Reclamepagines Donate , Ad Fly, Ad Focus, ...

[SvenVDB1]

Hallo,

sinds kort zit ik met vervelende reclame op men computer. Hij start na een tijdje automatisch mijn Mozilla Firefox, en opent daar steeds dezelfde vier websites in. (niet allemaal tegelijk).

Is iets van Donate, Ad Fly, Ad Focus en een youtube filmpje.

Heb al verschillende dingen geprobeerd, (virusscanners, malwarebytes, enz..) maar ik krijg het niet verwijderd.

Heb een hijackthis log file gemaakt, hieronder:

Weet iemand raad?

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:20:00, on 16/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
CHROME: 33.0.1750.146
FIREFOX: 27.0.1 (nl)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Sven\Downloads\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MS Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: alga.exe
O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MS Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Wireless Card Service (ASWLCCSvc) - Unknown owner - C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10315 bytes

[kweezie wabbit]

In dit logje is niet veel te zien maar er zijn nog andere tools die we kunnen inzetten.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

[SvenVDB1]

Alvast bedankt voor uw hulp, hieronder de log-file:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sven at 2014-03-16 12:14:58
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 8 GB (6%) free of 122 GB
Total RAM: 8173 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:14:59, on 16/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files\trend micro\Sven.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MS Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: alga.exe
O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MS Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Wireless Card Service (ASWLCCSvc) - Unknown owner - C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10353 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=bbf49d23-9177-4e6d-8b05-6e63f55f563f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\bbfe5025-b0f1-4f55-8ee0-967ef125f357-1c0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2060
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-37e5229d-c63d-4bce-a4b4-700d85118415 -SystemEventPortName:HostProcess-43e8ecff-cf97-402b-bd8d-7f3abfe1b29a -IoCancelEventPortName:HostProcess-ff15ac18-6a7d-4464-a641-1ce4fd88142a -NonStateChangingEventPortName:HostProcess-1c385cd1-4c0f-4f9a-aee9-45a1c0746d12 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e1d5dc41-6a7c-4be4-ba81-fe9d3ab0702b -DeviceGroupId:WpdFsGroup
atieclxx
"taskhost.exe"
taskeng.exe {03466D6A-A523-4AF9-98C7-B4689D270642}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 
"C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" 
"C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe" 
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" 
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\ASUS\WLAN Card Utilities\Center.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {EDFD42FB-86E6-4BEA-A036-A06950717E5B}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3836.18088700.2036017614 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3836 "\\.\pipe\gecko-crash-server-pipe.3836" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --proxy-stub-channel=Flash5004.6BAAC768.18467 --host-broker-channel=Flash5004.6BAAC768.8082 --host-pid=5004 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe" --channel=4480.0044F17C.618758385 --proxy-stub-channel=Flash5004.6BAAC768.18467 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll" --host-npapi-version=27 --type=renderer
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Sven\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Dealply.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "http://www.google.be"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
belgiumeid@eid.belgium.be

