ongewenste reclame

zicky · 4 januari 2015

hallo, ik heb windows 7. Sinds ik een programma downloade om van youtube naar mp3 te gaan, begon de miserie. Ik heb nu rsit 64 gedaan. Nu krijg ik dit. Kan iemand me helpen. Ik krijg altijd reclame overal bij. Groetjes

ï»¿Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricky at 2015-01-04 16:03:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 351 GB (83%) free of 425 GB
Total RAM: 8086 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:04:00, on 4/01/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\PHotkey\HCSynApi.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\program files (x86)\cinplus-2.4cv04.01\cinplus-2.4cv04.01-bg.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Ricky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: e62a1271b6524ab3b4f60ca546d3b4d20065781 - {11111111-1111-1111-1111-110611571181} - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho.dll
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
O4 - Startup: Dropbox.lnk = Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13982 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-dd3b-ba7cb7d38e59 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\PHotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\PHotkey\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\PHotkey\PHotkey.exe"
"C:\Program Files (x86)\PHotkey\MsgTranAgt.exe"
"C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
taskeng.exe {505A35D9-3495-47B9-97A1-7DF06B4C4C97}
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
ctfmon.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4860
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F300 Series#1374524743" -Startup
HCSynApi.exe
"C:\Program Files (x86)\PHotkey\PVDesktop.exe"
"C:\Program Files (x86)\PHotkey\PVDAgent.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\PHotkey\POSD.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7672 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\program files (x86)\cinplus-2.4cv04.01\cinplus-2.4cv04.01-bg.exe" /createbg
C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe -Embedding

