B1D65563CBD1A522A8063919E 1185088 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\unins000.exe

2014-01-07 21:23:37 5D5C7FB543A444265F6C50C0F3F94FC8 23810056 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\imf-setup.exe

2014-01-07 21:05:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tessa_2.exe

2014-01-07 21:04:05 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Tessa_2\Downloads\RSIT.exe

2014-01-07 21:02:59 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tessa_2\Downloads\RSITx64.exe

2014-01-06 18:50:58 A52D2F9A11F1736411B61713F132BFFF 2353016 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\SupportFiles\Set-up.exe

2014-01-06 18:50:58 A52D2F9A11F1736411B61713F132BFFF 2353016 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsSTIInstaller\Set-up.exe

2014-01-06 18:50:58 01A844388836AFF628AD2145D8D85D7E 1797536 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\Setup.exe

2014-01-06 18:50:57 A52D2F9A11F1736411B61713F132BFFF 2353016 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsOrganizer\SupportFiles\Set-up.exe

2014-01-06 18:21:39 A51D90F2F9394F5EA0A3ACAE3BD2B219 163840 ----a-w- C:\Program Files\Adobe Download Assistant\7z.exe

2014-01-06 18:21:39 7E26C2EE71F86E2C796619299919320E 142336 ----a-w- C:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe

2014-01-06 18:20:50 5B028722015240564755A49DDF48486C 2469824 ----a-w- C:\Users\Tessa_2\Downloads\AdobeDownloadAssistant.exe

=== C: other files ==

2014-01-08 16:20:52 42142D1488F3429CAF525FF49404D22D 2545620 ----a-w- C:\Users\Tessa_2\Downloads\Z-Analyse.zip

2014-01-07 21:24:22 BA8DFA3826B6348863F736F506184454 18384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys

2014-01-07 21:24:22 B1C51A3CB466C0C4AFA54F0FA199F6B8 17360 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys

2014-01-07 21:24:22 9840396B26E424046AD335C98B3F16C3 247968 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys

2014-01-07 21:24:22 6EF92564A06AEDA36F2E2414B4EA7D02 64592 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\RegFilter.sys

2014-01-07 21:24:22 6BB17E7A108A5D5B21ECD95C6297B4AE 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys

2014-01-07 21:24:22 69AA6AF470BA8D8CE13FA45DE0D49C1C 31776 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys

2014-01-07 21:24:22 60CA7D495DA23089E4F4D70F4DC2B11C 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys

2014-01-07 21:24:22 23450BAFD5439114FB6F8DC1371F4CB8 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys

2014-01-07 21:24:21 FD0057DFB7BB0A32C6FBFE43E9F901E1 66128 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys

2014-01-07 21:24:21 EDFC44468C59A19FB810AFC85320536B 36896 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys

2014-01-07 21:24:21 B38026FE5CA420C6A22B7F7F6C6D6547 64592 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys

2014-01-07 21:24:21 A89FF59E9162127053F5F9F632BA3D5D 20432 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys

2014-01-07 21:24:21 A507B0EB01980FED379D82EF7D3CB43F 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys

2014-01-07 21:24:21 9D6B3BF280120750A88BC8E08A2DE9CB 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys

2014-01-07 21:24:21 9AF784DE16723A51BADB1EC48D4F704E 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys

2014-01-07 21:24:21 9075C95322A94C355DFD3B614E9E3532 35848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys

2014-01-07 21:24:21 7EBAB88FEE6E97397C183ED3B71F0797 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys

2014-01-07 21:24:21 7752291EA190FBDC3F001861261C2B59 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys

2014-01-07 21:24:21 4A03296A4F482D877FEF95FB7488216D 36384 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys

2014-01-07 21:24:21 4351FD537D4B5BFB5CC73ABBECD9D678 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys

2014-01-07 21:24:21 2AC63E2EBD94A7788B6D91A15DDC2D41 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys

2014-01-07 21:24:20 F5DBCF84176C62B4BEDF22DB56444CBD 21480 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys

2014-01-07 21:24:20 D39E6B769F8BD7F26949FD9C950F7358 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys

2014-01-07 21:24:20 B53B59305D9B10D84D5AA5CE323E6A9B 41504 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys

2014-01-07 21:24:20 AA1639ED5610A85C95CEAB38978CED5A 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys

2014-01-07 21:24:20 8BD175378BE3455B8F821EB807C7F4BC 32288 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys

2014-01-07 21:24:20 415821AD05A3A19DF44A27FB72119473 20944 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys