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-18 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-17 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-18 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\MS Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-17 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-17 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-28 11905128]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-04-22 39408]
"Spotify Web Helper"=C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-02-02 1171968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-29 284440]
"Control Center"=C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe [2009-05-21 544256]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-01-22 4962320]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
alga.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\MS Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2014-03-16 12:14:58 ----D---- C:\rsit
2014-03-16 12:14:58 ----D---- C:\Program Files\trend micro
2014-03-15 21:21:27 ----A---- C:\Windows\system32\olepro32.dll
2014-03-15 21:21:27 ----A---- C:\Windows\system32\atiumdva.dll
2014-03-15 21:21:27 ----A---- C:\Windows\system32\atiumdag.dll
2014-03-15 21:21:27 ----A---- C:\Windows\system32\atiu9pag.dll
2014-03-15 21:21:27 ----A---- C:\Windows\system32\aticfx32.dll
2014-03-15 21:08:11 ----A---- C:\Windows\system32\drivers\tmcomm.sys
2014-03-15 08:52:37 ----D---- C:\Users\Sven\AppData\Roaming\eCyber
2014-03-15 08:52:32 ----D---- C:\Windows\system32\log
2014-03-15 08:52:13 ----D---- C:\Users\Sven\AppData\Roaming\iSafe
2014-03-13 17:07:13 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-13 17:07:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-13 17:07:13 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-13 17:07:13 ----A---- C:\Windows\system32\win32k.sys
2014-03-13 17:07:13 ----A---- C:\Windows\system32\wer.dll
2014-03-13 17:07:13 ----A---- C:\Windows\system32\iertutil.dll
2014-03-13 17:07:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 17:07:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-13 17:07:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-13 17:07:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-13 17:07:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-13 17:07:12 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 17:07:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-13 17:07:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-13 17:07:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-13 17:07:11 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-13 17:07:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-13 17:07:11 ----A---- C:\Windows\system32\urlmon.dll
2014-03-13 17:07:11 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-13 17:07:11 ----A---- C:\Windows\system32\iernonce.dll
2014-03-13 17:07:11 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-13 17:07:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-13 17:07:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-13 17:07:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-13 17:07:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-13 17:07:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-13 17:07:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-13 17:07:10 ----A---- C:\Windows\system32\iesetup.dll
2014-03-13 17:07:10 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-13 17:07:09 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-13 17:07:09 ----A---- C:\Windows\system32\jscript9.dll
2014-03-13 17:07:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-13 17:07:09 ----A---- C:\Windows\system32\ieui.dll
2014-03-13 17:07:09 ----A---- C:\Windows\system32\ieframe.dll
2014-03-13 17:07:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-13 17:07:08 ----A---- C:\Windows\system32\wininet.dll
2014-03-13 17:07:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 17:07:08 ----A---- C:\Windows\system32\msrating.dll
2014-03-13 17:07:08 ----A---- C:\Windows\system32\mshtml.dll
2014-03-13 17:07:08 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-13 17:06:44 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 17:06:44 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-13 17:06:44 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-13 17:06:44 ----A---- C:\Windows\system32\qedit.dll
2014-03-07 14:05:44 ----D---- C:\Users\Sven\AppData\Roaming\Origin
2014-03-07 14:04:32 ----D---- C:\ProgramData\Origin
2014-03-07 13:34:57 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2014-03-07 13:34:57 ----A---- C:\Windows\system32\drivers\xusb21.sys
2014-03-07 13:34:57 ----A---- C:\Windows\system32\drivers\MijXfilt.sys
2014-03-07 11:48:28 ----D---- C:\ProgramData\Electronic Arts
2014-03-07 09:45:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-03-07 09:45:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-03-07 08:45:33 ----A---- C:\ProgramData\patch.dll
2014-03-04 09:55:58 ----D---- C:\Users\Sven\AppData\Roaming\SMART Technologies
2014-03-04 09:42:41 ----D---- C:\Users\Sven\AppData\Roaming\SMART Technologies Inc
2014-03-04 09:42:35 ----D---- C:\ProgramData\FLEXnet
2014-03-04 09:42:30 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-03-04 09:40:21 ----D---- C:\ProgramData\SMART Technologies
2014-03-04 09:40:10 ----D---- C:\ProgramData\Downloaded Installations
2014-03-02 22:11:20 ----A---- C:\Windows\SYSWOW64\Outils.exe
2014-02-25 08:16:10 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2014-03-16 12:14:58 ----RD---- C:\Program Files
2014-03-16 12:12:39 ----D---- C:\Windows\Temp
2014-03-16 12:12:39 ----A---- C:\Windows\SYSWOW64\log.txt
2014-03-16 08:26:07 ----D---- C:\Windows\system32\config
2014-03-16 08:05:26 ----D---- C:\Windows\winsxs
2014-03-16 07:56:19 ----D---- C:\Windows\System32
2014-03-16 07:56:19 ----D---- C:\Windows\inf
2014-03-16 07:56:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-15 23:06:35 ----D---- C:\Windows\system32\catroot
2014-03-15 23:04:30 ----RD---- C:\Program Files (x86)
2014-03-15 23:03:53 ----SHD---- C:\Windows\Installer
2014-03-15 23:03:53 ----HD---- C:\Config.Msi
2014-03-15 23:03:53 ----D---- C:\Windows\twain_32
2014-03-15 23:03:53 ----D---- C:\Program Files (x86)\Common Files
2014-03-15 23:03:50 ----D---- C:\Windows\SysWOW64
2014-03-15 23:03:32 ----D---- C:\Windows\system32\DriverStore
2014-03-15 23:03:07 ----SHD---- C:\System Volume Information
2014-03-15 23:02:19 ----D---- C:\ProgramData\Skype
2014-03-15 23:02:10 ----D---- C:\Users\Sven\AppData\Roaming\Skype
2014-03-15 23:01:59 ----RSD---- C:\Windows\assembly
2014-03-15 21:08:57 ----D---- C:\Windows\system32\drivers
2014-03-15 20:45:05 ----D---- C:\ProgramData\MFAData
2014-03-15 13:39:45 ----D---- C:\Windows
2014-03-15 11:10:10 ----D---- C:\Windows\system32\catroot2
2014-03-15 11:10:10 ----D---- C:\Windows\Downloaded Program Files
2014-03-15 10:18:48 ----SD---- C:\Users\Sven\AppData\Roaming\Microsoft
2014-03-15 09:17:25 ----D---- C:\Program Files (x86)\Artisteer 4
2014-03-15 08:53:51 ----D---- C:\Windows\Prefetch
2014-03-13 17:57:02 ----D---- C:\Program Files\Internet Explorer
2014-03-13 17:57:02 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 17:57:00 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 17:57:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 17:17:22 ----D---- C:\ProgramData\Microsoft Help
2014-03-12 07:48:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-08 22:18:20 ----D---- C:\Users\Sven\AppData\Roaming\uTorrent
2014-03-08 22:18:20 ----D---- C:\Users\Sven\AppData\Roaming\FileZilla
2014-03-08 22:18:18 ----D---- C:\Windows\Panther
2014-03-08 22:18:18 ----D---- C:\Windows\Logs
2014-03-08 22:18:18 ----D---- C:\Windows\debug
2014-03-08 13:08:39 ----D---- C:\Program Files (x86)\Mobogenie
2014-03-07 14:04:32 ----HD---- C:\ProgramData
2014-03-07 08:44:23 ----D---- C:\Program Files (x86)\Voetbalpool
2014-03-07 08:26:03 ----D---- C:\ProgramData\AVG2014
2014-03-05 20:20:30 ----D---- C:\Users\Sven\AppData\Roaming\Spotify
2014-03-05 18:29:01 ----D---- C:\Windows\Microsoft.NET
2014-03-05 08:10:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-03-04 09:42:15 ----RSD---- C:\Windows\Fonts
2014-02-26 08:15:10 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-25 08:16:13 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-25 08:16:13 ----D---- C:\Windows\system32\en-US
2014-02-25 08:16:10 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-10-01 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-10 31544]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-28 2905832]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2010-02-12 1104672]
R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2009-10-28 45752]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 bjpjdvra;bjpjdvra; \??\C:\Windows\system32\drivers\bjpjdvra.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 115272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2012-03-21 13168]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2012-03-21 16368]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2012-03-21 24944]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2011-12-07 74960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 ASWLCCSvc;ASUS Wireless Card Service; C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe [2009-05-21 172032]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-01-22 3788816]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 116648]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-13 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\MS Office 2007\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-18 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[kweezie wabbit]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe;f
C:\Windows\tasks\Dealply.job;f
chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Installed Programs
  
  
• HijackThis Log
  
  
• Running Processes
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[SvenVDB1]

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Sven on zo 16/03/2014 at 15:43:22,16.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sven\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\taskhost.exe
C:\Users\Sven\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\conhost.exe
C:\Windows\servicing\TrustedInstaller.exe

==== System Restore Info ======================

16/03/2014 15:44:46 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Fotoservice deleted successfully
C:\PROGRA~2\TomTom DesktopSuite deleted successfully
C:\PROGRA~2\WiseConvert deleted successfully
C:\PROGRA~2\Yontoo deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\AVAST Software deleted successfully
C:\PROGRA~3\LogMeIn deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Ralink deleted successfully
C:\Users\Sven\AppData\Local\Conduit deleted successfully
C:\Users\Sven\AppData\Local\CrashDumps deleted successfully
C:\Users\Sven\AppData\Local\genienext deleted successfully
C:\Users\Sven\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-478591212-1768384443-3597778759-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)  
æTorrent  
64 Bit HP CIO Components Installer  
Adobe AIR  
Adobe Community Help  
Adobe Creative Suite 5 Master Collection  
Adobe Flash Player 12 ActiveX  
Adobe Flash Player 12 Plugin  
Adobe Media Player  
Adobe Reader X (10.1.9) - Nederlands  
Adobe Widget Browser  
AMD Accelerated Video Transcoding  
AMD APP SDK Runtime  
AMD Catalyst Install Manager  
AMD Drag and Drop Transcoding  
AMD Media Foundation Decoders  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
Asmedia ASM104x USB 3.0 Host Controller Driver  
ASUS WLAN Card Utilities/Driver  
AVG 2014  
Belgium e-ID middleware 4.0.6 (build 7416)  
Bonjour  
BS.Player FREE  
Catalyst Control Center - Branding  
Catalyst Control Center  
Catalyst Control Center Graphics Previews Common  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
CCleaner  
D3DX10  
Easy Thumbnails (Remove only)  
FileZilla Client 3.7.4.1  
Google Chrome  
Google Toolbar for Internet Explorer  
Google Update Helper  
HP Update  
Intel(R) Control Center  
Intel(R) Management Engine Components  
Intel(R) Rapid Storage Technology  
iTunes  
Java 7 Update 51  
Java Auto Updater  
Java(TM) 6 Update 31 (64-bit)  
Junk Mail filter update  
Malwarebytes Anti-Malware versie 1.75.0.1300  
Microsoft .NET Framework 4.5.1  
Microsoft .NET Framework 4.5.1 (Nederlands)  
Microsoft .NET Framework 4.5.1 (NLD)  
Microsoft Antimalware Service NL-NL Language Pack  
Microsoft Application Error Reporting  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Access MUI (Dutch) 2007  
Microsoft Office Enterprise 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office Groove MUI (Dutch) 2007  
Microsoft Office InfoPath MUI (Dutch) 2007  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office OneNote MUI (Dutch) 2007  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Publisher MUI (Dutch) 2007  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Security Client  
Microsoft Security Client NL-NL Language Pack  
Microsoft Security Essentials  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD  
Microsoft_VC80_ATL_x86  
Microsoft_VC80_ATL_x86_x64  
Microsoft_VC80_CRT_x86  
Microsoft_VC80_CRT_x86_x64  
Microsoft_VC80_MFC_x86  
Microsoft_VC80_MFC_x86_x64  
Microsoft_VC80_MFCLOC_x86  
Microsoft_VC80_MFCLOC_x86_x64  
Microsoft_VC90_ATL_x86  
Microsoft_VC90_ATL_x86_x64  
Microsoft_VC90_CRT_x86  
Microsoft_VC90_CRT_x86_x64  
Microsoft_VC90_MFC_x86  
Microsoft_VC90_MFC_x86_x64  
mIRC  
Mozilla Firefox 27.0.1 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
PDF Settings CS5  
PxMergeModule  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition   
SmartFTP Client  
Spotify  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (09/23/2013 4.0.6.0)  
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition  
Update voor Microsoft Office Excel 2007 Help (KB963678)  
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)  
Update voor Microsoft Office Word 2007 Help (KB963665)  
Visual Studio 2008 x64 Redistributables  
Visual Studio 2010 x64 Redistributables  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live MIME IFilter  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
Windows Media Player Firefox Plugin  