taskeng.exe {0D654C1C-BFF0-4557-9666-6CCDDDC7C23D}
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7672 CREDAT:660829 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2385261912-2066926694-2415297712-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2385261912-2066926694-2415297712-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QXV46ERR\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-1.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-codedownloader.exe# /rawdata=bf97Mc7yPm9PSryoDo4QGgBg1luNTgke2w7A94DuBDdpJ2YYeumkGvCW5bifylVON32wCaMkjcQSxaYXF9BACK1TAznB2g2HBj27SgDCzmV3lbN64YXSBOqIfBemROAgQSb7fBHB+0WCAi4knkrjQJT4vxtold5oQOidjI3jYuWBh3JkKsNaGXGaXqSQVBaLBN5uBeUf8Z+0wfl3FHzU+6LdUQpOBGUB093Znc93fPa6vXyw9mbbL5sSMR3GWjRXI/w2OBZpxAqUSe7UDOEaVuPSfGAguldsbO/CIe7Cx5C4TOfSG9pVKffFQt3G7Y91pUHQ86eMfSI8rNYLz282qFlbyaTINwfSMyAb2Pu8wvMK4UfBY6gJbyU6LBaAHcD/8k51qYn8Ex5febeZw/PwyQHpLSxiQtSVjvf+jaxyVZaUHRFU8d6Sat8B6rMoJNjypE/LOVg3Iy2+ojsE/Ce7gpdayNJWGYTL6EuBFE+dVN1P1RiDhRb5CSuZdNrCU+iore1NBTVZjromxi6naIzR522exwJfN11kqjt7QZOWykCGD/aPGniCv/EwykHNDJL9+uMvbYbWSlNvhJQZOqbhaWVEPtPaEiWSdLzlmx1K1MvyRdwtjuGkjIYiMGoW9/iZWrzg+u74yL+xh6bVjwUvhMa1rJ6r0wSRXT1rGKxEMrMP3elAgAPM+16O5poXmrfGRtgZ009PatrPtb1mKUcIVna7fwjuWPVrvz/SrENadWi93qajY/j1OvIX4BWxFgie7mNtF360T7NBBSv4CY2YtDysvz7dpMBMM156ZZ8RO7SdN8pEXwTv++fXgernGts01jSnx+A8LpZFoMIi6MhkwxOVIbF//YGsWxt+oeQDOf4nUUWJgjppHu+wk/rxokNDkwYQq5hDLWteq2Ig7UykZ3Zk2SV+suy1HuLC3HQDdxfMoq1ApzzKIUadlnFzo7a5hhJ12riv/A2/sXBVlMS+2uePvNjI4GSxEaOXtOnRhvvKCRfHkIg70kd4Ehmjf6HHVgtmusMRpbeQU3WNoMoTOZ0JThMZJ6ankHXj/+7O1AhV9/mMFvHEZTp1dPsUEbbQqE1eQs3gFYx0bNj+D8ByQcdzIw01DO6AedWlg+ZDgClRggGzvbWayUYehYTGyJEBAORCPOv7z4FpZ1Sye0MrVof7nks3YLSWDkbNmTQseCzEZI1v8z2nQDWuO5sqAJYMTnJQj1vIxwBdAdIGNRDmXJwce5RCn/Q8hqdA7W9UT9p6f8qP2e/Nx9WhXd2msx5MiYyt1Fuj9Qfo+AIte0Yp4FtefLWDx7uGGYYQrcJvNO4zAYLauJUfiDeVBSz/cpIEqc14OsXNf3LLqCwPrfmB0J1DtlAFXuGKYWk9KJEv7aS3kSAzV5JUD7/fsuFWkJN410bEoLhFRSxP/UO8zhJX8xz+SLHLo4yBcb4cerPqwf9wAKlMOwQIRYL7uVS85EPR8MNnt9czj6e76Vt07uMaHzKpHgoLwHcSDgXNXXlUTkcexyWtzlQSix81s8Dlytl6#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-2.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-2.exe# /rawdata=Xrj4hUtodUNF57r4hVzJCSnxUrr1MA7KjB5ALtpUs6W5FeOGoaB2t2m2S17se0aMHujfSA+kzszyTu7KjApu04EAusvLjj5wFe3k19T3XViise5dXlF8vV9trh7veXtfzsgARLG0dAELHGO7ZG5/6peVFJBnx5JtUpbIHFc7yA9z/CoNNoNol5R3qBFjvphbMAMyZEuj9lPIDeVGtA6EXN+qYrcHSIU/nsuysJhBXCSJ28QoIARxKex497Zm0uXhojUnKG17jpl8Y1rx+vAD6nyUEJoXUTUqfWlGXjybSUADT9XBDnO5ZkeOEdlVch559zB1OkSRZDvVLR75Gz6ldyJG9zOvtnIhHbZCA3qhe2CuHvQ9dhiELKZdCQ2PCsNCPnDjruUsHWKuSplwXHDWw9nV2SekPtZdvbO9RUxz+ZkESoSEeBewtsskHqg1oLEtK/h8dzzUyqZHvRJiUgxd18lsMUs91v2OBCUx1w/hLWn2nqfXGEZB7Ml+yJqmQAajlWHDUhdcojZXn1Tp8UN2lDIUz/CyjRP+rPjth26BuFUrQYAZsTvuc5QeLBPYh7NV2INA5Pp++Slb3oATOcCq+HErptWm7oZa1WiW9NvLvSBviX/4dhemvHz0bTxQSrzI5uu9yk2N9q7S66laR0bbE4B6hnFOyiz9Hv1Q/OA+luTFrw9Yp2mMs4dCQm9BJrUgDBGBVBNmuGAhKMk7kIQFdlTfO/2Rh1IDNnC5+vjk59povQy7DgOPqNhSWxGaitMqNxS9l7QfnmbIcuHvJ27ZiNtomeOZ1cZ+ogW5sBH92McyHfxeA9+sDgB04PzsR3sNzqx8LJeDlrRuMmbMxCSUJg==#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-3.