2014-01-07 21:24:20 3C7682F5BC9E65A0AB6CA980009D5631 39992 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys

2014-01-07 21:24:20 00BF94C463D1B768E2F36848888268F3 66128 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys

2014-01-07 21:24:19 D409D4A4517865131999FAC96D366CBF 23048 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys

2014-01-07 21:24:19 893A6B67C8AA502648AD946CF50DDFD1 23016 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys

2014-01-07 21:24:19 5623E2CC4F1F6DE24BE9DB3319E42D23 34848 ----a-w- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys

2014-01-06 18:50:19 6C5D13441580EB69FA0AB3B9B6E4F178 252 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\PSE12STIInstaller\Assets1_1.zip

2014-01-06 18:50:19 36BA85482A41DA09C3698ABD9BB57D68 740 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\SupportFiles\payloads\PSE12AMTLibSupport\Assets1_1.zip

2014-01-06 18:50:18 1C86F49CDCA28773CFE78C817246F3CB 14535520 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\ElementsCameraRaw8.0All-x64\Assets1_1.zip

2014-01-06 18:50:15 F51F666E95F689D5A46ECCF2FBCB36E3 13819902 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\ElementsCameraRaw8.0All\Assets1_1.zip

2014-01-06 18:49:56 F1435051E1C3A3D052DDC87E053CE4EA 717 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsOrganizer\SupportFiles\payloads\EO12AMTLibSupport\Assets1_1.zip

2014-01-06 18:49:56 48181888C1B1A3009C892FFCFAEE6975 114265531 ----a-w- C:\Users\Tessa_2\Adobe Photoshop Elements 12\PSE 12\ElementsSTIInstaller\payloads\AdobeCameraRawProfile8.0All\Assets1_1.zip

2014-01-05 14:15:27 3B14704A3323FB9A4D3E30D04B734DCA 27201 ----a-w- C:\Users\Tessa_2\Downloads\jonathan-paterson_london-tube.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Google Update"="C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Tessa_2\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DVDAgent"="C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"

"TSMAgent"="C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

"CLMLServer for HP TouchSmart"="C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

"UCam_Menu"="C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe C:\Program Files\Hewlett-Packard\Media\Webcam update Software\Hewlett-Packard\Media\Webcam"

"UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"

"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"TVAgent"="C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"

"KPN"="C:\Program Files\KPN\bin\sprtcmd.exe /P KPN"

"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"IObit Malware Fighter"="C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Google Update"="C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"uTorrent"="C:\Users\Tessa_2\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"command"="c:\\program files\\common files\\adobe\\oobe\\pdapp\\uwa\\updaterstartuputility.exe"

"hkey"="HKLM"

"item"="AdobeAAMUpdater-1.0"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aimersoft Helper Compact.exe]

"command"="c:\\program files\\common files\\aimersoft\\aimersoft helper compact\\ashelper.exe"

"hkey"="HKLM"

"item"="Aimersoft Helper Compact.exe"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"command"="c:\\program files\\common files\\apple\\apple application support\\apsdaemon.exe"

"hkey"="HKLM"

"item"="APSDaemon"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]

"command"="\"c:\\program files\\divx\\divx update\\divxupdate.exe\" /checknow"

"hkey"="HKLM"

"item"="DivXUpdate"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"command"="c:\\program files\\itunes\\ituneshelper.exe"

"hkey"="HKLM"

"item"="iTunesHelper"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"command"="\"c:\\program files\\quicktime\\qttask.exe\" -atboottime"

"hkey"="HKLM"

"item"="QuickTime Task"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"command"="\"c:\\users\\tessa_2\\appdata\\roaming\\utorrent\\utorrent.exe\" /minimized"

"hkey"="HKCU"

"item"="uTorrent"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2013-05-27 13:39:39 953 ----a-w- C:\Users\Tessa_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2010-05-18 15:30:57 2136 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PolderbitS Audio Driver Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-02-2011 16:14]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-02-2011 16:14]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000Core.job --a------ C:\Users\Tessa\AppData\Local\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000UA.job --a------ C:\Users\Tessa\AppData\Local\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002Core.job --a------ C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe [18-10-2011 09:39]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002UA.job --a------ C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe [18-10-2011 09:39]

C:\Windows\tasks\HPCeeScheduleForTessa_2.job --a------ C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [19-05-2008 11:34]

C:\Windows\tasks\SLOW-PCfighter.job --a------ C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe []

C:\Windows\tasks\SmartDefrag.job --a------ C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PC_van_Tessa-Tessa_2" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\system32\tasks\ASC4_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe]