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098

user.js not found
---- Lines y2layers removed from prefs.js ----
user_pref("extentions.y2layers.installId", "2DF1B084-61AF-B971-2A7C-34EB43B92828");
user_pref("extentions.y2layers.installId_backup", "2DF1B084-61AF-B971-2A7C-34EB43B92828");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ---- 

prefs_20141603_1551_.backup

ProfilePath: C:\Users\Sven\AppData\Roaming\TomTom\HOME\Profiles\nfzyug5k.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20141603_1551_.backup

==== Deleting Files \ Folders ======================

C:\Users\Sven\daemonprocess.txt deleted
C:\Users\Sven\.android deleted
C:\PROGRA~2\Mobogenie deleted
C:\PROGRA~2\DealPly deleted
C:\PROGRA~2\MyPC Backup deleted
C:\PROGRA~2\Conduit deleted
C:\Users\Sven\AppData\Roaming\eCyber deleted
C:\Users\Sven\AppData\Roaming\iSafe deleted
C:\Users\Sven\AppData\Roaming\ExpressFiles deleted
C:\PROGRA~3\patch.dll deleted
C:\Users\Sven\AppData\Local\CRE deleted
C:\Users\Sven\AppData\Local\APN deleted
C:\Users\Sven\AppData\Local\Mobogenie deleted
C:\Users\Sven\AppData\Local\cache deleted
C:\Windows\Tasks\Dealply.job deleted
C:\windows\SysNative\Tasks\Dealply deleted
C:\Users\Sven\AppData\LocalLow\WiseConvert_2.1 deleted
C:\Users\Sven\AppData\LocalLow\PriceGong deleted
C:\Users\Sven\AppData\LocalLow\Conduit deleted
C:\END deleted
C:\Users\Sven\Documents\Mobogenie deleted
"C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\alga.exe" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8174 MB
CPU Info: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
CPU Speed: 3150,0 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output(Optical) | 
Realtek Digital Output (Realtek | 
Display Adapters: AMD Radeon HD 7700 Series | AMD Radeon HD 7700 Series | AMD Radeon HD 7700 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | ASUS 802.11n Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-5280S
Ports: COM1 LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  119,1GB | E:  1863,0GB
Hard Disks - Free: C:  7,4GB | E:  1356,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/05/10 | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: ASUSTeK Computer INC. P8H67
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Firefox    27.0.1
Internet Explorer Version: 11.0.9600.16521 
Mozilla Firefox version: 27.0.1 (x86 nl)
Google Chrome version: 33.0.1750.146
Adobe Reader version: 10.1.9.22
Sun Java version: 1.7.0_51 (32-bit) 
Sun Java version: 1.6.0_31 (64-bit) 
Flash Player version: 12.0.0.77