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-3.exe# /rawdata=aZLEepZDqeAIeK7QgZRnirp9xBwnzeeSXnZKOcYo1vyULsUcaPWCoJvy2Lh9UuAB5UC/GUb7/rMD7/SnXTum5EEcblrtNngTofibISgbXI64oiEuCO4mTGEmDXI8qGlHg/1jSYNuosifPZl2CXjHe5XmudAmzosX8U+xsQnmuGAnjEltHBsHXGBxw4TF/rDchy4Z2Ovd4MIHXxGOr4gczdXSPfN1GvPrjerW4U9FdbmOWYgjAiKU6GR8aoiTTD4Ft0zJBkgYWqm/yU/JOKY/vzVoTDfCEV70WwxqdfcKqSvjT1vfYkabnCR7HsXP2LFMknq1K12w1Bes1fUmKO5kRR7VDnthTcXORMgyce9/ngSzqFoPANGjE3Na/DfyTBAf6bDMMxXOhwYA9jWLZd+8P/hx/E0dwYTtEs8bBG5tuK715By1PKZFzSWNTMQf6x4yYISN543usDHBepONZhibCx9rARUv8ToWqjsTqxkoNLjuDFThYFLQDmLs5Y/pA3qYKwj4ft671Plnav1sfCPJggFxhVDiKiqwKOfSZC6fts9Zss76aJIfygAzCpH8oGfK9jJYlfuSV/tDHtizU79uOCyzzjabQTSEhh1kZZLOV6YZE7R1++srGNHNpvdCiQB949lcN5DCEryUdPt9QWa7LHIVnTMsd5pj7/4m1rDYL6qQKgnXLMTeMt63BhkAZ5h2sTWFp1j3yVnNaS85NYR1P6/VnRZRcGCt9+Qk5QGYBbf88jIkhNd8vh0fc0lzLh+5oGb4sR7Xx1lPc4tT8AZF+51BCgQKh4eugUCYXKejcLQk0LbPrjbGvGsx56RU7RFrbCu9mjBU31b1ynsU2jbXOg7CSqDF3XEs1JuQlxwQjE6XyKxx+jpqDx91OHluz3/H/EEwNFapAhGfdU03u7al06dVOf+2gx7BtHpVRUZc0QfZxewpbC7TFCWfgw8WOrzfcs9E4/iD4T/pA7FBs+s/RXl7O0xwb0Z8aB4rxwi6XFF7ZG+hG/7hwnlfztDtEvw/nXo/YL/LxBT4EYmg/9a1DEci/39MIje0pWwOyNQnOgwmguoWhSf3uFiubiQcfGHuMJLcj10NURGK8aUprP3+bw8N174U9AeJP0eooAPbKvfxo2wlXrNWsvR89hGapY4z/zThf4iudMWuLiSF7VMPL7xNPTv5WzbU6wjA63Cs1YR0oiufpaWQb5VuQJCzchKaVU3zfEd5NtnIvsRJavcUmYvpvbJle9g44H41PZ2mVCuxaoRqNJ5kO1+tH4VcADzLojwBKL0DH08qorz2+/lOv1TrVzLSz885IRHrZOmHyt99FDq2wuSOf9RY8LsPaSsm5JGumEFkAseuj/AWVdHeEGJ8WQOBusCJjZFg4Xup2MYLSHlczRg9np0l3w4hIhVYJlBFx2Uy0kRL38wupliRDRExGE/9K1EN5jDLX5eQ5O9Ch8EQuTs8rglxqQkQWn5hx2DFkq/8+tNsGVw2wcqJVfmRnbS+gV7JdaMXgE95zhAOWAYMUXeHsISLLmry2bT7ilGGiN0rhR/bC9rH9onQH98whzOdk5dd8N5oBQA+8W956UwpMWXlXLhwt2fp1Nuf6g3O5DLcF2xJhFolpt/wb29uE09LlR/0AI/KNKbjYx8hWyVxHO3ITfTPowtuYJOUNNBslgVCi8hF3EHfzwQ8mA3pz5VqvS2zeQ832oKOa0lHCUaSE06nit9jSdv1IwpKK0fHGHwPWOL7XK3r7o3GM/JQMHwfFipcg7UtRo9t74tykrJCrW5wxIC++FG8Q2jeahEUzlscj6RXCks9SDhWUvblkM92R1fHg6TYZdiZlYyBLAP3Vquz9g+pcivassH9m/8fi1aCKfv4hAZ/jl/PW5cSLvMcXjZdVqup9oU9hxJgEs6pNxFNuzlyNsMQrD11Sjd+Xp7a9qoiO+v7/XoaJAkxWrGReVc0o5hRfCtyI/m3DO6wIuvzfQPPSOr/3soaxGgebOiBAdcYe+v595easdoqa49ugPwvf0cR7HEjchhC/o9wBq9ceZjm2ltFgPiP#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-5.exe# /rawdata=cTVdxtz6mBofEF2/ns5JLb4JzjvHHgOWhzP6pf2U0GvPlikwEOk7WXhSv0UfmMSuN+kKjGR3+3vNxuxZYcSScvJax70XJtpzMoj27eXEvnuRfOGcShaQ7z8qFpALZvXAue5oLxTp20CYpFIVfJuVperqTv7/6xBHa1Wm1l9VRCSTETVue0NgDqo0IIc5zUEOlMKaNC0c4kGAWTucn5FwH+KFMCmk8nP3h5D4VL6fc/FGKRzYO7kaIGsDHIcy8MYSZh2Rk8R8K7Gn2zseCn3QGFFrhJReq9XeF7XX9SJ2whdUH2UReVP4POS5X8ISDzH2keNQY2qkEXe8uLfi/7az5XtZl7zrUHNabsC0+DUN6oNe/hggrWT/0tyK8/guxuAJbddFnQvvqDYr3xY9+EPDus4SE0L0Ejbi2sNQUg3m1g09bHWf0OHKRT48k+nos8kgg4BNxZyf4u7Ta2ehwJl6ghjSdEHSu3+cWygCwPDbcg8XDcanHKjLBFk3NwQ6Nawrj7QeH6dserEM3l+NZnE/2NyRTVpD4w5lvKKVJK6KyvhE5Ic1MorzPTEM/97v813h3ehlT7kmUGUzddyZqNV0NOo2InneLwx9NwRKKmlNoq8XJyqVCkXSRc4DY7TV3iavZc7aLWxWfPTgDiGgPZAkQQqOsKW1uu0rJKbQy8PvyAFUMSTPAicpEKMTsh0ZAfsV9GJNTcJA2GLJCq7++QMRIYbbpR2URhtQRfwou1UEPeUjn3XeBAFez9smoR2zw3NJDPB1BpVPLDaePx7EZpkxok4ztOK/OjJ469KZn/udWLHjz46rvMS59GAA7tKxhIGDLrhA7z7NdGHrJp5tCZOlS183V1LE1PEIXWmfjdSm/ETq9fxAN61mInrJ203Mg+PI+qLpyOVADNdbr179hn5npIaoPivcFBQfTZSpV8ZeuUqv9dyfvzVI1Bukl7gQUWn6vcsyvVx0gkBMp2xuT9zcX3iOdoRoB8OWqMngIY6Q21cbkb70Oo5dVhHGR1eThuWC#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5_user.