"C:\Windows\system32\tasks\ASC7_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\Windows\system32\tasks\ASC7_SkipUac_Tessa_2" [C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\Game_Booster_AutoUpdate" [C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000Core" [C:\Users\Tessa\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1000UA" [C:\Users\Tessa\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002Core" [C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3625704015-2833347210-2361240619-1002UA" [C:\Users\Tessa_2\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HP Health Check" ["c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"]

"C:\Windows\system32\tasks\HPCeeScheduleForTessa_2" [C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe]

"C:\Windows\system32\tasks\RealCreateProcessScheduledTask473182S-1-5-21-3625704015-2833347210-2361240619-1000" [c:\program files\real\realplayer\realplay.exe]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3625704015-2833347210-2361240619-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3625704015-2833347210-2361240619-1002" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3625704015-2833347210-2361240619-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3625704015-2833347210-2361240619-1002" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\SLOW-PCfighter" [C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe]

"C:\Windows\system32\tasks\SmartDefrag" [C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe]

"C:\Windows\system32\tasks\{83AE9D5C-29D0-4F80-8582-4E4C929A4E25}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\{88BB838D-2FC4-4D3C-BD2D-DB15D79115DA}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"xz123@ya456.com"="C:\Program Files\BetterSurf\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tessa_2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- AutocompletePro - Your handy search suggestions tool - %ProfilePath%\extensions\support@predictad.com

==== Firefox Plugins ======================

==== Deleted Firefox Extensions ======================

C:\Users\Tessa_2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\support@predictad.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dedmngkbaffkenlfdcbganndoghblmap - C:\Program Files\BetterSurf\ch\Chrome.crx[]

ieakfmpjhljbpbfpldjkddkjmmgjmgon - C:\Program Files\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

Theme Creator - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc

Show the YouTube Channel bar or the name. - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn

YouTube - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

PicMonkey - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm

AdBlock - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Ads Removal - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod

Google Wallet - Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.wisesearch.info_0.localstorage deleted successfully

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adobe-photoshop-cs6.nl.softonic.com_0.localstorage deleted successfully

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adobe-photoshop.nl.softonic.com_0.localstorage deleted successfully

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://websearch.wisesearch.info/?pid=970&r=2013/10/28&hid=390952778793090518&lg=EN&cc=NL&unqvl=39"

"Default_Page_URL"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{42C1958F-19A1-4CCC-8BAE-D072AA9EC2DA}"

{02F8690D-295D-4E2B-86A1-1569F5141758} Unknown Url="Not_Found"

{289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} Unknown Url="Not_Found"

{42C1958F-19A1-4CCC-8BAE-D072AA9EC2DA} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

{65C658A1-CAFD-435D-B284-449C4CFA7769} Bing Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43225F7E-F375-1ECE-A6DF-668EAF6BAF4D} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{43225F7E-F375-1ECE-A6DF-668EAF6BAF4D} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7FF105B-F057-2F26-1BAA-C6977FF536DA} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F7FF105B-F057-2F26-1BAA-C6977FF536DA} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Internet Explorer\SearchScopes\{02F8690D-295D-4E2B-86A1-1569F5141758} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Internet Explorer\SearchScopes\{289DC876-D4B7-4DD6-B3FB-F1B437AFFC58} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{43225F7E-F375-1ECE-A6DF-668EAF6BAF4D} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{43225F7E-F375-1ECE-A6DF-668EAF6BAF4D} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F7FF105B-F057-2F26-1BAA-C6977FF536DA} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{F7FF105B-F057-2F26-1BAA-C6977FF536DA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{43225F7E-F375-1ECE-A6DF-668EAF6BAF4D} deleted successfully

HKEY_USERS\S-1-5-21-3625704015-2833347210-2361240619-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{F7FF105B-F057-2F26-1BAA-C6977FF536DA} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\xz123@ya456.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{432E609E-2596-4BB5-A874-F6F985B70B39} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tessa_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Tessa_2\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tessa_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Tessa_2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=120 folders=42 5368985 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Tessa_2\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Tessa_2\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Tessa_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files\WebConnect" not found

"C:\Program Files\WebConnect" not found

==== EOF on za 11-01-2014 at 16:07:49,34 ======================

[kape]

Safe Saver zou verwijderd moeten zijn. Heb je nog andere merkbare problemen ?

[TessvandenBroek]

Safe Saver is nergens eer te bekennen. Ontzettend bedankt!

[kape]

Vergeet dan zeker niet om de gebruikte tools te verwijderen en nog wat restjes op te ruimen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.