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Sven\AppData\Local\Temp ====
2014-03-15 20:08:27    E891085E0043A70543655D9A61871DB1    2581040    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\tscdll64.dll
2014-03-15 20:08:27    BDE21EC1618633A32EE2ED984B3FEDD8    93008    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\BPMNT.dll
2014-03-15 20:08:27    28E6D2591EACB4BE4D1A5BB38360FDB1    2279960    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\vsapi64.dll
2014-03-15 20:08:11    F82469A1100DA72AB6071C45FA665E96    318464    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\plugin\downloader.plugin.dll
2014-03-15 20:08:11    E6AE2544E2C8657D5AC957E937736F9D    445440    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\ssleay32.dll
2014-03-15 20:08:11    DCFC19032C60CCC660D4346295DA42B9    45320    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\utilClientLoader.dll
2014-03-15 20:08:11    B6B5D6BD3BAA90918D944249459F311D    748032    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\libcurl.dll
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\Tmcomm.sys
2014-03-15 20:08:11    A4A74365C700E005C49318C20C8D2EBF    1185296    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\tmufeng.dll
2014-03-15 20:08:11    99559F8DE53EAC2C8DBC23595803A69D    46352    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\TMEBC64.sys
2014-03-15 20:08:11    98D7D2F55A73A2F7640323572F68FD09    647728    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\tmfbeng.dll
2014-03-15 20:08:11    7C131DC7362C9DD9521827E9976EF43E    2244120    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\ICRCHdler.dll
2014-03-15 20:08:11    5BBA4F3B9A2A02EB4F4A126DEECBC7EC    238104    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\perfiCrcPerfMonMgr.dll
2014-03-15 20:08:11    5A7253926B71D9291AEB9D62762F18F9    3355672    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\hc_core.dll
2014-03-15 20:08:11    227AAAE2B6E60ADD679F632C3BF51A61    148992    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\libexpatw.dll
2014-03-15 20:08:11    2191B4A8011D73906BC2B8A6D4E8B351    2667536    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\smv64.dll
2014-03-15 20:08:11    0EC83A56443A4F7EBE0F03E0B59F53BE    1905664    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\libeay32.dll
2014-03-15 20:08:11    0DDC5509168F24D8248E103210890098    420400    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\TmEngDrv.dll
2014-03-15 20:08:04    4510F1A16CF796344066A92030D26F83    3934064    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HCBackup\hcpackage64.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-03-13 16:07:13    8B521873651E62EF5868DC7B339959DB    32768    ----a-w-    C:\Windows\SysWOW64\iernonce.dll
2014-03-13 16:07:13    4F8CCD3E7D9F17A7C60FA0AE2466CACF    381440    ----a-w-    C:\Windows\SysWOW64\wer.dll
2014-03-13 16:07:12    BD5E6C894130E7BB7ECE9A0925383068    2168320    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2014-03-13 16:07:12    A045DAE4D242A9A50FF6902774C55BE0    524288    ----a-w-    C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 16:07:12    7EDA015D4E74177A1B187326EDB14670    51200    ----a-w-    C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 16:07:12    70462E0A4E293FC80620AB945D8A59BB    17074688    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2014-03-13 16:07:12    0FF358906F2333B26267BC0064DC02C4    1156096    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2014-03-13 16:07:11    E84073A2F2D3A9448CA02F48B0360490    440832    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2014-03-13 16:07:11    E23497E11866154A97BA9877656113FE    1964032    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 16:07:11    B0CBC5A7D9278DCD5B230E1E50CCA5F6    61952    ----a-w-    C:\Windows\SysWOW64\iesetup.dll
2014-03-13 16:07:11    4831AA1A6A112ACCEE240C9D5FA2108B    11266048    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2014-03-13 16:07:11    2CF6CF90BF7FE0E616C363343FFA686B    553472    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 16:07:11    1CEE521E90703BB8A01211C77747E727    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 16:07:10    FC46FE32B043CA7251B1D707B91BA6A7    4244480    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2014-03-13 16:07:10    C8DBE0B5297FD85D7311E4791103517B    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 16:07:10    B61F47EB8CACBE09C8117E4FF7D9656D    164864    ----a-w-    C:\Windows\SysWOW64\msrating.dll
2014-03-13 16:07:10    AAFEAB4FC9D70253F8C7E353E879E8A2    1820160    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2014-03-13 16:07:10    5C207FABA707CE496E1E0A304925D1E5    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 16:07:10    4605E0295C8E742B28FD63D255322795    703488    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 16:06:44    B0BE998802DEDEE1FD8F5E5F9F207A30    509440    ----a-w-    C:\Windows\SysWOW64\qedit.dll
2014-03-13 16:06:44    A054EA8FBE16D4D34F06D81A4F0088E2    1230336    ----a-w-    C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-07 08:45:57    1C9B45E87528B8BB8CFA884EA0099A85    2106216    ----a-w-    C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-03-07 08:45:54    77F595DEE5FFACEA72B135B1FCE1312E    81768    ----a-w-    C:\Windows\SysWOW64\xinput1_3.dll
2014-03-07 07:45:33    02470B8CB92C619455756E930E53AD86    5012    ----a-w-    C:\Windows\SysWOW64\service.InstallState
2014-03-07 07:45:32    9450B18A8F86FAFFC765BD567B89F521    2012    ----a-w-    C:\Windows\SysWOW64\Outils.InstallState
2014-03-04 08:42:30    86E39E9161C3D930D93822F1563C280D    1998168    ----a-w-    C:\Windows\SysWOW64\D3DX9_43.dll
2014-03-02 21:11:20    32437F062060CF8DF6A0DB62A402E2FE    6656    ----a-w-    C:\Windows\SysWOW64\Outils.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\olepro32.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiumdva.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiumdag.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiu9pag.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\aticfx32.dll
2014-03-13 16:07:13    E918C0DE5CF2AE6BEDBF387C09627D93    3156480    ----a-w-    C:\Windows\Sysnative\win32k.sys
2014-03-13 16:07:13    76862AAF77C049EC20217FDC209F7F13    2765824    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2014-03-13 16:07:13    10B2786774CC43D835FE8303D1970874    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2014-03-13 16:07:13    1075AB2C077B415760C0E948856B5126    484864    ----a-w-    C:\Windows\Sysnative\wer.dll
2014-03-13 16:07:13    04F82965C09CBDF646B487E145060301    228864    ----a-w-    C:\Windows\Sysnative\wwansvc.dll
2014-03-13 16:07:11    F6BA9A0266DA93AFB8EA9BA12BF81367    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2014-03-13 16:07:11    E6ACA421DA3E50D7F0A31228F0C547B0    627200    ----a-w-    C:\Windows\Sysnative\msfeeds.dll
2014-03-13 16:07:11    BA0A21F761CE5001DF712C51BF11F953    1393664    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2014-03-13 16:07:11    8BA97E7747A53F80873431178889911A    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2014-03-13 16:07:11    0A5996995F33967A46E3D5A3D9F1433D    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2014-03-13 16:07:10    D378AB3C9178424588B55AC7B652D7F9    218624    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2014-03-13 16:07:10    B3DFA392735A5FBE2896BAB67950123A    2041856    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2014-03-13 16:07:10    8EA01E83528503D312224FC63D40BC2B    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2014-03-13 16:07:10    4F131DB206096854505AFEDD2153FD83    53760    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2014-03-13 16:07:09    D3CAA61DE060BC74B4EFC638679DFE7A    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2014-03-13 16:07:09    CF1C73DE1FADE3D3C44FCAF254F57DB2    5768704    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2014-03-13 16:07:09    A0B690402E33DC9C78F22CB41F4FDC09    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2014-03-13 16:07:09    9C5ADB26632D46919ABB231CF7DE98B9    13051904    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2014-03-13 16:07:09    8D46ACDFA065C423BED405702F075B54    708608    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2014-03-13 16:07:09    422106B7565350885D0930DFA5BA21A1    574976    ----a-w-    C:\Windows\Sysnative\ieui.dll
2014-03-13 16:07:08    E97FFE2D37F01DD8B52BE81E1B91A7C0    940032    ----a-w-    C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-03-13 16:07:08    DF79CE9B950C62677D232154E93A81C7    2334208    ----a-w-    C:\Windows\Sysnative\wininet.dll
2014-03-13 16:07:08    4E0709D9BB951AD1C22E4FF519B90839    23133696    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2014-03-13 16:07:08    48ED94DA88F65684B28FCD87C01288A7    817664    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2014-03-13 16:07:08    262B8883ECFD0C7CB303B56F9D9F210E    195584    ----a-w-    C:\Windows\Sysnative\msrating.dll
2014-03-13 16:06:44    AFCA5C1ECEAF948FC815178BC077680E    1424384    ----a-w-    C:\Windows\Sysnative\WindowsCodecs.dll
2014-03-13 16:06:44    2C619F6023E3F7A3ABF3475ED2223359    624128    ----a-w-    C:\Windows\Sysnative\qedit.dll
2014-03-07 12:34:57    4DA5DA193E0E4F86F6F8FD43EF25329A    1721576    ----a-w-    C:\Windows\Sysnative\WdfCoInstaller01009.dll
====== C:\Windows\Sysnative\drivers =====
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Windows\Sysnative\drivers\tmcomm.sys
2014-03-07 12:36:01    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_Kernel_xusb21_01009.Wdf
2014-03-07 12:36:01    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-03-07 12:34:57    9176C0822FAA649E45121875BE32F5D2    74960    ----a-w-    C:\Windows\Sysnative\drivers\xusb21.sys
2014-03-07 12:34:57    65ED1932BCFE5003389D65F6C3EF51C8    115272    ----a-w-    C:\Windows\Sysnative\drivers\MijXfilt.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-16 11:14:58    --------    d-----w-    C:\Program Files\trend micro
2014-02-15 07:50:25    --------    d-----w-    C:\Program Files\SmartFTP Client
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Sven\AppData\Roaming ======
2014-03-15 20:29:30    D6F8D5AA55DDF1164D20A29AF251E13D    952780    ----a-w-    C:\Users\Sven\AppData\Local\census.cache
2014-03-15 20:29:19    3F0A282D48831282D7B54D0A9CBE9D2E    179511    ----a-w-    C:\Users\Sven\AppData\Local\ars.cache
2014-03-15 20:12:09    9ABE8DCDA30C9F32504A798483A3AAB0    10    ----a-w-    C:\Users\Sven\AppData\Local\sponge.last.runtime.cache
2014-03-15 20:07:53    31891F3D8C94F454F5447F6A530D3945    36    ----a-w-    C:\Users\Sven\AppData\Local\housecall.guid.cache
2014-03-08 10:51:44    BE956E55DC53CA5BC840BB28EF89AD57    2292    ----a-w-    C:\Users\Sven\AppData\Local\html.html
2014-03-07 13:05:44    --------    d-----w-    C:\Users\Sven\AppData\Roaming\Origin
2014-03-07 12:34:50    --------    d-----w-    C:\Windows\SysNative\config\systemprofile\AppData\Local\Svchost
2014-03-07 12:34:30    A3E1AD03770EB5F76ABE8A793DD42307    886    ----a-w-    C:\Users\Sven\AppData\Local\web.html
2014-03-07 12:34:29    B6D743AAF091375B1FA90FCB8519B6DB    134    ----a-w-    C:\Users\Sven\AppData\Local\Links.go
2014-03-07 12:34:29    7C61B20B0AFE14BB8F7BD4CEB05CAE9A    6    ----a-w-    C:\Users\Sven\AppData\Local\Wait.Max
2014-03-07 12:34:28    AD61AB143223EFBC24C7D2583BE69251    2    ----a-w-    C:\Users\Sven\AppData\Local\Wait.Mini
2014-03-07 12:34:28    7CBBC409EC990F19C78C75BD1E06F215    2    ----a-w-    C:\Users\Sven\AppData\Local\Rand.Mini
2014-03-07 12:34:28    11F55435D2F89434B946E517B010ACFB    4    ----a-w-    C:\Users\Sven\AppData\Local\Rand.Max
2014-03-07 12:34:27    FBD7939D674997CDB4692D34DE8633C4    2    ----a-w-    C:\Users\Sven\AppData\Local\Selection.4
2014-03-07 12:34:27    F13A6BAD69EF616F7A2CA20DD2E41509    4    ----a-w-    C:\Users\Sven\AppData\Local\Selection.3
2014-03-07 12:34:26    D2DDEA18F00665CE8623E36BD4E3C7C5    2    ----a-w-    C:\Users\Sven\AppData\Local\Selection.1
2014-03-07 12:34:26    CFE0D813FA9726FE56C76E212599E634    4    ----a-w-    C:\Users\Sven\AppData\Local\Selection.2
2014-03-02 07:27:34    --------    d-----w-    C:\Users\Sven\AppData\Local\Skype
2014-02-15 07:55:33    --------    d-----w-    C:\Users\Sven\AppData\Local\SmartFTP
2014-02-15 07:50:38    --------    d-----w-    C:\Users\Sven\AppData\Roaming\SmartFTP
2014-02-15 07:50:13    --------    d-----w-    C:\Users\Sven\AppData\Local\SmartFTP Client 5.0 Setup
====== C:\Users\Sven ======
2014-03-16 11:13:58    662C39FC1E27131551D557862CEC47F0    935175    ----a-w-    C:\Users\Sven\Desktop\RSITx64.exe
2014-03-15 20:07:33    971429E53FB500ED81F5517D567E84CF    2467424    ----a-w-    C:\Users\Sven\Downloads\HousecallLauncher64.exe
2014-03-15 07:50:56    8C1787B048E19DC1205290C86EB28002    10170096    ----a-w-    C:\Users\Sven\Downloads\yet_another_cleaner.exe
2014-03-12 17:35:15    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-07 13:04:32    --------    d-----w-    C:\ProgramData\Origin
2014-03-07 13:03:33    B0D7A0F1AE849DA5B7692B282A594772    17009704    ----a-w-    C:\Users\Sven\Downloads\OriginThinSetup.exe
2014-03-07 10:48:28    --------    d-----w-    C:\ProgramData\Electronic Arts
2014-03-04 08:42:35    --------    d-----w-    C:\ProgramData\FLEXnet
2014-03-04 08:40:10    --------    d-----w-    C:\ProgramData\Downloaded Installations
2014-03-04 08:34:20    5F1F3C818A83BCEBB4EA4E925CD3DC7B    361907248    ----a-w-    C:\Users\Sven\Downloads\smart.exe
2014-02-15 07:50:27    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client