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-5.exe# /rawdata=cTVdxtz6mBofEF2/ns5JLb4JzjvHHgOWhzP6pf2U0GvPlikwEOk7WXhSv0UfmMSuN+kKjGR3+3vNxuxZYcSScvJax70XJtpzMoj27eXEvnuRfOGcShaQ7z8qFpALZvXAue5oLxTp20CYpFIVfJuVperqTv7/6xBHa1Wm1l9VRCSTETVue0NgDqo0IIc5zUEOlMKaNC0c4kGAWTucn5FwH+KFMCmk8nP3h5D4VL6fc/FGKRzYO7kaIGsDHIcy8MYSZh2Rk8R8K7Gn2zseCn3QGFFrhJReq9XeF7XX9SJ2whdUH2UReVP4POS5X8ISDzH2keNQY2qkEXe8uLfi/7az5XtZl7zrUHNabsC0+DUN6oNe/hggrWT/0tyK8/guxuAJbddFnQvvqDYr3xY9+EPDus4SE0L0Ejbi2sNQUg3m1g09bHWf0OHKRT48k+nos8kgg4BNxZyf4u7Ta2ehwJl6ghjSdEHSu3+cWygCwPDbcg8XDcanHKjLBFk3NwQ6Nawrj7QeH6dserEM3l+NZnE/2NyRTVpD4w5lvKKVJK6KyvhE5Ic1MorzPTEM/97v813h3ehlT7kmUGUzddyZqNV0NOo2InneLwx9NwRKKmlNoq8XJyqVCkXSRc4DY7TV3iavZc7aLWxWfPTgDiGgPZAkQQqOsKW1uu0rJKbQy8PvyAFUMSTPAicpEKMTsh0ZAfsV9GJNTcJA2GLJCq7++QMRIYbbpR2URhtQRfwou1UEPeUjn3XeBAFez9smoR2zw3NJDPB1BpVPLDaePx7EZpkxok4ztOK/OjJ469KZn/udWLHjz46rvMS59GAA7tKxhIGDLrhA7z7NdGHrJp5tCZOlSzdtJXZ5a8Tm0yikeM5SpW+7HavwLuagYK57rBlir2EonrHNJd1Zb+RBK6cTofNBEoGZ9tPwJcxRrU9pKlkJ5nSXK7NnhiQOByrseFDSIx4e33xm+K/y4urzsxwSkAZ5FV6OAzqeRnVd35uPci2PRAe4uE4zppQkWlUkus9oa0QT#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-6.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-6.exe# /rawdata=MraXtmNZJ87RB1KZWEPBKR6xBESXmUKattL2/RQwFQatKkzb20K1j2FWXRnk1zJws+ZGYBJXHj8oaJ6zd5z+hMK1o6T1jP9B4eOuX5aljnnWTX9ckHgrSF2eztIjoApKJeMITnTbJ37jD5pbQGs53Adi0Q/Exshks/V/DBktNjlQyXFSIJppUa9qYIFpMs1xNi8eue4MeUlbjuONIuSeLkmUXRbd1VnEBXkvEPYKZPQIZofmZV/rGSU/FJiFeu0wtvPLnoTcup/WFfYifuzKd3CEWIIwQ12Q+UbHHzmMeHiyXCmhWJ48yxgVR0z7Wr/qR+OPrvVmtmfszoNnJmemwD+f38bs5YovnGY4W6kcT3jYG/izcLZfojizn138Jw8caENs07Vn0/GUCXGrzedY27RDuTA7ZW29lza2RjGV6o0OwtrS3V+1C0a8Nr1H6a0wMuLlUYJvWLfv02pSPmWALKUR/sPgHupe6EOL51OQA5uuZA/AuosY9JRhbWqM6/2bEl15Nu+OuUrGY16tNBLh2KMEexuSla6xatmJZAyKjLTgWCKmSaP0WcUgABLuFOvzwPUUxAVvEW7soKPx6top7T9JHZvzUhsu/UbhJ660LLy1/7EoJ6coD5hq1rgF9mAumvtBRjhxra/gblTfM2mQ3698pOzoAtMFY3WaVD9BSb2Re1CtTWMLj1/IOjq1pxmv/cx6vpjY/HjNJ+00CYKiy/mKKTViiwndFIbb3Nj8YCrJlsoWxg8612m7L+4HHZLlytEq75rKDA3GUn4CEaiUlgMUwDV7S7viu2w/9UPFxVuWfPVq9hLFWIgcS1yi8mkhlA0ZNB2pBgIya5Mc3M47p0189n4qkJ2glTo0b0TozucdEqnhzO7Ckjf2hxBy+A+36ZyqibbMwrQq5nDMNi4mkq068pWMUGTpLq2sPOFafd42FYqL1mZlYyT6jm0ttYvXF10u/T+b+oDzygNSnMST0N7lQWw/VPcTMYhZ1KZV0iJc7V5ZHQ78guR6YWwb38VsQstG8akKExEDRK3iYQ+zu2YSZkbVKfURVFlKrUuwIj7ihLVG5s6vqoJ+9IeKsVDeOpWEaSdz9dPFWDmQOBd7XdXM3cavEvAEJUIJwp4n2g2FUZDI6qvPtbW8bjlnkCuYs/7NLT+0Qj+MSasPSVQamGjPTVLSdQsjcIgxO3siQkkoeZOObFdr1RbpkYnbQL84B8AGkOJWR+IWnaqOKmxmNdGWhQ1CYkefOZeohKyKQ8bJ6wnaHakyfV+yPUz9UInZQzOBkw8pnveDTae4dXhb09jyRD06SCjD6fQqkd3eDSWRxn/RFKgHrDp/0XTllEhhbfw9U7jkQ/r/59C/pvG81lNtb1sToB95exw0jQ6MV98LaoXRipa3OyN5FgoD4TioA3peGCbaNjiBfendahDXdl1E7MM/kEwg+xnQpCjMqoJZFCpSnpUc1u+S0OuYEev1JA3qMGpDpzxmTqYbCtp/F4yaPjTNAgODsu+LFn96PsAowoKDGeQcM4wm+36R190tcXkf2Zqw5ah6sXU4boJW9Ys39Ss/UNpuxuW6jFv9qIzIWKV9Zu4ik8T6ei3o9p95Ylg/ME0VfyqrOwDjqH9o9w6QHjQJOV1XK5F0OhEEgbB3Rw3ghmnGiH8ttLNlXuMFUtc7CxJ1Z9nXwZEKTehBJJ5jy2mHlHxXf/EpPSFf+zJVj/w/yoQKTuZ+6cyf91v1y41GLeNjWieeytKezPGEQCkBOFlz9aL5Q9H08kK/iEZTI2TAXSO8DJ7NSddEvzvoaWDODyds8p0Wmtuc1Oy9FDoSBezQqOtDeCwLwZc1yCM+N4LT2aMhGYLSea0BpZ8X74vNUB829jhLLTXvhsT+QBOVIbF//YGsWxt+oeQDOf4nUUWJgjppHu+wk/rxokNDkwYQq5hDLWteq2Ig7UykZ3Zk2SV+suy1HuLC3HQDdxfMoq1ApzzKIUadlnFzo7a5hhJ12riv/A2/sXBVlMS+2uePvNjI4GSxEaOXtOnRhvvKCRfHkIg70kd4Ehmjf6HHVgtmusMRpbeQU3WNoMoTOZ0JThMZJ6ankHXj/+7O1AhV9/mMFvHEZTp1dPsUEbbQqE1eQs3gFYx0bNj+D8ByQcdzIw01DO6AedWlg+ZDgClRggGzvbWayUYehYTGyJEBAORCPOv7z4FpZ1Sye0MrVof7nks3YLSWDkbNmTQseCwR4th0c7VlWBEcO7XeYQUSxSzg2PoCn5jWAIAkzVXJolzrCJ3rtmgh8nKsrAkSEG70TEVnumo5pYzLdWzJiLFXHoL3Vu+TSgS3jTvlScXdRYAsJ9/alkh52gYqE/2axNBMEYsBQOtgWnwD4f0PuELai2a0kBNHOeuRxrRHf+2gGDkyzeNG/1khWGlyKJa0UMQt+skQ6P1nhgoeVgwXnxqq/NxbrFes4lBrACasqKievl4jJM9AoQjNBmjBjJleNaZybfQnV3A/+jevOrKsLR26/PfPXu5wujwVx9XWw9LAGv8VTOLse/HXJcaksA3QgZ5rS1o1FfxzaZswYUFPSH6F#