====== C: exe-files ==
2014-03-16 11:14:58    9A2347903D6EDB84C10F288BC0578C1C    388608    ----a-w-    C:\Program Files\trend micro\Sven.exe
2014-03-16 11:13:58    662C39FC1E27131551D557862CEC47F0    935175    ----a-w-    C:\Users\Sven\Desktop\RSITx64.exe
2014-03-15 20:31:17    E677174AA15D1B9D9E0B0F1C8DB8CC56    892120    ----a-w-    C:\Users\Sven\AppData\Local\Google\Update\Install\{A1D64E1A-8B61-4EC7-ADEA-0861A236F7D8}\33.0.1750.154_33.0.1750.146_chrome_updater.exe
2014-03-15 20:31:17    E677174AA15D1B9D9E0B0F1C8DB8CC56    892120    ----a-w-    C:\Users\Sven\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe
2014-03-15 20:08:04    4510F1A16CF796344066A92030D26F83    3934064    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HCBackup\hcpackage64.exe
2014-03-15 20:07:33    971429E53FB500ED81F5517D567E84CF    2467424    ----a-w-    C:\Users\Sven\Downloads\HousecallLauncher64.exe
2014-03-15 07:50:56    8C1787B048E19DC1205290C86EB28002    10170096    ----a-w-    C:\Users\Sven\Downloads\yet_another_cleaner.exe
2014-03-13 16:07:12    84BCBFB752B96543307E6602E669A95A    806104    ----a-w-    C:\Program Files\Internet Explorer\iexplore.exe
2014-03-13 16:07:12    3A3BEA53F039CE2E997A918E26E30B1D    808152    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-03-13 16:07:11    2A0FAE869BC99A460FEFD832F261DCC9    469504    ----a-w-    C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-03-13 16:07:10    D378AB3C9178424588B55AC7B652D7F9    218624    ----a-w-    C:\Windows\System32\ie4uinit.exe
2014-03-13 16:07:10    C8DBE0B5297FD85D7311E4791103517B    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 16:07:10    6254A3E46A65395BFFEB393938661738    482816    ----a-w-    C:\Program Files\Internet Explorer\ieinstal.exe
2014-03-13 16:07:09    D3CAA61DE060BC74B4EFC638679DFE7A    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-13 16:07:09    A0B690402E33DC9C78F22CB41F4FDC09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-13 16:07:08    E97FFE2D37F01DD8B52BE81E1B91A7C0    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
=== C: other files ==
2014-03-15 20:10:26    315D9A94EBEA810F19625D4B1694B7BF    1726592    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\tmase.zip
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Windows\System32\drivers\tmcomm.sys
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\Tmcomm.sys
2014-03-15 20:08:11    99559F8DE53EAC2C8DBC23595803A69D    46352    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HouseCall\TMEBC64.sys
2014-03-15 20:08:11    79B74E9ACE22021E5043CD6A9FBB0185    2583    ----a-w-    C:\Users\Sven\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip
2014-03-13 16:07:13    E918C0DE5CF2AE6BEDBF387C09627D93    3156480    ----a-w-    C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-478591212-1768384443-3597778759-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Spotify Web Helper"="C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Control Center"="C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Spotify Web Helper"="C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Sven\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"UnlockerAssistant"="\"C:\\Program Files (x86)\\Unlocker\\UnlockerAssistant.exe\""
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 07:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/04/2012 07:41]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/04/2012 07:41]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000Core.job --a------ C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe [25/05/2012 19:32]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000UA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000Core" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000UA" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C96C5904-6DD7-4F33-91A6-EC847D76C279}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Web Developer - %ProfilePath%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi

ProfilePath: C:\Users\Sven\AppData\Roaming\TomTom\HOME\Profiles\nfzyug5k.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098
95812430959AE88CDD0301AB3A71913B    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll -    Shockwave Flash
A9C86900D2A61728C8326FE7147617C5    - C:\Users\Sven\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll -    Google Update


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Sven\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Sven\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[]

YouTube - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGNI_nlBE480"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{806B279C-1738-440F-AFC4-F874C439DDEF} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7GGNI_nlBE480"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MS Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MS Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Wireless Card Service (ASWLCCSvc) - Unknown owner - C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Sven\AppData\Local\Mozilla\Firefox\Profiles\8fssuvem.default\Cache emptied successfully
C:\Users\Sven\AppData\Local\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=475 folders=72 16466969 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\LogMeInRemoteUser\AppData\Local\Temp emptied successfully
C:\Users\Sven\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Sven\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 16/03/2014 at 16:06:02,10 ======================

[kweezie wabbit]

Ik zie 2 virusscanners: AVG 2014 en Microsoft Security Essentials.

2 virusscanners kunnen je systeem vertragen en soms zelfs blokkeren.

Aangezien AVG beter scoort op de testen, stel ik voor om deze te behouden en Microsoft Security Essentials te verwijderen.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Start Zoek.exe nogmaals met het onderstaande script.

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  Java(TM) 6 Update 31 (64-bit);u
  ojpijjmpahflnipadmlpgbjmagmjchkk;chr
  standardsearch;
  autoclean; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[SvenVDB1]

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Sven on ma 17/03/2014 at 18:48:43,86.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sven\Desktop\zoek.exe [scan all users] [script inserted] 

==== Older Logs ======================

C:\zoek-results2014-03-16-150602.log    52920 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\Sven\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\2bf9f.msi" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8174 MB
CPU Info: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
CPU Speed: 3125,6 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output(Optical) | 
Realtek Digital Output (Realtek | 
Display Adapters: AMD Radeon HD 7700 Series | AMD Radeon HD 7700 Series | AMD Radeon HD 7700 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | ASUS 802.11n Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-5280S
Ports: COM1 LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  119,1GB | E:  1863,0GB
Hard Disks - Free: C:  8,2GB | E:  1356,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/05/10 | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: ASUSTeK Computer INC. P8H67
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Firefox    27.0.1
Internet Explorer Version: 11.0.9600.16521 
Mozilla Firefox version: 27.0.1 (x86 nl)
Google Chrome version: 33.0.1750.154
Adobe Reader version: 10.1.9.22
Sun Java version: 1.7.0_51 (32-bit) 
Sun Java version: 1.6.0_31 (64-bit) 
Flash Player version: 12.0.0.77