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-7.job - C:\Program Files (x86)\CinPlus-2.4cV04.01\a64f897a-243b-430d-a2bc-4a99fd69d319-7.exe# /rawdata=e1iJnC4WoGST5ZHQuWRDnL5rnlUowbVXJLwf6V4nPaTTh9+uA4u72KrIzCCqfcR70SYsUjhaRBbKvo7b0cRAnhfdOrBLNrTNp7r1z1fJTB82E24lhaRPKxUPX1dFaDcEfheGjTOt0J3CXvmn9Ur1vjd8N9T9YnfgxJApYMPJ5cVfgb6xdkAU42vDSrSAS9uC1CmVrJMZGX1KIoZCSEYEtp9KTf358hsUEphTAV6ZbGMgdFlDvI1Iv+EVsDtIgcGym0HxRFU1Tvql60kaY8d9EFpYWI+g2o9YHu68uaCUcT5DMmp422lTkKSa876vnojNmPO0xnoOV/3uYaMtNjSkrouT/1cxMy0QXjjsgf7eT4CbzZSPDZOWtsqcx+VpidZI/ibcKjRwnKAhrgcAD0D+h8dhm2grZiIEpUIAwK9Qf3brfebeuaziYHmbPHsUndVWai7aeMVOQ4K8BzkUl93P1R8Z8qPUDAvlQvzmlrbjdXgWNVAPmTMbxUWqMa14PpYDbI9WPocTgIHT04VBBcr0eT7WmOEuYVauZZsR9opLcXQIsof3LEDS44l92Jsl/2ddzl9m+PA0/HSWwtg+jMsuZHPuwtxztaFvG71tV15BdLoy6pPS5Mn2q/ZkFWAXZWFjQqv+TeW8DBjFVDU7rcDdwrwl6Nvan/C4WQc3mkGBUuhouSCIh3yyLfLL6J4zSwMBy/J3h0zrH8FoW/3YNPgTL0SppVHeqM3ANnpfaf6S3OXggMBjygyWattVsqN+QTzyu9ECtGxztEggjvJcbCKlssEpr/4bVyZkl+etv6xP3nwsVof0zq7V3l9jxgAgr/IKXC49lHvFDUfikXt5ommk7YUNP19VYD7ZkZ47HV76fGSczq7MiTlZFVq1y+ySy55wdfC3+X+0negE5X5du+KlvRig0Bm/CDJmBoy4iNyEhyNUF3or6BPtEKzTecUCpr8m0aX547q1BkIMbb79bUQW3sQe1qbaysfvlyLdUnaubb2TFE5IHFK3Qi/EaHDpE/DzDlbc+GIEBICxoL1HNc4YXfkQHRr0v0YNEwI0/R0ciaoBd/Bruo4i+cH3Oi6D7USm70Cix7cR1fUm0EnB0nBVH4IrYutzEWPnSldZPv9UD0EZGSyu54ltNWfN54A9UP3DKtn2yNR0lyps+lNVvw05BFk7SNKZFUSCn+FMaR4uXsQ0dhI+vVYtoR4JBwE3TRZ7hD086r0L7z+s0eXlBIzQ8CPGkTRZeAXQz1T9HQfCZ23qPrXhcZldgb8gyjMd79DsKPBAfWdhXyb7TC6MTlbC9v2z75Dc5Rw4iDsswYk6T47yKXPUjKVUPcnSCuA9gNKWF5JLr9uZhU+yyESuM1asSS8ZVOvtCu5oYhHNPt3ve9WcMJcdPhijCtKQegcFUXrUU/pNSjdpFI8274h2tXOTPsKMZkNgdXI+S+slii6PLsMO4G+Q0UqoUm+kqnimV9wv9+w6LCI7upwWh/zjfYEA2dX3wau8Avln017ALDmVHC47WCOHNmaKy/zDu6VdFUZ9ibCGFGJGgkajAWyfUaepon79s/6y0UkOjU3e6k4xHW+v+kbVVP0aRFgw72YW2CEmvDbir7T/9en66PYRPOWtawL+gtTbdU0A0vAt+IDUYCDxWD07xH+rfmOdhnTUxNZxycaw9u+O8Y2S6UHPiNmSfl/hX8EPsJt711nvhSvnfuK+LdtQyv7b6kyJF+bgd/wRL89zljUwbNgF9O+Ju7xh2N3QRIKEYTXs9ZbnkEl66nC3NrZf567FnjEGpJNYIV0OXq0/RgZ4fo3ANcNDczZGGynr2+OptQbdHTLVLpqpwQPnX0DWEnXmtSdDKkoAN1SDv/DvT03j3diFp1UitrUBILcb58slVxmxl6N/0lTn6HtIh5uBEcUv4WiXTSNwr9j3VwIlcEMK373HJdhGEV7mUth/lFK0h3t6Lb/fGzkBxMyLiBDgAnq5Yn3cc26zb110MKDKjJkGkrdzoN3cmKab/7yNNC01j9SmJLWngcKV/yvJcct+6f7dUxYjbXDGBryQQFzxYztLiHqsXuPqQClhi0UqQmqwTwDht8ojdschlkmPmArT/TERdX9niFxfTs1haKGhbG93tty8kmvNwFUc7TN0AKiKcbBJPBQNRVyF4GeM5q/TMD2RkiUek9q0/BwicmfcOxPqjsu+uv6E/nXP/9Ou3pr1Bxr3w+kJ22k8ZkcS92LK86WfdXetZI0ZyGI6LVuW/MMlHorOKDy2aIdfFhPXYNCwfgHmRuxpKziIgBulITDEik1Iac2Nj2flyV5aQxhpDkmqwlthPDOvFrwY07yclbqWZK48w/RyVfczlJKILkyzvBItGDlqPcY/3aZuMmQxtIule/teOECokAu11Q==#
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe#
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\Windows\tasks\KHKR.job - C:\Users\Ricky\AppData\Roaming\KHKR.exe# /infocmdline=wgy+RD80jTaPkodSVYs23GEIJUj4nZUdAxzZBfy4rEG0ONyR6t2uMR3JHU5Rf+LzzB3qgQ4QzeWkjUeAjSO9Ur5eomzXKobLq6W8KwIFrc5EMwZ0Xvp5UD1RDNkTPtTcje+TU1CFFTOcRR6R7rN5uzANWT/+4b8qeTvuhcsCk4AIOLXt5VsjSTBKMjUjdtaCrMsdLAsBDLFYvQL+R/lOlhQgSyRtsR2bTTjPeVNXzXoRwyrYuDTJqaQX1jkE9iD7rfWqKdW5BC/JnYIaSXn4UToEAP965QoGGhtjep9QsNu5ovsmJZPQdpl4t3Yx5uDGFdMxFd0q4yK4PNcjkFP8z1Hd5wDBLsWEfqHsPhFZNm/dn5/X/oO8pckD3UhktknbrIzbczmltaPH1jgI19HHNDIkWzwZZF9INhIoX1qWtxnIn7xA4htMheY1XjOYiq8I1uPLz+xVFsyh1Zy6IKubkN0WaUjaGupDa5lvJkPuaKfFaaRBfv+wPZOuQGofunv/#