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Sven\AppData\Local\Temp ====
2014-03-17 17:47:18    F91749DF7427CB5D393D86BD663EF990    8864    ----a-w-    C:\Users\Sven\AppData\Local\Temp\{231F14D7-58E1-49CB-B673-4A25BF418BF2}\SetupRes.dll
2014-03-17 17:47:18    D68424A84A531FFA39FD8574AFBA9EE4    185664    ----a-w-    C:\Users\Sven\AppData\Local\Temp\{231F14D7-58E1-49CB-B673-4A25BF418BF2}\EppManifest.dll
2014-03-17 17:47:18    93812FDC01AA864195816CD814445F95    241984    ----a-w-    C:\Users\Sven\AppData\Local\Temp\{231F14D7-58E1-49CB-B673-4A25BF418BF2}\sqmapi.dll
2014-03-17 17:47:18    3BC6AD06BD534719C15B3D45F02EAB9A    1036800    ----a-w-    C:\Users\Sven\AppData\Local\Temp\{231F14D7-58E1-49CB-B673-4A25BF418BF2}\Setup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-03-13 16:07:13    8B521873651E62EF5868DC7B339959DB    32768    ----a-w-    C:\Windows\SysWOW64\iernonce.dll
2014-03-13 16:07:13    4F8CCD3E7D9F17A7C60FA0AE2466CACF    381440    ----a-w-    C:\Windows\SysWOW64\wer.dll
2014-03-13 16:07:12    BD5E6C894130E7BB7ECE9A0925383068    2168320    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2014-03-13 16:07:12    A045DAE4D242A9A50FF6902774C55BE0    524288    ----a-w-    C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 16:07:12    7EDA015D4E74177A1B187326EDB14670    51200    ----a-w-    C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 16:07:12    70462E0A4E293FC80620AB945D8A59BB    17074688    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2014-03-13 16:07:12    0FF358906F2333B26267BC0064DC02C4    1156096    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2014-03-13 16:07:11    E84073A2F2D3A9448CA02F48B0360490    440832    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2014-03-13 16:07:11    E23497E11866154A97BA9877656113FE    1964032    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 16:07:11    B0CBC5A7D9278DCD5B230E1E50CCA5F6    61952    ----a-w-    C:\Windows\SysWOW64\iesetup.dll
2014-03-13 16:07:11    4831AA1A6A112ACCEE240C9D5FA2108B    11266048    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2014-03-13 16:07:11    2CF6CF90BF7FE0E616C363343FFA686B    553472    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 16:07:11    1CEE521E90703BB8A01211C77747E727    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 16:07:10    FC46FE32B043CA7251B1D707B91BA6A7    4244480    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
2014-03-13 16:07:10    C8DBE0B5297FD85D7311E4791103517B    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 16:07:10    B61F47EB8CACBE09C8117E4FF7D9656D    164864    ----a-w-    C:\Windows\SysWOW64\msrating.dll
2014-03-13 16:07:10    AAFEAB4FC9D70253F8C7E353E879E8A2    1820160    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2014-03-13 16:07:10    5C207FABA707CE496E1E0A304925D1E5    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 16:07:10    4605E0295C8E742B28FD63D255322795    703488    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 16:06:44    B0BE998802DEDEE1FD8F5E5F9F207A30    509440    ----a-w-    C:\Windows\SysWOW64\qedit.dll
2014-03-13 16:06:44    A054EA8FBE16D4D34F06D81A4F0088E2    1230336    ----a-w-    C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-07 08:45:57    1C9B45E87528B8BB8CFA884EA0099A85    2106216    ----a-w-    C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-03-07 08:45:54    77F595DEE5FFACEA72B135B1FCE1312E    81768    ----a-w-    C:\Windows\SysWOW64\xinput1_3.dll
2014-03-07 07:45:33    02470B8CB92C619455756E930E53AD86    5012    ----a-w-    C:\Windows\SysWOW64\service.InstallState
2014-03-07 07:45:32    9450B18A8F86FAFFC765BD567B89F521    2012    ----a-w-    C:\Windows\SysWOW64\Outils.InstallState
2014-03-04 08:42:30    86E39E9161C3D930D93822F1563C280D    1998168    ----a-w-    C:\Windows\SysWOW64\D3DX9_43.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\olepro32.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiumdva.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiumdag.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\atiu9pag.dll
2014-03-15 20:21:27    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Windows\Sysnative\aticfx32.dll
2014-03-13 16:07:13    E918C0DE5CF2AE6BEDBF387C09627D93    3156480    ----a-w-    C:\Windows\Sysnative\win32k.sys
2014-03-13 16:07:13    76862AAF77C049EC20217FDC209F7F13    2765824    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2014-03-13 16:07:13    10B2786774CC43D835FE8303D1970874    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2014-03-13 16:07:13    1075AB2C077B415760C0E948856B5126    484864    ----a-w-    C:\Windows\Sysnative\wer.dll
2014-03-13 16:07:13    04F82965C09CBDF646B487E145060301    228864    ----a-w-    C:\Windows\Sysnative\wwansvc.dll
2014-03-13 16:07:11    F6BA9A0266DA93AFB8EA9BA12BF81367    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2014-03-13 16:07:11    E6ACA421DA3E50D7F0A31228F0C547B0    627200    ----a-w-    C:\Windows\Sysnative\msfeeds.dll
2014-03-13 16:07:11    BA0A21F761CE5001DF712C51BF11F953    1393664    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2014-03-13 16:07:11    8BA97E7747A53F80873431178889911A    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2014-03-13 16:07:11    0A5996995F33967A46E3D5A3D9F1433D    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2014-03-13 16:07:10    D378AB3C9178424588B55AC7B652D7F9    218624    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2014-03-13 16:07:10    B3DFA392735A5FBE2896BAB67950123A    2041856    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2014-03-13 16:07:10    8EA01E83528503D312224FC63D40BC2B    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2014-03-13 16:07:10    4F131DB206096854505AFEDD2153FD83    53760    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2014-03-13 16:07:09    D3CAA61DE060BC74B4EFC638679DFE7A    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2014-03-13 16:07:09    CF1C73DE1FADE3D3C44FCAF254F57DB2    5768704    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2014-03-13 16:07:09    A0B690402E33DC9C78F22CB41F4FDC09    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2014-03-13 16:07:09    9C5ADB26632D46919ABB231CF7DE98B9    13051904    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2014-03-13 16:07:09    8D46ACDFA065C423BED405702F075B54    708608    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2014-03-13 16:07:09    422106B7565350885D0930DFA5BA21A1    574976    ----a-w-    C:\Windows\Sysnative\ieui.dll
2014-03-13 16:07:08    E97FFE2D37F01DD8B52BE81E1B91A7C0    940032    ----a-w-    C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-03-13 16:07:08    DF79CE9B950C62677D232154E93A81C7    2334208    ----a-w-    C:\Windows\Sysnative\wininet.dll
2014-03-13 16:07:08    4E0709D9BB951AD1C22E4FF519B90839    23133696    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2014-03-13 16:07:08    48ED94DA88F65684B28FCD87C01288A7    817664    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2014-03-13 16:07:08    262B8883ECFD0C7CB303B56F9D9F210E    195584    ----a-w-    C:\Windows\Sysnative\msrating.dll
2014-03-13 16:06:44    AFCA5C1ECEAF948FC815178BC077680E    1424384    ----a-w-    C:\Windows\Sysnative\WindowsCodecs.dll
2014-03-13 16:06:44    2C619F6023E3F7A3ABF3475ED2223359    624128    ----a-w-    C:\Windows\Sysnative\qedit.dll
2014-03-07 12:34:57    4DA5DA193E0E4F86F6F8FD43EF25329A    1721576    ----a-w-    C:\Windows\Sysnative\WdfCoInstaller01009.dll
====== C:\Windows\Sysnative\drivers =====
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Windows\Sysnative\drivers\tmcomm.sys
2014-03-07 12:36:01    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_Kernel_xusb21_01009.Wdf
2014-03-07 12:36:01    D41D8CD98F00B204E9800998ECF8427E    0    ---ha-w-    C:\Windows\Sysnative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-03-07 12:34:57    9176C0822FAA649E45121875BE32F5D2    74960    ----a-w-    C:\Windows\Sysnative\drivers\xusb21.sys
2014-03-07 12:34:57    65ED1932BCFE5003389D65F6C3EF51C8    115272    ----a-w-    C:\Windows\Sysnative\drivers\MijXfilt.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-16 11:14:58    --------    d-----w-    C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Sven\AppData\Roaming ======
2014-03-16 14:56:49    --------    d-----w-    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-03-16 14:56:49    --------    d-----w-    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-03-16 14:56:49    --------    d-----w-    C:\Users\Sven\AppData\Local\Temp
2014-03-16 14:56:49    --------    d-----w-    C:\Users\Default\AppData\Local\Temp
2014-03-16 14:56:49    --------    d-----w-    C:\Users\Default User\AppData\Local\Temp
2014-03-15 20:29:30    D6F8D5AA55DDF1164D20A29AF251E13D    952780    ----a-w-    C:\Users\Sven\AppData\Local\census.cache
2014-03-15 20:29:19    3F0A282D48831282D7B54D0A9CBE9D2E    179511    ----a-w-    C:\Users\Sven\AppData\Local\ars.cache
2014-03-15 20:12:09    9ABE8DCDA30C9F32504A798483A3AAB0    10    ----a-w-    C:\Users\Sven\AppData\Local\sponge.last.runtime.cache
2014-03-15 20:07:53    31891F3D8C94F454F5447F6A530D3945    36    ----a-w-    C:\Users\Sven\AppData\Local\housecall.guid.cache
2014-03-08 10:51:44    BE956E55DC53CA5BC840BB28EF89AD57    2292    ----a-w-    C:\Users\Sven\AppData\Local\html.html
2014-03-07 13:05:44    --------    d-----w-    C:\Users\Sven\AppData\Roaming\Origin
2014-03-07 12:34:50    --------    d-----w-    C:\Windows\SysNative\config\systemprofile\AppData\Local\Svchost
2014-03-07 12:34:30    A3E1AD03770EB5F76ABE8A793DD42307    886    ----a-w-    C:\Users\Sven\AppData\Local\web.html
2014-03-07 12:34:29    B6D743AAF091375B1FA90FCB8519B6DB    134    ----a-w-    C:\Users\Sven\AppData\Local\Links.go
2014-03-07 12:34:29    7C61B20B0AFE14BB8F7BD4CEB05CAE9A    6    ----a-w-    C:\Users\Sven\AppData\Local\Wait.Max
2014-03-07 12:34:28    AD61AB143223EFBC24C7D2583BE69251    2    ----a-w-    C:\Users\Sven\AppData\Local\Wait.Mini
2014-03-07 12:34:28    7CBBC409EC990F19C78C75BD1E06F215    2    ----a-w-    C:\Users\Sven\AppData\Local\Rand.Mini
2014-03-07 12:34:28    11F55435D2F89434B946E517B010ACFB    4    ----a-w-    C:\Users\Sven\AppData\Local\Rand.Max
2014-03-07 12:34:27    FBD7939D674997CDB4692D34DE8633C4    2    ----a-w-    C:\Users\Sven\AppData\Local\Selection.4
2014-03-07 12:34:27    F13A6BAD69EF616F7A2CA20DD2E41509    4    ----a-w-    C:\Users\Sven\AppData\Local\Selection.3
2014-03-07 12:34:26    D2DDEA18F00665CE8623E36BD4E3C7C5    2    ----a-w-    C:\Users\Sven\AppData\Local\Selection.1
2014-03-07 12:34:26    CFE0D813FA9726FE56C76E212599E634    4    ----a-w-    C:\Users\Sven\AppData\Local\Selection.2
2014-03-02 07:27:34    --------    d-----w-    C:\Users\Sven\AppData\Local\Skype
====== C:\Users\Sven ======
2014-03-16 15:06:05    --------    d-----w-    C:\ProgramData\Ralink
2014-03-15 20:07:33    971429E53FB500ED81F5517D567E84CF    2467424    ----a-w-    C:\Users\Sven\Downloads\HousecallLauncher64.exe
2014-03-15 07:50:56    8C1787B048E19DC1205290C86EB28002    10170096    ----a-w-    C:\Users\Sven\Downloads\yet_another_cleaner.exe
2014-03-12 17:35:15    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-07 13:04:32    --------    d-----w-    C:\ProgramData\Origin
2014-03-07 13:03:33    B0D7A0F1AE849DA5B7692B282A594772    17009704    ----a-w-    C:\Users\Sven\Downloads\OriginThinSetup.exe
2014-03-07 10:48:28    --------    d-----w-    C:\ProgramData\Electronic Arts
2014-03-04 08:42:35    --------    d-----w-    C:\ProgramData\FLEXnet
2014-03-04 08:40:10    --------    d-----w-    C:\ProgramData\Downloaded Installations
2014-03-04 08:34:20    5F1F3C818A83BCEBB4EA4E925CD3DC7B    361907248    ----a-w-    C:\Users\Sven\Downloads\smart.exe

====== C: exe-files ==
2014-03-17 17:47:18    3BC6AD06BD534719C15B3D45F02EAB9A    1036800    ----a-w-    C:\Users\Sven\AppData\Local\Temp\{231F14D7-58E1-49CB-B673-4A25BF418BF2}\Setup.exe
2014-03-16 15:30:57    B3E2F3C3E6A9373DA238922662B7B59C    36838104    ----a-w-    C:\Users\Sven\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_chrome_installer.exe
2014-03-16 11:14:58    9A2347903D6EDB84C10F288BC0578C1C    388608    ----a-w-    C:\Program Files\trend micro\Sven.exe
2014-03-15 20:31:17    E677174AA15D1B9D9E0B0F1C8DB8CC56    892120    ----a-w-    C:\Users\Sven\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe
2014-03-15 20:07:33    971429E53FB500ED81F5517D567E84CF    2467424    ----a-w-    C:\Users\Sven\Downloads\HousecallLauncher64.exe
2014-03-15 07:50:56    8C1787B048E19DC1205290C86EB28002    10170096    ----a-w-    C:\Users\Sven\Downloads\yet_another_cleaner.exe
2014-03-13 16:07:12    84BCBFB752B96543307E6602E669A95A    806104    ----a-w-    C:\Program Files\Internet Explorer\iexplore.exe
2014-03-13 16:07:12    3A3BEA53F039CE2E997A918E26E30B1D    808152    ----a-w-    C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-03-13 16:07:11    2A0FAE869BC99A460FEFD832F261DCC9    469504    ----a-w-    C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-03-13 16:07:10    D378AB3C9178424588B55AC7B652D7F9    218624    ----a-w-    C:\Windows\System32\ie4uinit.exe
2014-03-13 16:07:10    C8DBE0B5297FD85D7311E4791103517B    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 16:07:10    6254A3E46A65395BFFEB393938661738    482816    ----a-w-    C:\Program Files\Internet Explorer\ieinstal.exe
2014-03-13 16:07:09    D3CAA61DE060BC74B4EFC638679DFE7A    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-13 16:07:09    A0B690402E33DC9C78F22CB41F4FDC09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-13 16:07:08    E97FFE2D37F01DD8B52BE81E1B91A7C0    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
=== C: other files ==
2014-03-15 20:08:11    A7CF9B841956293F20E25E08D53718D6    175528    ----a-w-    C:\Windows\System32\drivers\tmcomm.sys
2014-03-13 16:07:13    E918C0DE5CF2AE6BEDBF387C09627D93    3156480    ----a-w-    C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-478591212-1768384443-3597778759-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Spotify Web Helper"="C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Control Center"="C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Spotify Web Helper"="C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Sven\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"UnlockerAssistant"="\"C:\\Program Files (x86)\\Unlocker\\UnlockerAssistant.exe\""
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 07:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/04/2012 07:41]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/04/2012 07:41]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000Core.job --a------ C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe [25/05/2012 19:32]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000UA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000Core" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-478591212-1768384443-3597778759-1000UA" [C:\Users\Sven\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C96C5904-6DD7-4F33-91A6-EC847D76C279}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Web Developer - %ProfilePath%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi

ProfilePath: C:\Users\Sven\AppData\Roaming\TomTom\HOME\Profiles\nfzyug5k.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098
95812430959AE88CDD0301AB3A71913B    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll -    Shockwave Flash
A9C86900D2A61728C8326FE7147617C5    - C:\Users\Sven\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll -    Google Update


==== Chrome Look ======================

YouTube - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{806B279C-1738-440F-AFC4-F874C439DDEF}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google  Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGNI_nlBE480"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{806B279C-1738-440F-AFC4-F874C439DDEF} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}&rlz=1I7GGNI_nlBE480"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140613FF deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416031FF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF268140613FF deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MS Office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MS Office 2007\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Wireless Card Service (ASWLCCSvc) - Unknown owner - C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2TC1RK0M will be deleted at reboot
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3FL1MSR will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Sven\AppData\Local\Mozilla\Firefox\Profiles\8fssuvem.default\Cache emptied successfully
C:\Users\Sven\AppData\Local\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=476 folders=72 17375844 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\LogMeInRemoteUser\AppData\Local\Temp emptied successfully
C:\Users\Sven\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Sven\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2TC1RK0M" not found
"C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3FL1MSR" not found

==== EOF on ma 17/03/2014 at 19:01:09,98 ======================

[kweezie wabbit]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[SvenVDB1]

# AdwCleaner v3.022 - Report created 18/03/2014 at 20:05:12
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sven - PC-SVEN
# Running from : C:\Users\Sven\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_utorrent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_utorrent_RASMANCS
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (nl)

[ File : C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\er2hnot4.default-1354103847098\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2196 octets] - [18/03/2014 18:57:57]
AdwCleaner[s0].txt - [2017 octets] - [18/03/2014 20:05:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2077 octets] ##########

[kweezie wabbit]

En hoe staat het nu met de reclameboodschappen?