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
CinPlus-2.4cV04.01 - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho64.dll [2015-01-04 867816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-11-04 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
CinPlus-2.4cV04.01 - C:\Program Files (x86)\CinPlus-2.4cV04.01\CinPlus-2.4cV04.01-bho.dll [2015-01-04 702440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-10 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-11-04 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-10 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-11-04 256456]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2014-10-30 13720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-11-04 194504]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-10-30 12184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-12 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-12 398104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-12 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-23 2884880]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-12-20 11406608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2014-08-22 1792376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744]
"USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-05 291608]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-03 107816]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"Registry Helper"=C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Ricky\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-06 429056]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-04 15:29:48 ----SHD---- C:\$RECYCLE.BIN
2015-01-04 15:24:57 ----A---- C:\Windows\zip.exe
2015-01-04 15:24:57 ----A---- C:\Windows\SWSC.exe
2015-01-04 15:24:57 ----A---- C:\Windows\SWREG.exe
2015-01-04 15:24:57 ----A---- C:\Windows\sed.exe
2015-01-04 15:24:57 ----A---- C:\Windows\PEV.exe
2015-01-04 15:24:57 ----A---- C:\Windows\NIRCMD.exe
2015-01-04 15:24:57 ----A---- C:\Windows\MBR.exe
2015-01-04 15:24:57 ----A---- C:\Windows\grep.exe
2015-01-04 15:24:53 ----SD---- C:\ComboFix
2015-01-04 15:24:06 ----D---- C:\Qoobox
2015-01-04 15:23:49 ----D---- C:\Windows\erdnt
2015-01-04 08:23:19 ----D---- C:\Program Files (x86)\VideoLAN
2015-01-04 08:23:07 ----D---- C:\Users\Ricky\AppData\Roaming\smileyswelove
2015-01-04 08:23:02 ----D---- C:\Program Files (x86)\9ea25f8e-1335-47ae-b1cb-4803b88f350b
2015-01-04 08:23:00 ----A---- C:\Users\Ricky\AppData\Roaming\KHKR.exe
2015-01-04 08:22:56 ----D---- C:\ProgramData\Registry Helper
2015-01-04 08:22:44 ----D---- C:\Program Files (x86)\globalUpdate
2015-01-04 08:22:43 ----D---- C:\Program Files (x86)\CinPlus-2.4cV04.01
2014-12-18 10:43:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 10:43:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 05:22:14 ----D---- C:\Windows\system32\appraiser
2014-12-11 05:00:31 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 05:00:30 ----A---- C:\Windows\system32\mf.dll
2014-12-10 15:02:52 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 15:02:52 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 15:02:52 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 15:02:52 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 15:02:50 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 15:02:48 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 15:02:47 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 15:02:46 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 15:02:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 15:02:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 15:02:32 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 15:02:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 15:02:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 15:02:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 15:02:21 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 15:02:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 15:02:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 15:02:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 15:02:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 15:02:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 15:02:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 15:02:19 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 15:02:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 15:02:19 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 15:02:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 15:02:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 15:02:18 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 15:02:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 15:02:17 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 15:02:17 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 15:02:17 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 15:02:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 15:02:16 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 15:02:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 15:02:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 15:02:15 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 15:02:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 15:02:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 15:02:14 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 15:02:14 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 15:02:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 15:02:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 15:02:13 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 15:02:12 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 15:02:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 15:02:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 15:02:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 15:01:09 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 15:01:08 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 15:01:07 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 15:01:06 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 15:01:06 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 15:01:06 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 15:01:06 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 15:01:06 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 15:01:03 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 15:01:03 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2015-01-04 16:03:59 ----D---- C:\Program Files\trend micro
2015-01-04 16:02:30 ----D---- C:\Windows\Temp
2015-01-04 15:48:06 ----D---- C:\Windows\system32\config
2015-01-04 15:38:29 ----D---- C:\Users\Ricky\AppData\Roaming\BitTorrent
2015-01-04 15:35:21 ----A---- C:\Windows\SYSWOW64\log.txt
2015-01-04 15:34:39 ----D---- C:\Users\Ricky\AppData\Roaming\Dropbox
2015-01-04 15:32:00 ----D---- C:\Windows
2015-01-04 15:30:50 ----D---- C:\Windows\inf
2015-01-04 15:30:08 ----D---- C:\Windows\system32\NDF
2015-01-04 15:24:07 ----D---- C:\Windows\system32\drivers
2015-01-04 14:55:16 ----SHD---- C:\System Volume Information
2015-01-04 14:50:55 ----D---- C:\Windows\system32\wbem
2015-01-04 14:49:40 ----HD---- C:\Config.Msi
2015-01-04 14:49:39 ----D---- C:\Windows\Tasks
2015-01-04 14:49:39 ----D---- C:\Windows\SysWOW64
2015-01-04 14:49:39 ----D---- C:\Windows\system32\catroot2
2015-01-04 14:49:38 ----D---- C:\Windows\registration
2015-01-04 14:24:21 ----D---- C:\Program Files (x86)
2015-01-04 14:23:28 ----SHD---- C:\Windows\Installer
2015-01-04 14:22:36 ----D---- C:\Windows\debug
2015-01-04 14:15:54 ----D---- C:\ProgramData\MFAData
2015-01-04 14:15:48 ----D---- C:\Windows\System32
2015-01-04 14:15:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-04 14:12:02 ----D---- C:\Windows\Prefetch
2015-01-04 08:23:56 ----D---- C:\Windows\system32\Tasks
2015-01-04 08:23:12 ----D---- C:\Program Files (x86)\Apple Software Update
2015-01-04 08:22:56 ----HD---- C:\ProgramData
2015-01-02 21:55:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-25 10:49:14 ----D---- C:\Users\Ricky\AppData\Roaming\Skype
2014-12-25 10:17:11 ----D---- C:\ProgramData\Skype
2014-12-25 10:17:09 ----RD---- C:\Program Files (x86)\Skype
2014-12-19 09:50:35 ----D---- C:\Windows\winsxs
2014-12-13 18:00:14 ----D---- C:\Windows\rescache
2014-12-11 05:22:14 ----SD---- C:\Windows\system32\CompatTel
2014-12-11 05:22:14 ----SD---- C:\ProgramData\Microsoft
2014-12-11 05:22:14 ----D---- C:\Windows\AppCompat
2014-12-11 05:22:13 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-12-11 05:22:13 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-11 05:22:13 ----D---- C:\Windows\system32\nl-NL
2014-12-11 05:22:13 ----D---- C:\Windows\PolicyDefinitions
2014-12-11 05:22:13 ----D---- C:\Program Files\Internet Explorer
2014-12-11 05:22:12 ----D---- C:\Windows\system32\en-US
2014-12-11 05:22:12 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 05:07:02 ----D---- C:\Windows\system32\MRT
2014-12-11 05:02:33 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-01-05 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-02 46368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344]
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-06 14652768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-01-05 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-01-05 786200]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-02-23 423696]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-18 104968]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-04 68608]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912]
S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-02 267440]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-01-12 274200]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-01-04 68608]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-11-03 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Asus · 4 januari 2015

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Zodra één van de malware-experts online komt gebeurt de analyse van je logje en krijg je verdere persoonlijke begeleiding.

kape · 4 januari 2015

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{11111111-1111-1111-1111-110611571181};c
C:\Program Files (x86)\CinPlus-2.4cV04.01;fs
{4F524A2D-5350-4500-76A7-7A786E7484D7};c
C:\Program Files (x86)\AskPartnerNetwork;fs
vProt;s
C:\Program Files (x86)\AVG Secure Search:fs
ApnTBMon;s
Registry Helper;s
C:\Program Files (x86)\Registry Helper;fs
MyDriveConnect.exe;s
C:\Program Files (x86)\MyDrive Connect;fs
APNMCP;s
globalUpdate;s
globalUpdatem;s
C:\Program Files (x86)\globalUpdate;fs
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-1.job;f
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-2.job;f
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-3.job;f
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5.job;f
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-6.job;f
C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-7.job;f
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job;f
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job;f
C:\Windows\tasks\KHKR.job;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}];r64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
"MyDriveConnect.exe"=-;r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"vProt"=-;r64
""=-;r64
"ApnTBMon"=-;r64
"Registry Helper"=-;r64
C:\Users\Ricky\AppData\Roaming\smileyswelove;fs
C:\Program Files (x86)\9ea25f8e-1335-47ae-b1cb-4803b88f350b;fs
C:\Users\Ricky\AppData\Roaming\KHKR.exe;f
C:\ProgramData\Registry Helper;fs
C:\Program Files (x86)\globalUpdate;fs
emptyfolderscheck;delete
startupall;
filesrcm;

Klik op de knop "More options" en vink nu de onderstaande opties aan.
Do a Quick Scan
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

zicky · 4 januari 2015

Hallo, ik denk dat het zo is dan:

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by Ricky on zo 04/01/2015 at 20:23:08,98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-29-081908.log 22111 bytes
C:\zoek-results2015-01-04-191808.log 223700 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_USERS\S-1-5-21-2385261912-2066926694-2415297712-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MyDriveConnect.exe"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"vProt"=-
""=-
"ApnTBMon"=-
"Registry Helper"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AskPartnerNetwork not found
C:\Program Files (x86)\Registry Helper not found
C:\Program Files (x86)\globalUpdate not found
C:\Users\Ricky\AppData\Roaming\smileyswelove not found
C:\Program Files (x86)\9ea25f8e-1335-47ae-b1cb-4803b88f350b not found
C:\ProgramData\Registry Helper not found
C:\Program Files (x86)\globalUpdate not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-1.job" not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-2.job" not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-3.job" not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-5.job" not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-6.job" not found
"C:\Windows\tasks\a64f897a-243b-430d-a2bc-4a99fd69d319-7.job" not found
"C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job" not found
"C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job" not found
"C:\Windows\tasks\KHKR.job" not found
"C:\Users\Ricky\AppData\Roaming\KHKR.exe" not found
"C:\Program Files (x86)\MyDrive Connect\DeviceController.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\DeviceNavManager.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\libeay32.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" deleted
"C:\Program Files (x86)\MyDrive Connect\QtCore4.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\QtGui4.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\QtNetwork4.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\QtXml4.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\ssleay32.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\TomTomSupporterCore.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll" deleted
"C:\Program Files (x86)\MyDrive Connect\Plugins\DeviceNavEthernetManager.dll" deleted
"C:\Program Files (x86)\CinPlus-2.4cV04.01" deleted
"C:\Program Files (x86)\MyDrive Connect" deleted
"C:\Program Files (x86)\MyDrive Connect\Plugins" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-01-04 14:24:57 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2015-01-04 14:24:57 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2015-01-04 14:24:57 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2015-01-04 14:24:57 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2015-01-04 14:24:57 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Ricky\AppData\Local\Temp ====
2015-01-04 19:19:12 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Ricky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpovxz1n.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-12-10 14:02:32 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
2014-12-25 08:26:35 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Ricky\AppData\Roaming ======
2015-01-04 19:14:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp
2015-01-04 19:14:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-01-04 19:14:19 -------- d-----w- C:\Users\Ricky\AppData\Local\Temp
2015-01-04 19:14:19 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2015-01-04 19:14:19 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
====== C:\Users\Ricky ======

====== C: exe-files ==
2015-01-04 14:24:57 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2015-01-04 14:24:57 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2015-01-04 14:24:57 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2015-01-04 14:24:57 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2015-01-04 14:24:57 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2015-01-04 07:23:04 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Ricky\Documents\vlc\Flash_Player_Setup.exe
=== C: other files ==
2015-01-04 14:25:19 1B31B052555D3B81720ACC88456676C6 5996 ----a-w- C:\Qoobox\BackEnv\SetPath.bat

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart"
"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
"hkey"="HKLM"
"item"="APSDaemon"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"hkey"="HKLM"
"item"="iTunesHelper"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2014-09-13 18:41:50 1139 ----a-w- C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-07-22 20:23:02 2063 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/01/2015 21:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/10/2014 06:33]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/10/2014 06:33]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4695" [wscript.exe C:\Users\Ricky\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/07/2013 21:24]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/07/2013 21:24]

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Ricky\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx[16/11/2012 22:43]

MSS+ Extension - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Skype Click to Call - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
DVDVideoSoft Browser Extension - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Google Wallet - Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ricky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4062 folders=1141 330989195 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ricky\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ricky\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 04/01/2015 at 20:46:40,55 ======================

kape · 5 januari 2015

Dubbelklik op Zoek.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\Windows\SysNative\tasks\0;fs

C:\Windows\SysNative\tasks\4695;fs

CHRdefaults;

De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

zicky · 5 januari 2015

het lijkt al in orde van gisteren?? Kan dit. Ik heb toen de eerste stap gedaan van wat je zei. Groetjes

kape · 6 januari 2015

het lijkt al in orde van gisteren?? Kan dit. Ik heb toen de eerste stap gedaan van wat je zei. Groetjes

Oppervlakkig is dat inderdaad al in orde, maar er zit in de achtergrond nog wat dat zeker moet verwijderd worden. En dat doe je best met de laatste opdracht die hierboven staat !

zicky · 8 januari 2015

Hallo, vandaag eindelijk tijd gevonden om dit te doen. Ik kom uit op het volgende (vrij klein logje, maar veronderstel dat dit normaal is)

Zoek.exe v5.0.0.0 Updated 08-January-2015
Tool run by Ricky on do 08/01/2015 at 20:37:55,05.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ricky\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-29-081908.log 22111 bytes
C:\zoek-results2015-01-04-191808.log 223700 bytes
C:\zoek-results2015-01-04-194640.log 16406 bytes

==== Deleting Files \ Folders ======================

C:\Windows\SysNative\tasks\0 deleted
C:\Windows\SysNative\tasks\4695 deleted

==== Reset Google Chrome ======================

Nothing found to reset

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4064 folders=1141 330995839 bytes)

==== EOF on do 08/01/2015 at 20:39:10,38 ======================

groetjes

kape · 8 januari 2015

Dat kleine logje is inderdaad normaal ... en goed nieuws bovendien. Wil je nu nog even dit uitvoeren:

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik op Scan.
Klik vervolgens op Clean.
Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

zicky · 9 januari 2015

Ik denk dat het logje bijgevoegd is. Bedankt allesinds al

AdwCleanerS0.txt

Inloggen

ongewenste reclame

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie