spyware (RSIT bestand)

Ik heb last van spyware

Kan ik dit hier plaatsen?

Logfile of random's system information tool 1.10 (written by random/random)

Run by jan at 2014-10-23 15:50:49

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 989 GB (71%) free of 1389 GB

Total RAM: 6120 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:50:51, on 23-10-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17344)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE

C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

C:\Program Files\trend micro\jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12546 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-abf6-4039f8e35001 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

"c:\Program Files\Microsoft Security Client\MsMpEng.exe"

"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

atieclxx

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"taskhost.exe"

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"

taskeng.exe {70F3F818-61D0-4E8F-8C02-7DB32345172B}

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"

"C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe" -m

"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Fighters\FighterSuiteService.exe"

"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 3556

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Microsoft IntelliType Pro\itype.exe"

"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload

"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon

"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"c:\Program Files\Microsoft Security Client\NisSrv.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files (x86)\Fighters\SPAMfighter\x64\LiveKitLoader64.exe" 4632

ctfmon.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e90056e2-8d56-4205-a719-aaa873de72f3 -SystemEventPortName:HostProcess-619a80bf-e2b9-4496-a76d-279891c000bc -IoCancelEventPortName:HostProcess-1662a79f-c472-4cbc-917f-39fbf9341556 -NonStateChangingEventPortName:HostProcess-2bbb5e05-a973-449a-8e81-5b8ad09e8a7e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5cc5c227-9bf5-40f1-8816-356c115b5c65 -DeviceGroupId:WpdFsGroup

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\splwow64.exe 8192

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"

"C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe" /MainProcess 1456 /PrinterName "Canon MG5500 series Printer" /ScannerName "Canon MG5500 series" /Language nl-NL /Startup

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4612.2606c580.1861278347 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4612 "\\.\pipe\gecko-crash-server-pipe.4612" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --proxy-stub-channel=Flash3272.5A253FA8.10136 --host-broker-channel=Flash3272.5A253FA8.10218 --host-pid=3272 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --channel=7792.0022F59C.835751046 --proxy-stub-channel=Flash3272.5A253FA8.10136 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" --host-npapi-version=27 --type=renderer

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544

"C:\Users\jan\Downloads\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\CheckDriveBackgroundGuard.job - C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe -m

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001Core.job - C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001UA.job - C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\mData

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ABNAMRO/BECON,version=1.00]

"Description"=ABN AMRO e.dentifier2 Plug-in 1.0 for Mozilla

"Path"=C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.189 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]

"Description"=Canon My Image Garden

"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.189 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-26 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-26 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-02 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-02 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-01-13 11774568]

"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]

"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]

"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-11-05 2320752]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-30 116648]

"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]

"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2014-07-25 845120]

"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-08-08 43816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-27 336384]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-10-16 3649040]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

"CommonToolkitTray"=C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [2014-03-24 1681952]

"sfagent"=C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [2014-04-30 1051168]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-23 15:28:33 ----D---- C:\rsit

2014-10-23 15:28:33 ----D---- C:\Program Files\trend micro

2014-10-22 16:22:59 ----D---- C:\AdwCleaner

2014-10-22 13:03:15 ----A---- C:\autoexec.bat

2014-10-22 13:02:41 ----A---- C:\Windows\system32\drivers\EsgScanner.sys

2014-10-22 11:59:44 ----D---- C:\Program Files (x86)\Microsoft Security Client

2014-10-22 11:59:03 ----D---- C:\Program Files\Microsoft Security Client

2014-10-21 13:49:58 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2014-10-21 13:49:58 ----D---- C:\Program Files\iTunes

2014-10-21 13:49:58 ----D---- C:\Program Files\iPod

2014-10-21 13:49:58 ----D---- C:\Program Files (x86)\iTunes

2014-10-21 13:46:47 ----A---- C:\Windows\system32\win32k.sys

2014-10-21 13:46:40 ----A---- C:\Windows\SYSWOW64\mscories.dll

2014-10-21 13:46:40 ----A---- C:\Windows\SYSWOW64\mscorier.dll

2014-10-21 13:46:40 ----A---- C:\Windows\SYSWOW64\dfshim.dll

2014-10-21 13:46:40 ----A---- C:\Windows\system32\mscories.dll

2014-10-21 13:46:40 ----A---- C:\Windows\system32\mscorier.dll

2014-10-21 13:46:40 ----A---- C:\Windows\system32\dfshim.dll

2014-10-21 13:46:32 ----A---- C:\Windows\system32\generaltel.dll

2014-10-21 13:46:31 ----A---- C:\Windows\system32\aepdu.dll

2014-10-21 13:46:30 ----A---- C:\Windows\system32\aeinv.dll

2014-10-21 13:46:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-10-21 13:46:28 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-10-21 13:46:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-10-21 13:46:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-10-21 13:46:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-10-21 13:46:28 ----A---- C:\Windows\system32\iernonce.dll

2014-10-21 13:46:28 ----A---- C:\Windows\system32\ie4uinit.exe

2014-10-21 13:46:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-10-21 13:46:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-10-21 13:46:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-10-21 13:46:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-10-21 13:46:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-10-21 13:46:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-21 13:46:27 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-10-21 13:46:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-10-21 13:46:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-10-21 13:46:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-10-21 13:46:26 ----A---- C:\Windows\system32\urlmon.dll

2014-10-21 13:46:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-10-21 13:46:26 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-10-21 13:46:26 ----A---- C:\Windows\system32\iedkcs32.dll

2014-10-21 13:46:25 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-10-21 13:46:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-10-21 13:46:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-10-21 13:46:25 ----A---- C:\Windows\system32\msfeeds.dll

2014-10-21 13:46:25 ----A---- C:\Windows\system32\iesetup.dll

2014-10-21 13:46:25 ----A---- C:\Windows\system32\iertutil.dll

2014-10-21 13:46:25 ----A---- C:\Windows\system32\dxtmsft.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-10-21 13:46:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-10-21 13:46:24 ----A---- C:\Windows\system32\jsproxy.dll

2014-10-21 13:46:24 ----A---- C:\Windows\system32\ieui.dll

2014-10-21 13:46:24 ----A---- C:\Windows\system32\dxtrans.dll

2014-10-21 13:46:23 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-10-21 13:46:23 ----A---- C:\Windows\system32\mshtmled.dll

2014-10-21 13:46:23 ----A---- C:\Windows\system32\jscript9diag.dll

2014-10-21 13:46:23 ----A---- C:\Windows\system32\jscript9.dll

2014-10-21 13:46:23 ----A---- C:\Windows\system32\ieUnatt.exe

2014-10-21 13:46:23 ----A---- C:\Windows\system32\ieframe.dll

2014-10-21 13:46:22 ----A---- C:\Windows\system32\wininet.dll

2014-10-21 13:46:22 ----A---- C:\Windows\system32\vbscript.dll

2014-10-21 13:46:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-21 13:46:22 ----A---- C:\Windows\system32\msrating.dll

2014-10-21 13:46:22 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-10-21 13:46:22 ----A---- C:\Windows\system32\ieapfltr.dll

2014-10-21 13:46:21 ----A---- C:\Windows\system32\mshtml.dll

2014-10-21 13:46:05 ----A---- C:\Windows\system32\msi.dll

2014-10-21 13:46:04 ----A---- C:\Windows\SYSWOW64\msi.dll

2014-10-21 13:45:55 ----A---- C:\Windows\SYSWOW64\rastls.dll

2014-10-21 13:45:55 ----A---- C:\Windows\system32\rastls.dll

2014-10-21 13:45:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2014-10-21 13:45:40 ----A---- C:\Windows\system32\mstscax.dll

2014-10-21 13:45:38 ----A---- C:\Windows\system32\termsrv.dll

2014-10-21 13:45:38 ----A---- C:\Windows\system32\mstsc.exe

2014-10-21 13:45:37 ----A---- C:\Windows\SYSWOW64\winsta.dll

2014-10-21 13:45:37 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2014-10-21 13:45:37 ----A---- C:\Windows\system32\winsta.dll

2014-10-21 13:45:37 ----A---- C:\Windows\system32\rdpcorekmts.dll

2014-10-21 13:45:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-10-21 13:45:36 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2014-10-21 13:45:36 ----A---- C:\Windows\SYSWOW64\credssp.dll

2014-10-21 13:45:36 ----A---- C:\Windows\SYSWOW64\aaclient.dll

2014-10-21 13:45:36 ----A---- C:\Windows\system32\winlogon.exe

2014-10-21 13:45:36 ----A---- C:\Windows\system32\TSpkg.dll

2014-10-21 13:45:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2014-10-21 13:45:36 ----A---- C:\Windows\system32\credssp.dll

2014-10-21 13:45:09 ----A---- C:\Windows\SYSWOW64\packager.dll

2014-10-21 13:45:09 ----A---- C:\Windows\system32\packager.dll

2014-10-10 15:14:32 ----A---- C:\Windows\system32\drivers\avgtdia.sys

2014-10-09 19:43:51 ----D---- C:\Users\jan\AppData\Roaming\LiveKit

2014-10-09 19:39:35 ----D---- C:\Program Files (x86)\Fighters

2014-10-09 19:39:32 ----D---- C:\Users\jan\AppData\Roaming\Fighters

2014-10-09 19:38:28 ----D---- C:\ProgramData\Fighters

2014-10-07 21:43:06 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys

2014-10-05 21:41:40 ----A---- C:\Windows\system32\drivers\avgmfx64.sys

2014-10-02 17:19:50 ----D---- C:\ProgramData\Oracle

2014-10-02 17:19:23 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-10-02 17:19:09 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-10-02 17:19:09 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-10-02 17:19:09 ----A---- C:\Windows\SYSWOW64\java.exe

2014-10-02 16:55:35 ----D---- C:\Users\jan\AppData\Roaming\AVG2015

2014-10-02 16:52:50 ----D---- C:\ProgramData\AVG2015

2014-10-01 14:36:48 ----A---- C:\Windows\SYSWOW64\qdvd.dll

2014-10-01 14:36:48 ----A---- C:\Windows\system32\qdvd.dll

2014-09-24 20:59:54 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-09-24 17:32:30 ----A---- C:\Windows\SYSWOW64\tzres.dll

2014-09-24 17:32:30 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-23 15:49:28 ----D---- C:\Windows\Temp

2014-10-23 15:35:02 ----D---- C:\ProgramData\MFAData

2014-10-23 15:28:33 ----RD---- C:\Program Files

2014-10-23 15:14:45 ----D---- C:\Windows\system32\config

2014-10-23 15:02:03 ----A---- C:\Windows\SYSWOW64\log.txt

2014-10-23 14:33:56 ----SHD---- C:\Windows\Installer

2014-10-23 14:33:56 ----SHD---- C:\Config.Msi

2014-10-23 14:32:02 ----D---- C:\Windows\system32\drivers

2014-10-23 14:30:39 ----HD---- C:\$AVG

2014-10-22 16:29:43 ----RD---- C:\Program Files (x86)

2014-10-22 16:29:43 ----HD---- C:\ProgramData

2014-10-22 16:29:41 ----D---- C:\Program Files (x86)\Common Files

2014-10-22 16:29:40 ----D---- C:\Users\jan\AppData\Roaming\SoftGrid Client

2014-10-22 13:03:01 ----D---- C:\Windows\system32\Tasks

2014-10-22 12:37:15 ----D---- C:\Windows\Microsoft.NET

2014-10-22 12:35:04 ----RSD---- C:\Windows\assembly

2014-10-22 12:00:05 ----D---- C:\Windows

2014-10-22 11:59:46 ----D---- C:\Windows\system32\catroot

2014-10-22 11:59:44 ----SD---- C:\ProgramData\Microsoft

2014-10-22 11:11:01 ----D---- C:\Windows\Prefetch

2014-10-22 11:07:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-10-22 11:00:14 ----D---- C:\Windows\winsxs

2014-10-22 10:56:44 ----D---- C:\Windows\System32

2014-10-22 10:56:43 ----D---- C:\Windows\SysWOW64

2014-10-22 10:56:42 ----SD---- C:\Windows\system32\CompatTel

2014-10-22 10:56:41 ----D---- C:\Program Files\Internet Explorer

2014-10-22 10:56:40 ----D---- C:\Windows\SYSWOW64\en-US

2014-10-22 10:56:40 ----D---- C:\Windows\system32\en-US

2014-10-22 10:56:38 ----D---- C:\Program Files (x86)\Internet Explorer

2014-10-22 10:56:36 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-10-22 10:56:35 ----D---- C:\Windows\system32\nl-NL

2014-10-21 16:27:34 ----D---- C:\Windows\system32\MRT

2014-10-21 16:18:04 ----A---- C:\Windows\system32\MRT.exe

2014-10-21 16:17:52 ----SHD---- C:\System Volume Information

2014-10-21 13:49:58 ----D---- C:\Program Files\Common Files\Apple

2014-10-21 13:49:46 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-10-21 13:48:25 ----D---- C:\Windows\Tasks

2014-10-21 13:45:05 ----D---- C:\Windows\system32\catroot2

2014-10-14 16:05:35 ----D---- C:\Windows\system32\wdi

2014-10-09 10:45:20 ----D---- C:\ProgramData\CanonIJPLM

2014-10-07 13:05:22 ----D---- C:\Program Files (x86)\AVG Web TuneUp

2014-10-02 17:26:09 ----D---- C:\Windows\system32\DriverStore

2014-10-02 17:26:08 ----D---- C:\Windows\inf

2014-10-02 17:18:51 ----D---- C:\Program Files (x86)\Java

2014-10-02 16:55:25 ----D---- C:\ProgramData\AVG2014

2014-10-02 16:52:42 ----D---- C:\Program Files (x86)\AVG

2014-09-27 16:17:45 ----D---- C:\Users\jan\AppData\Roaming\Adobe

2014-09-27 16:11:29 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-09-27 14:14:48 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 438808]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]

R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [2014-07-31 536984]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-07 262424]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-14 50976]

R1 RapportCerberus_80049;RapportCerberus_80049; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys [2014-09-08 768184]

R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-07-31 444184]

R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-07-31 562136]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 9085952]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-27 299520]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]

R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2009-11-05 27512]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-13 2703720]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-03-11 56344]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]

R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-11-05 34160]

R3 RapportIaso;RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [2014-09-08 428696]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

R3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]

S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-27 203776]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-10-16 1486664]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-10-16 3487248]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-10-16 298080]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-03-11 326168]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]

R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-07-31 1919256]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [2014-04-30 216608]

R2 Suite Service;Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2014-03-14 1282592]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-03-11 2656280]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]

S2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-09 1255736]

S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA};c
 vToolbarUpdater3.2.0;s
 C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

zoek-results.log

Zoek.exe v5.0.0.0 Updated 19-10-2014

Tool run by jan on do 23-10-2014 at 20:25:31,40.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jan\Downloads\zoek(4).exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-10-23-172335.log 66580 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

C:\Program Files (x86)\Fighters\FighterSuiteService.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE

C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\jan\Downloads\zoek(4).exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 not found

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 6121 MB

CPU Info: Intel® Core i7-2600 CPU @ 3.40GHz

CPU Speed: 3465.8 MHz

Sound Card: Speakers (Realtek High Definiti |

Display Adapters: ATI Radeon HD 5670 | ATI Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-S223C

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 1356.2GB | D: 40.0GB | Q: 0.0MB

Hard Disks - Free: C: 981.1GB | D: 21.6GB | Q: 0.0MB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 03/04/11 | MEDION - 1072009

Time Zone: West-Europa (standaardtijd)

Motherboard *: ECS H67H2-EM

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Virus: AVG Internet Security 2015 On-access scanning disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: AVG Internet Security 2015 disabled (Outdated)

Firewall: AVG Internet Security 2015 disabled

Default Browser: Firefox 32.0.3

Internet Explorer Version: 11.0.9600.17358

Mozilla Firefox version: 32.0.3 (x86 nl)

Google Chrome version: 38.0.2125.104

Adobe Reader version: 11.0.9.29

Sun Java version: 1.8.0_25 (32-bit)

Sun Java version: 1.8.0_25 (64-bit)

Flash Player version: 15.0.0.189

Shockwave Player version: 11.5.9r620

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-10-22 10:00:05 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif

====== C:\Users\jan\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-10-23 16:36:26 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-10-21 11:46:40 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll

2014-10-21 11:46:40 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll

2014-10-21 11:46:40 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll

2014-10-21 11:46:29 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-10-21 11:46:28 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-21 11:46:28 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-10-21 11:46:28 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-10-21 11:46:28 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-10-21 11:46:27 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-10-21 11:46:27 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-10-21 11:46:27 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-10-21 11:46:27 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-21 11:46:27 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-10-21 11:46:26 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-10-21 11:46:26 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-10-21 11:46:26 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-10-21 11:46:26 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-10-21 11:46:26 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-10-21 11:46:25 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-10-21 11:46:25 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-10-21 11:46:25 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-10-21 11:46:24 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-10-21 11:46:24 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-10-21 11:46:24 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-10-21 11:46:24 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-10-21 11:46:24 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-21 11:46:24 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-10-21 11:46:24 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-21 11:46:24 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-10-21 11:46:04 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-10-21 11:45:55 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll

2014-10-21 11:45:40 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-10-21 11:45:37 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll

2014-10-21 11:45:37 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-10-21 11:45:36 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-10-21 11:45:36 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll

2014-10-21 11:45:36 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-10-21 11:45:09 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-10-21 11:46:47 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys

2014-10-21 11:46:40 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll

2014-10-21 11:46:40 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll

2014-10-21 11:46:40 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll

2014-10-21 11:46:32 974F83636F841739FEA5CC6219BFB241 276480 ----a-w- C:\Windows\Sysnative\generaltel.dll

2014-10-21 11:46:31 510D5492BCA9E63E10E3CE0285965722 507392 ----a-w- C:\Windows\Sysnative\aepdu.dll

2014-10-21 11:46:30 767D478BB4B2F84B47B3C0956E6A5A05 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll

2014-10-21 11:46:28 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-10-21 11:46:28 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-10-21 11:46:28 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-10-21 11:46:27 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-10-21 11:46:27 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-10-21 11:46:26 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-10-21 11:46:26 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-10-21 11:46:26 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-10-21 11:46:26 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-10-21 11:46:25 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-10-21 11:46:25 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-10-21 11:46:25 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-10-21 11:46:25 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-10-21 11:46:25 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-10-21 11:46:24 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-10-21 11:46:24 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-10-21 11:46:24 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-10-21 11:46:23 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-10-21 11:46:23 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-10-21 11:46:23 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-10-21 11:46:23 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-10-21 11:46:23 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-10-21 11:46:23 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-10-21 11:46:22 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-10-21 11:46:22 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-10-21 11:46:22 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-10-21 11:46:22 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-10-21 11:46:22 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-10-21 11:46:22 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-10-21 11:46:21 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-10-21 11:46:05 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll

2014-10-21 11:45:55 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll

2014-10-21 11:45:40 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-10-21 11:45:38 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-10-21 11:45:38 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll

2014-10-21 11:45:37 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll

2014-10-21 11:45:37 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll

2014-10-21 11:45:36 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-10-21 11:45:36 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-10-21 11:45:09 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll

====== C:\Windows\Sysnative\drivers =====

2014-10-22 11:02:41 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys

2014-10-21 11:45:37 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys

2014-10-21 11:45:36 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2014-10-10 13:14:32 0BB7ECAC81554D83A66A0B9F961BB9D0 274200 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys

2014-10-07 19:43:06 7F6BE4B64811AFECE52FBAD85E31E378 262424 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys

2014-10-05 19:41:40 B4D589C734D796B5B76E0A0E5DA50397 124184 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys

====== C:\Windows\Tasks ======

2014-10-23 16:08:23 2DAE3AF8F8D19CF752DACC6C18A994C7 3120 ----a-w- C:\Windows\Sysnative\Tasks\{F777D659-4D92-42DC-AAF4-6D5079A8CC6F}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-10-23 13:28:33 -------- d-----w- C:\Program Files\trend micro

2014-10-21 11:49:58 -------- d-----w- C:\Program Files\iTunes

2014-10-21 11:49:58 -------- d-----w- C:\Program Files\iPod

======= C:\PROGRA~2 =====

2014-10-23 16:36:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-10-23 16:35:15 -------- d-----w- C:\PROGRA~2\Java

2014-10-21 11:49:58 -------- d-----w- C:\PROGRA~2\iTunes

2014-10-09 17:39:35 -------- d-----w- C:\PROGRA~2\Fighters

======= C: =====

2014-10-22 11:03:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\jan\AppData\Roaming ======

2014-10-23 17:23:35 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-10-23 17:23:35 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-10-23 17:23:35 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-10-23 17:23:35 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-10-23 17:23:34 -------- d-----w- C:\Users\jan\AppData\Local\Temp

2014-10-09 17:43:51 -------- d-----w- C:\Users\jan\AppData\Roaming\LiveKit

2014-10-09 17:40:13 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Fighters

2014-10-09 17:39:32 -------- d-----w- C:\Users\jan\AppData\Roaming\Fighters

2014-10-02 14:55:35 -------- d-----w- C:\Users\jan\AppData\Roaming\AVG2015

2014-10-02 14:54:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015

2014-10-02 14:54:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015

2014-10-02 14:52:43 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015

2014-10-02 14:51:31 -------- d-----w- C:\Users\jan\AppData\Local\Avg2015

====== C:\Users\jan ======

2014-10-23 16:36:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-23 16:27:33 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(4).exe

2014-10-23 16:04:29 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(3).exe

2014-10-23 15:57:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(2).exe

2014-10-23 15:38:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(1).exe

2014-10-23 13:26:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jan\Downloads\RSITx64.exe

2014-10-22 14:22:21 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\jan\Downloads\adwcleaner_4.001.exe

2014-10-22 11:03:01 -------- d-----w- C:\Users\jan\Start Menu

2014-10-22 09:58:06 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\jan\Downloads\mseinstall.exe

2014-10-21 11:50:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-10-09 17:39:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters

2014-10-09 17:38:28 -------- d-----w- C:\ProgramData\Fighters

2014-10-02 15:19:50 -------- d-----w- C:\ProgramData\Oracle

2014-10-02 14:52:50 -------- d-----w- C:\ProgramData\AVG2015

====== C: exe-files ==

2014-10-23 18:18:22 C7489D70D684A305F49B8A59C2A38369 441896 ----a-w- C:\Users\jan\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe

2014-10-23 16:36:09 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe

2014-10-23 16:36:09 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe

2014-10-23 16:36:09 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe

2014-10-23 16:35:45 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe

2014-10-23 16:35:45 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe

2014-10-23 16:35:45 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe

2014-10-23 16:35:45 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe

2014-10-23 16:35:45 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe

2014-10-23 16:35:45 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe

2014-10-23 16:35:45 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe

2014-10-23 16:35:45 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe

2014-10-23 16:35:45 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe

2014-10-23 16:35:44 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe

2014-10-23 16:35:44 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe

2014-10-23 16:35:44 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe

2014-10-23 16:35:44 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe

2014-10-23 16:35:44 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe

2014-10-23 16:35:44 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe

2014-10-23 16:35:44 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe

2014-10-23 16:35:44 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe

2014-10-23 16:35:43 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe

2014-10-23 16:35:43 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe

2014-10-23 16:35:43 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe

2014-10-23 16:35:43 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe

2014-10-23 16:27:33 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(4).exe

2014-10-23 16:04:29 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(3).exe

2014-10-23 15:57:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(2).exe

2014-10-23 15:38:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(1).exe

2014-10-23 13:28:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jan.exe

2014-10-23 13:26:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jan\Downloads\RSITx64.exe

2014-10-23 12:29:32 52B2C1038E4AB6F5647978729B6BBCB3 320528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe

2014-10-23 12:26:54 E1CC6F808D83A21A022045F313AB0414 6122736 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

2014-10-23 12:26:54 D5EAC0FAA423C67E48DA714D43867034 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe

2014-10-23 12:26:54 BC04965E1D4252CD7A9B64AC146996C1 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe

2014-10-23 12:26:54 91B8E3B0D3C7EA00770F4C4FBEE4C3B5 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe

2014-10-22 14:22:21 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\jan\Downloads\adwcleaner_4.001.exe

2014-10-22 09:58:06 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\jan\Downloads\mseinstall.exe

2014-10-22 09:57:44 68270679465EC5A66B65489C6E44AD64 11100752 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_37.0.2062.124_chrome_updater.exe

2014-10-21 11:48:24 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe

2014-10-21 11:48:24 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe

2014-10-21 11:48:24 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe

2014-10-21 11:48:09 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe

2014-10-21 11:47:59 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe

2014-10-21 11:47:56 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe

2014-10-21 11:47:42 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe

2014-10-21 11:47:40 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe

2014-10-21 11:46:31 D43F34B4901C499FE13798149879DCD8 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe

2014-10-21 11:46:30 97EBB8C10D4A6CA575E3D916B25A3BEF 46752 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe

2014-10-21 11:46:28 6B9FDB34A5A490FF6A7EDE280062626A 810680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-10-21 11:46:28 54C9747BB0A64F4D9D401E4648363386 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-10-21 11:46:28 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-10-21 11:46:26 F9F310F9FB7F294F00ABDD03453D8CEE 812736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-10-21 11:46:26 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-10-21 11:46:26 649E8F572EC0D929F4EED13A53AC0475 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-10-21 11:46:26 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-10-21 11:46:25 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-10-21 11:46:24 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-10-21 11:46:23 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-10-21 11:46:22 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-10-21 11:45:38 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\System32\mstsc.exe

2014-10-21 11:45:37 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-10-21 11:42:50 2BF25BB82936758771C99A2C70754E09 77104 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 12.0.1.26\SetupAdmin.exe

2014-10-17 18:52:34 0B071C8F061812D9C5627029CFAB0896 5972496 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcrema.exe

2014-10-16 20:07:38 5B3013D32525CC51C0CFB96F30603FA8 3487248 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

2014-10-16 20:04:10 04F27CC106AFC2903BED0C32958649F8 3649040 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgui.exe

2014-10-16 20:02:56 5B032CCF38D1F01638EA39080D8FE423 1486664 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

2014-10-16 20:01:40 8F24D13F3D2DC35E7C47E75989CCECEB 2916368 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

2014-10-16 20:01:04 1E82AB979A05631F57FA91CCD58BBF69 391792 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe

2014-10-16 19:59:54 A1E0DE8E0C2CF65408AC3143E71848CE 779280 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

2014-10-16 19:59:20 EC556FE2E452A7D9111E9D0ECC05D0AD 244240 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcmgr.exe

2014-10-16 19:58:44 4C2C1FA30CBB89DAD7D2C805D120D8D4 1293328 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

2014-10-16 19:56:42 EDB047AA7E48AA312863012C2EF98170 708112 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgdumpx.exe

2014-10-16 19:54:58 A474891AA30521A291F8AF6D29057A27 1086992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

2014-10-16 19:54:50 0FA879885B20CF41B8BC293E9A6FDA28 332304 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe

2014-10-16 19:53:42 AB8B5B7D3C778F613E28EF4C640F0E45 704528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgntdumpx.exe

2014-10-16 19:53:38 2CAA843E8B1352F95E653E0DB849BA49 691216 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

2014-10-16 19:52:44 D98CE2000E22FB58DD0BDD378C39D719 316432 ----a-w- C:\Program Files (x86)\AVG\AVG2015\fixcfg.exe

2014-10-16 19:52:42 00D1D1C323B63B2836171685515F86D3 873488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgdumpa.exe

2014-10-16 19:51:56 28C843748D6F80C093FD6247DB6E9762 362000 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcomdlga.exe

2014-10-16 19:51:52 3CD5EB5C50BB158823F083A26A9B8AA9 444432 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgscana.exe

2014-10-16 19:51:38 096EA6603F3C2F9ACA4B5765ED0937CA 851472 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

2014-10-16 19:51:22 F403FD12E8B392F2387FCFC6C72F7DC7 866832 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgntdumpa.exe

2014-10-16 19:51:18 CF07E8B730E5652F0AD2B9EF63DE8117 379408 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgscanx.exe

2014-10-16 19:50:58 8006A6254B4DC762336E71FD61971A9D 298080 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

=== C: other files ==

2014-10-23 16:35:54 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip

2014-10-22 15:04:04 4AC75A9F5F7318FF53BC435DCFBF5A64 979610 ----a-w- C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

2014-10-22 11:03:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2014-10-22 11:02:41 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys

2014-10-21 11:46:47 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\System32\win32k.sys

2014-10-21 11:45:37 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-10-21 11:45:36 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2014-10-16 20:10:36 38DE1C829A69D3A8C63B5705ED50767A 1190771 ----a-w- C:\Program Files (x86)\AVG\AVG2015\banners\banners.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3961628303-576169890-3725312565-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"CommonToolkitTray"="C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"

"sfagent"="C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"

"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe"

"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22-10-2014 11:07]

C:\Windows\tasks\CheckDriveBackgroundGuard.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 13:47]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001Core.job --a------ \:C:\Users\jan\AppData\LoC:al\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001UA.job --a------ :C:\Users\jan\AppData\LoC:al\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CheckDriveBackgroundGuard" [C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001Core" [C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001UA" [C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\{040BCD94-AB0D-41A1-888F-E4413C50C6C3}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{1C1D9418-6D29-4DCD-889C-959960853AAA}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{250FC0C6-1C39-4233-AAC6-186B36B01F15}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{2EA453CA-28C6-4757-BCDB-8CEF053489D2}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{55FCE923-5AD8-4090-A354-E9E4A160F330}" [C:\Program Files (x86)\Movie Maker 2.6\MOVIEMK.exe]

"C:\Windows\SysNative\tasks\{6044BA18-E21A-4DF1-8303-D9C7A3D3186E}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{72B00541-13FA-4B74-87F6-5DD5F35A6AA0}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{8D135A4D-A791-4209-B460-EA0595405F4E}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{CF68F64F-DFA5-4CA5-9AD4-1C8635DC42BC}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{D698BDFE-3D79-43C9-BF95-44B8B8349479}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{D79318E7-580D-479E-A196-B404D84ACC93}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{DB1B0715-39C2-4AC4-A048-2F2688E6D1DE}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"fmconverter@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox" [31-08-2013 15:06]

==== Firefox Extensions ======================

ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\jan\AppData\Roaming\TomTom\HOME\Profiles\5hxa7z7r.default

- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default

63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash

FB5621842FDABF9F8359775573498FBC - C:\Users\jan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update

4A270804DC8AB72DCB4F694D050A3517 - C:\Users\jan\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll - Widevine Media Optimizer

B07511C6F3BBC07B1E09E44F20EE5B8A - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Chromium Look ======================

Google Docs - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Preferences

il/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_1","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true}}},"homepage":"http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC","homepage_is_newtabpage":false,"intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"XPjPl9C2/ZmuXFiKMwOlQQ=="},"media":{"device_id_salt":"zG8JRSr26QMD3no8Gonm4w=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"ajax.googleapis.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"apis.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":70,"6":0},"supports_spdy":true},"cache.pack.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"clients1.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"}},"clients2.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"clients2.googleusercontent.com:443":{"settings":{"4":100,"5":69,"6":0},"supports_spdy":true},"encrypted-tbn0.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"}},"encrypted-tbn1.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"fonts.googleapis.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"googleads.g.doubleclick.net:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"googleads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"oauth.googleusercontent.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"pagead2.googlesyndication.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"partner.googleadservices.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"pubads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"r9---sn-5hnezn7l.c.pack.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"ssl.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":54,"6":0},"supports_spdy":true},"ssl.gstatic.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"stats.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"themes.googleusercontent.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"twitter.com:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"www.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.googleapis.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"www.googletagservices.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.gstatic.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}}},"version":3}},"pinned_tabs":[],"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":2,"managed_user_id":"","name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{"browser":{"show_home_button":"626A12461496A915930210F747CAA718E878D94C410E0B72B8C470AEA02030D4"},"default_search_provider":{"keyword":"C0C3F2649F440F92DB9CD2FCA6E7B93FB0ACC16ADF08CB2D072DCEF03BA5FB60","name":"BC5C5060ADDA56AC0600701DC13E1E856CA19765185DC11DBD0E3B72755AAD0B","search_url":"E12ED631BE2184FC7E92D0A147BB95A5CB472637EFBD1FE7D0656607EB2DDE42"},"default_search_provider_data":{"template_url_data":"F3FB4C747D7871183D5E0C3F143CCB4572C2FFE11552A5B57BFA22E7D7E9CDC2"},"extensions":{"known_disabled":"5251A656D4385A56EF71EF53BCFD5A77317236B2816377E41950AB728E1CEAAA","settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"E126EE0808ACD0A8816359921A38A1FF6AA228F2E9026F5E8B517C8466DFC243","aohghmighlieiainnegkcijnfilokake":"1806DAA359097EE8772D70BE1329F2BADA3C3C9C1102A52E7260715275E81E21","apdfllckaahabafndbhieahigkjlhalf":"56F3282B9875D00A9CC22C521A5B32F3F9028F3AC4A5451F411EE4E69B64DD9B","bepbmhgboaologfdajaanbcjmnhjmhfn":"742399BBDBC2E34FC0E0216EBE5B59F6CACAE1698D67B82761333AA739FB8001","blpcfgokakmgnkcojhhkbfbldkacnbeo":"6E3AAFBF9475EBD22E04851F94B01062ED8095AC70231B32D40CC95E07B10673","coobgpohoikkiipiblmjeljniedjpjpf":"14521A33BD523DE606DA2F74B098B587E1462DA2885F09911ACA2DFC49B85656","eemcgdkfndhakfknompkggombfjjjeno":"E58C9C04F94AB22B38BC6072A19FDEBAD671534685AFF88F9D927A197CF289C2","ennkphjdgehloodpbhlhldgbnhmacadg":"A5DA6D3610EFF1C4625708606B8A02702DDC0F7DF352341FD31B7FBA0E3B3702","gfdkimpbcpahaombhbimeihdjnejgicl":"988DDD0E4E6BD0FE25DF674FE85FEA04DD135A9EE0A0C411A420CD9BE9F7BD6C","jbolfgndggfhhpbnkgnpjkfhinclbigj":"783D93FA0FE4295C13E786644A09E28569D3E8186B8166DC6266F068F5949E2A","kmendfapggjehodndflmmgagdbamhnfd":"A90476E451F947372F7991672889D03B39D568A9DA6906D859827B6334F878D8","mfehgcgbbipciphmccgaenjidiccnmng":"4193B56338CFFA507B3F4CF2785EC6D5ED0167CE2394FFA37CBE9A6D152D58BA","mgndgikekgjfcpckkfioiadnlibdjbkf":"38236254E9399227A56D86271345EAD03A181CB0B16EBCD0012A5E1169B3C897","neajdppkdcdipfabeoofebfddakdcjhd":"E4953C8CED7B738C352E8A872CDF1BBFCAF6868D9B7CC966B6D8042AD0F30683","nkeimhogjdpnpccoofpliimaahmaaome":"5086B39B74930981826C0D6075E65CCFDD5128A9E02914FCA58EE179F14CB55D","nmmhkkegccagdldgiimedpiccmgmieda":"566BF622FC8397C8E04411CBC2F379E3D34B816992068BA1C06C179696FC2485","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"81D29DB68B1DD2A4692E0797EBAD317207FE68AB77B5AA07A851D7A139FC423C","pjkljhegncpnkpknbcohdijeoejaedia":"930CAAC33224AC18127BC38F013CAEF670F9AC51A8587D174584B6EF37C4128C"}},"google":{"services":{"last_username":"461A9C83CE9D166BA0BAB395F270C739E5B1E35DFED0AE4BB069F900D2948137"}},"homepage":"E9151401108CC68D8903DA56298E2ACDBFA295A3A1449BDFA7986EF4842F039E","homepage_is_newtabpage":"1700359473DEAFC96CC47C2FC974F78E15BC671E1ADB00A2A90F6679CF89BF7B","pinned_tabs":"693317FAD30F8842C5A1060DC0C9695F50C24F7EC0AFFB057310D44406C19F6F","prefs":{"preference_reset_time":"B1F5B32D8DF826353419DE0397CE2C52F814282E44F285654BB59B338B9721DA"},"profile":{"reset_prompt_memento":"00486C6045BEC1724741D05B17914E83D4F3BE42B4BE34D0BF73E274950425CE"},"safebrowsing":{"incident_report_sent":"E2D7B05137A97AC5C32921155D20685B0A295464677A256F26D0D6527874D076"},"search_provider_overrides":"F3ECF0BEF1B6315D992D3F95695F604F1F555D121D080DECD884087D143F55E2","session":{"restore_on_startup":"FB488B00E0CBF3E8F08A0096F65ED8144956E88C02E12B8E573CC82F06D64214","startup_urls":"EC16A4875E90B8EE81028CA385FA226D526EAFA7E6CC64A4EAF63BA24F778AF5"},"sync":{"remaining_rollback_tries":"4D4229F1665D533AD900397A13D64E19F486C1373F16030A65114F09790B2E26"}}},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC"],"startup_urls_migration_time":"13043360760205335"},"sync":{"remaining_rollback_tries":0},"translate_blocked_languages":["nl"],"translate_whitelists":{}}

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{55ECAB0C-CCD2-4876-B93C-93B467BCF2FE} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393NL435"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=70 folders=20 20823287 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\jan\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 23-10-2014 at 21:11:06,75 ======================

- - - Updated - - -

Het ziet er naar uit dat ik verlost ben van spyware.

Dat lijkt er inderdaad netjes uit te zien ... maar toch nog even een volgende stapje:

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik op Scan.
  
• Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\\AdwCleaner\\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

C://Adwcleaner//Adwcleaner(SO).text

Sorry voor de late reactie.

# AdwCleaner v4.002 - Rapport aangemaakt 28/10/2014 op 10:22:21

# DB v2014-10-26.6

# Laatste Update 27/10/2014 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : jan - JAN-PC

# Gestart vanuit : C:\Users\jan\Downloads\adwcleaner_4.002.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

***** [ Taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v32.0.3 (x86 nl)

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [18752 octets] - [22/10/2014 15:23:10]

AdwCleaner[R1].txt - [18813 octets] - [22/10/2014 15:27:21]

AdwCleaner[R2].txt - [1108 octets] - [22/10/2014 15:48:02]

AdwCleaner[R3].txt - [1109 octets] - [23/10/2014 13:52:54]

AdwCleaner[R4].txt - [1229 octets] - [23/10/2014 15:32:53]

AdwCleaner[R5].txt - [1349 octets] - [23/10/2014 21:35:52]

AdwCleaner[R6].txt - [1526 octets] - [28/10/2014 10:17:56]

AdwCleaner[s0].txt - [17041 octets] - [22/10/2014 15:29:39]

AdwCleaner[s1].txt - [1168 octets] - [22/10/2014 15:49:51]

AdwCleaner[s2].txt - [1167 octets] - [23/10/2014 13:56:57]

AdwCleaner[s3].txt - [1287 octets] - [23/10/2014 15:35:14]

AdwCleaner[s4].txt - [1445 octets] - [28/10/2014 10:22:21]

########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1505 octets] ##########

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
CHRdefaults;
chromelook; 

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Zoek results.log

Zoek.exe v5.0.0.0 Updated 27-10-2014

Tool run by jan on di 28-10-2014 at 12:32:09,10.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jan\Downloads\zoek(1).exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-10-23-172335.log 66580 bytes

C:\zoek-results2014-10-23-191106.log 59534 bytes

==== Chromium Look ======================

Google Docs - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Preferences

il/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_1","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true}}},"homepage":"http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC","homepage_is_newtabpage":false,"intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"XPjPl9C2/ZmuXFiKMwOlQQ=="},"media":{"device_id_salt":"zG8JRSr26QMD3no8Gonm4w=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"ajax.googleapis.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"apis.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":70,"6":0},"supports_spdy":true},"cache.pack.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"clients1.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"}},"clients2.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"clients2.googleusercontent.com:443":{"settings":{"4":100,"5":69,"6":0},"supports_spdy":true},"encrypted-tbn0.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"}},"encrypted-tbn1.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"fonts.googleapis.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"googleads.g.doubleclick.net:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"googleads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"oauth.googleusercontent.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"pagead2.googlesyndication.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"partner.googleadservices.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"pubads.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"r9---sn-5hnezn7l.c.pack.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"ssl.gstatic.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":54,"6":0},"supports_spdy":true},"ssl.gstatic.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"stats.g.doubleclick.net:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"themes.googleusercontent.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"twitter.com:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.google.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"www.google.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.googleapis.com:443":{"alternate_protocol":{"port":443,"protocol_str":"quic"},"settings":{"4":100},"supports_spdy":true},"www.googletagservices.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}},"www.gstatic.com:80":{"alternate_protocol":{"port":80,"protocol_str":"quic"}}},"version":3}},"pinned_tabs":[],"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":2,"managed_user_id":"","name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{"browser":{"show_home_button":"626A12461496A915930210F747CAA718E878D94C410E0B72B8C470AEA02030D4"},"default_search_provider":{"keyword":"C0C3F2649F440F92DB9CD2FCA6E7B93FB0ACC16ADF08CB2D072DCEF03BA5FB60","name":"BC5C5060ADDA56AC0600701DC13E1E856CA19765185DC11DBD0E3B72755AAD0B","search_url":"E12ED631BE2184FC7E92D0A147BB95A5CB472637EFBD1FE7D0656607EB2DDE42"},"default_search_provider_data":{"template_url_data":"F3FB4C747D7871183D5E0C3F143CCB4572C2FFE11552A5B57BFA22E7D7E9CDC2"},"extensions":{"known_disabled":"5251A656D4385A56EF71EF53BCFD5A77317236B2816377E41950AB728E1CEAAA","settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"E126EE0808ACD0A8816359921A38A1FF6AA228F2E9026F5E8B517C8466DFC243","aohghmighlieiainnegkcijnfilokake":"1806DAA359097EE8772D70BE1329F2BADA3C3C9C1102A52E7260715275E81E21","apdfllckaahabafndbhieahigkjlhalf":"56F3282B9875D00A9CC22C521A5B32F3F9028F3AC4A5451F411EE4E69B64DD9B","bepbmhgboaologfdajaanbcjmnhjmhfn":"742399BBDBC2E34FC0E0216EBE5B59F6CACAE1698D67B82761333AA739FB8001","blpcfgokakmgnkcojhhkbfbldkacnbeo":"6E3AAFBF9475EBD22E04851F94B01062ED8095AC70231B32D40CC95E07B10673","coobgpohoikkiipiblmjeljniedjpjpf":"14521A33BD523DE606DA2F74B098B587E1462DA2885F09911ACA2DFC49B85656","eemcgdkfndhakfknompkggombfjjjeno":"E58C9C04F94AB22B38BC6072A19FDEBAD671534685AFF88F9D927A197CF289C2","ennkphjdgehloodpbhlhldgbnhmacadg":"A5DA6D3610EFF1C4625708606B8A02702DDC0F7DF352341FD31B7FBA0E3B3702","gfdkimpbcpahaombhbimeihdjnejgicl":"988DDD0E4E6BD0FE25DF674FE85FEA04DD135A9EE0A0C411A420CD9BE9F7BD6C","jbolfgndggfhhpbnkgnpjkfhinclbigj":"783D93FA0FE4295C13E786644A09E28569D3E8186B8166DC6266F068F5949E2A","kmendfapggjehodndflmmgagdbamhnfd":"A90476E451F947372F7991672889D03B39D568A9DA6906D859827B6334F878D8","mfehgcgbbipciphmccgaenjidiccnmng":"4193B56338CFFA507B3F4CF2785EC6D5ED0167CE2394FFA37CBE9A6D152D58BA","mgndgikekgjfcpckkfioiadnlibdjbkf":"38236254E9399227A56D86271345EAD03A181CB0B16EBCD0012A5E1169B3C897","neajdppkdcdipfabeoofebfddakdcjhd":"E4953C8CED7B738C352E8A872CDF1BBFCAF6868D9B7CC966B6D8042AD0F30683","nkeimhogjdpnpccoofpliimaahmaaome":"5086B39B74930981826C0D6075E65CCFDD5128A9E02914FCA58EE179F14CB55D","nmmhkkegccagdldgiimedpiccmgmieda":"566BF622FC8397C8E04411CBC2F379E3D34B816992068BA1C06C179696FC2485","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"81D29DB68B1DD2A4692E0797EBAD317207FE68AB77B5AA07A851D7A139FC423C","pjkljhegncpnkpknbcohdijeoejaedia":"930CAAC33224AC18127BC38F013CAEF670F9AC51A8587D174584B6EF37C4128C"}},"google":{"services":{"last_username":"461A9C83CE9D166BA0BAB395F270C739E5B1E35DFED0AE4BB069F900D2948137"}},"homepage":"E9151401108CC68D8903DA56298E2ACDBFA295A3A1449BDFA7986EF4842F039E","homepage_is_newtabpage":"1700359473DEAFC96CC47C2FC974F78E15BC671E1ADB00A2A90F6679CF89BF7B","pinned_tabs":"693317FAD30F8842C5A1060DC0C9695F50C24F7EC0AFFB057310D44406C19F6F","prefs":{"preference_reset_time":"B1F5B32D8DF826353419DE0397CE2C52F814282E44F285654BB59B338B9721DA"},"profile":{"reset_prompt_memento":"00486C6045BEC1724741D05B17914E83D4F3BE42B4BE34D0BF73E274950425CE"},"safebrowsing":{"incident_report_sent":"E2D7B05137A97AC5C32921155D20685B0A295464677A256F26D0D6527874D076"},"search_provider_overrides":"F3ECF0BEF1B6315D992D3F95695F604F1F555D121D080DECD884087D143F55E2","session":{"restore_on_startup":"FB488B00E0CBF3E8F08A0096F65ED8144956E88C02E12B8E573CC82F06D64214","startup_urls":"EC16A4875E90B8EE81028CA385FA226D526EAFA7E6CC64A4EAF63BA24F778AF5"},"sync":{"remaining_rollback_tries":"4D4229F1665D533AD900397A13D64E19F486C1373F16030A65114F09790B2E26"}}},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC"],"startup_urls_migration_time":"13043360760205335"},"sync":{"remaining_rollback_tries":0},"translate_blocked_languages":["nl"],"translate_whitelists":{}}

==== Reset Google Chrome ======================

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=70 folders=20 20823287 bytes)

==== EOF on di 28-10-2014 at 12:34:58,38 ======================

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

zoek-results.log

Zoek.exe v5.0.0.0 Updated 28-10-2014

Tool run by jan on wo 29-10-2014 at 10:57:49,90.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jan\Downloads\zoek(5).exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-10-23-172335.log 66580 bytes

C:\zoek-results2014-10-23-191106.log 59534 bytes

C:\zoek-results2014-10-28-113458.log 9277 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

C:\Program Files (x86)\Fighters\FighterSuiteService.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE

C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\jan\Downloads\zoek(5).exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcomp.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcore.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftevent.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftfsi_wow64.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftintf.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftlist.exe" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftpsr.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftsync.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftuser.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftvsa.exe" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcomp.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcore.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftevent.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftfsi_wow64.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftintf.dll" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftlist.exe" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftpsr.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftsync.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftuser.dll" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftvsa.exe" deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client" not deleted

"C:\PROGRA~2\Microsoft Application Virtualization Client" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 6121 MB

CPU Info: Intel® Core i7-2600 CPU @ 3.40GHz

CPU Speed: 3408.2 MHz

Sound Card: Speakers (Realtek High Definiti |

Display Adapters: ATI Radeon HD 5670 | ATI Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-S223C

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 1356.2GB | D: 40.0GB | Q: 0.0MB

Hard Disks - Free: C: 976.9GB | D: 21.6GB | Q: 0.0MB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 03/04/11 | MEDION - 1072009

Time Zone: West-Europa (standaardtijd)

Motherboard *: ECS H67H2-EM

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Virus: AVG Internet Security 2015 On-access scanning disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: AVG Internet Security 2015 disabled (Outdated)

Firewall: AVG Internet Security 2015 disabled

Default Browser: Firefox 32.0.3

Internet Explorer Version: 11.0.9600.17358

Mozilla Firefox version: 32.0.3 (x86 nl)

Google Chrome version: 38.0.2125.111

Adobe Reader version: 11.0.9.29

Sun Java version: 1.8.0_25 (32-bit)

Sun Java version: 1.8.0_25 (64-bit)

Flash Player version: 15.0.0.189

Shockwave Player version: 11.5.9r620

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-10-22 10:00:05 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif

====== C:\Users\jan\AppData\Local\Temp ====

2014-10-19 20:58:16 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Users\jan\AppData\Local\Temp\sqlite3.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-10-23 16:36:26 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-10-21 11:46:40 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll

2014-10-21 11:46:40 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll

2014-10-21 11:46:40 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll

2014-10-21 11:46:29 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-10-21 11:46:28 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-21 11:46:28 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-10-21 11:46:28 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-10-21 11:46:28 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-10-21 11:46:27 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-10-21 11:46:27 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-10-21 11:46:27 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-10-21 11:46:27 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-21 11:46:27 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-10-21 11:46:26 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-10-21 11:46:26 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-10-21 11:46:26 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-10-21 11:46:26 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-10-21 11:46:26 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-10-21 11:46:25 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-10-21 11:46:25 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-10-21 11:46:25 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-10-21 11:46:24 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-10-21 11:46:24 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-10-21 11:46:24 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-10-21 11:46:24 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-10-21 11:46:24 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-21 11:46:24 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-10-21 11:46:24 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-21 11:46:24 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-10-21 11:46:04 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-10-21 11:45:55 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll

2014-10-21 11:45:40 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-10-21 11:45:37 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll

2014-10-21 11:45:37 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-10-21 11:45:36 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-10-21 11:45:36 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll

2014-10-21 11:45:36 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-10-21 11:45:09 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-10-21 11:46:47 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys

2014-10-21 11:46:40 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll

2014-10-21 11:46:40 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll

2014-10-21 11:46:40 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll

2014-10-21 11:46:32 974F83636F841739FEA5CC6219BFB241 276480 ----a-w- C:\Windows\Sysnative\generaltel.dll

2014-10-21 11:46:31 510D5492BCA9E63E10E3CE0285965722 507392 ----a-w- C:\Windows\Sysnative\aepdu.dll

2014-10-21 11:46:30 767D478BB4B2F84B47B3C0956E6A5A05 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll

2014-10-21 11:46:28 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-10-21 11:46:28 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-10-21 11:46:28 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-10-21 11:46:27 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-10-21 11:46:27 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-10-21 11:46:26 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-10-21 11:46:26 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-10-21 11:46:26 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-10-21 11:46:26 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-10-21 11:46:25 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-10-21 11:46:25 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-10-21 11:46:25 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-10-21 11:46:25 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-10-21 11:46:25 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-10-21 11:46:24 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-10-21 11:46:24 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-10-21 11:46:24 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-10-21 11:46:23 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-10-21 11:46:23 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-10-21 11:46:23 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-10-21 11:46:23 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-10-21 11:46:23 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-10-21 11:46:23 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-10-21 11:46:22 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-10-21 11:46:22 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-10-21 11:46:22 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-10-21 11:46:22 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-10-21 11:46:22 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-10-21 11:46:22 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-10-21 11:46:21 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-10-21 11:46:05 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll

2014-10-21 11:45:55 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll

2014-10-21 11:45:40 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-10-21 11:45:38 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-10-21 11:45:38 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll

2014-10-21 11:45:37 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll

2014-10-21 11:45:37 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll

2014-10-21 11:45:36 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-10-21 11:45:36 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-10-21 11:45:09 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll

====== C:\Windows\Sysnative\drivers =====

2014-10-22 11:02:41 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys

2014-10-21 11:45:37 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys

2014-10-21 11:45:36 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2014-10-10 13:14:32 0BB7ECAC81554D83A66A0B9F961BB9D0 274200 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys

2014-10-07 19:43:06 7F6BE4B64811AFECE52FBAD85E31E378 262424 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys

2014-10-05 19:41:40 B4D589C734D796B5B76E0A0E5DA50397 124184 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys

====== C:\Windows\Tasks ======

2014-10-23 16:08:23 2DAE3AF8F8D19CF752DACC6C18A994C7 3120 ----a-w- C:\Windows\Sysnative\Tasks\{F777D659-4D92-42DC-AAF4-6D5079A8CC6F}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-10-23 13:28:33 -------- d-----w- C:\Program Files\trend micro

2014-10-21 11:49:58 -------- d-----w- C:\Program Files\iTunes

2014-10-21 11:49:58 -------- d-----w- C:\Program Files\iPod

======= C:\PROGRA~2 =====

2014-10-29 09:53:27 -------- d-----w- C:\PROGRA~2\QuickTime

2014-10-23 16:36:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-10-23 16:35:15 -------- d-----w- C:\PROGRA~2\Java

2014-10-21 11:49:58 -------- d-----w- C:\PROGRA~2\iTunes

2014-10-09 17:39:35 -------- d-----w- C:\PROGRA~2\Fighters

======= C: =====

2014-10-22 11:03:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\jan\AppData\Roaming ======

2014-10-23 19:01:12 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-10-23 19:01:12 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-10-23 19:01:12 -------- d-----w- C:\Users\jan\AppData\Local\Temp

2014-10-23 19:01:12 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-10-23 19:01:12 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-10-09 17:43:51 -------- d-----w- C:\Users\jan\AppData\Roaming\LiveKit

2014-10-09 17:40:13 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Fighters

2014-10-09 17:39:32 -------- d-----w- C:\Users\jan\AppData\Roaming\Fighters

2014-10-02 14:55:35 -------- d-----w- C:\Users\jan\AppData\Roaming\AVG2015

2014-10-02 14:54:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015

2014-10-02 14:54:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015

2014-10-02 14:52:43 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015

2014-10-02 14:51:31 -------- d-----w- C:\Users\jan\AppData\Local\Avg2015

====== C:\Users\jan ======

2014-10-29 09:53:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-10-28 09:17:11 FF33D8CDF04B1D15F3808D49406BEA43 1998336 ----a-w- C:\Users\jan\Downloads\adwcleaner_4.002.exe

2014-10-23 16:36:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-23 16:27:33 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(4).exe

2014-10-23 16:04:29 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(3).exe

2014-10-23 15:57:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(2).exe

2014-10-23 15:38:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(1).exe

2014-10-23 13:26:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jan\Downloads\RSITx64.exe

2014-10-22 11:03:01 -------- d-----w- C:\Users\jan\Start Menu

2014-10-22 09:58:06 14CB257C6D044B6D3FD965DE2B9DADC9 14105760 ----a-w- C:\Users\jan\Downloads\mseinstall.exe

2014-10-21 11:50:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-10-09 17:39:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters

2014-10-09 17:38:28 -------- d-----w- C:\ProgramData\Fighters

2014-10-02 15:19:50 -------- d-----w- C:\ProgramData\Oracle

2014-10-02 14:52:50 -------- d-----w- C:\ProgramData\AVG2015

====== C: exe-files ==

2014-10-29 09:54:19 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Install\{FD25004E-449E-4A9E-9D08-1E778DB1F83F}\38.0.2125.111_38.0.2125.104_chrome_updater.exe

2014-10-29 09:54:18 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.111\38.0.2125.111_38.0.2125.104_chrome_updater.exe

2014-10-29 09:52:41 7C444BCCB32E3A5ECFEE6315C058D351 80216 ----a-w- C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQ1RG19I\QuickTimeInstallerAdmin[1].exe

2014-10-28 09:30:19 C7489D70D684A305F49B8A59C2A38369 441896 ----a-w- C:\Users\jan\AppData\Roaming\Fighters\Tray\AutoInstall\DM.exe

2014-10-28 09:19:22 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateBroker.exe

2014-10-28 09:19:22 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe

2014-10-28 09:19:21 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateSetup.exe

2014-10-28 09:19:13 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe

2014-10-28 09:19:09 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleCrashHandler.exe

2014-10-28 09:19:09 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleCrashHandler64.exe

2014-10-28 09:19:04 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\GoogleUpdate.exe

2014-10-28 09:19:00 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Users\jan\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe

2014-10-28 09:17:11 FF33D8CDF04B1D15F3808D49406BEA43 1998336 ----a-w- C:\Users\jan\Downloads\adwcleaner_4.002.exe

2014-10-23 16:36:09 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe

2014-10-23 16:36:09 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe

2014-10-23 16:36:09 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe

2014-10-23 16:35:45 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe

2014-10-23 16:35:45 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe

2014-10-23 16:35:45 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe

2014-10-23 16:35:45 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe

2014-10-23 16:35:45 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe

2014-10-23 16:35:45 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe

2014-10-23 16:35:45 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe

2014-10-23 16:35:45 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe

2014-10-23 16:35:45 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe

2014-10-23 16:35:44 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe

2014-10-23 16:35:44 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe

2014-10-23 16:35:44 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe

2014-10-23 16:35:44 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe

2014-10-23 16:35:44 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe

2014-10-23 16:35:44 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe

2014-10-23 16:35:44 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe

2014-10-23 16:35:44 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe

2014-10-23 16:35:43 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe

2014-10-23 16:35:43 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe

2014-10-23 16:35:43 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe

2014-10-23 16:35:43 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe

2014-10-23 16:27:33 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(4).exe

2014-10-23 16:04:29 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(3).exe

2014-10-23 15:57:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(2).exe

2014-10-23 15:38:24 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\jan\Downloads\jxpiinstall(1).exe

2014-10-23 13:28:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jan.exe

2014-10-23 13:26:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jan\Downloads\RSITx64.exe

2014-10-23 12:29:32 52B2C1038E4AB6F5647978729B6BBCB3 320528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe

2014-10-23 12:26:54 E1CC6F808D83A21A022045F313AB0414 6122736 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

2014-10-23 12:26:54 D5EAC0FAA423C67E48DA714D43867034 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe

2014-10-23 12:26:54 BC04965E1D4252CD7A9B64AC146996C1 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe

2014-10-23 12:26:54 91B8E3B0D3C7EA00770F4C4FBEE4C3B5 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe

=== C: other files ==

2014-10-23 16:35:54 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip

2014-10-22 15:04:04 4AC75A9F5F7318FF53BC435DCFBF5A64 979610 ----a-w- C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

2014-10-22 11:03:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2014-10-22 11:02:41 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3961628303-576169890-3725312565-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"CommonToolkitTray"="C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"

"sfagent"="C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"

"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe"

"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22-10-2014 10:07]

C:\Windows\tasks\CheckDriveBackgroundGuard.job --a------ C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [10-12-2012 09:24]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 12:47]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 12:47]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001Core.job --a------ C:\Users\jan\AppData\LC:cal\GC:gle\Update\GC:gleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001UA.job --a------ :C:\Users\jan\AppData\LoC:al\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CheckDriveBackgroundGuard" [C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001Core" [C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3961628303-576169890-3725312565-1001UA" [C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\{040BCD94-AB0D-41A1-888F-E4413C50C6C3}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{1C1D9418-6D29-4DCD-889C-959960853AAA}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{250FC0C6-1C39-4233-AAC6-186B36B01F15}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{2EA453CA-28C6-4757-BCDB-8CEF053489D2}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{55FCE923-5AD8-4090-A354-E9E4A160F330}" [C:\Program Files (x86)\Movie Maker 2.6\MOVIEMK.exe]

"C:\Windows\SysNative\tasks\{6044BA18-E21A-4DF1-8303-D9C7A3D3186E}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{72B00541-13FA-4B74-87F6-5DD5F35A6AA0}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{8D135A4D-A791-4209-B460-EA0595405F4E}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\{CF68F64F-DFA5-4CA5-9AD4-1C8635DC42BC}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{D698BDFE-3D79-43C9-BF95-44B8B8349479}" [E:\AUTODOOL.EXE]

"C:\Windows\SysNative\tasks\{D79318E7-580D-479E-A196-B404D84ACC93}" [E:\SETUP.EXE]

"C:\Windows\SysNative\tasks\{DB1B0715-39C2-4AC4-A048-2F2688E6D1DE}" [C:\Users\jan\Downloads\WidevineMediaOptimizerIE.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"fmconverter@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox" [31-08-2013 14:06]

==== Firefox Extensions ======================

ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\jan\AppData\Roaming\TomTom\HOME\Profiles\5hxa7z7r.default

- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\tb5fiiih.default

40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Users\jan\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update

63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash

4A270804DC8AB72DCB4F694D050A3517 - C:\Users\jan\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll - Widevine Media Optimizer

B07511C6F3BBC07B1E09E44F20EE5B8A - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Chromium Look ======================

Google Docs - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{55ECAB0C-CCD2-4876-B93C-93B467BCF2FE} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393NL435"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

O4 - HKLM\..\Run: [sfagent] C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [Google Update] "C:\Users\jan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Application Virtualization Client (sftlist) - Unknown owner - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (file missing)

O23 - Service: Application Virtualization Service Agent (sftvsa) - Unknown owner - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\jan\AppData\Local\Mozilla\Firefox\Profiles\tb5fiiih.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=109 folders=23 33889979 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\jan\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcore.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftevent.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftintf.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftcore.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftevent.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client\sftintf.dll" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client" not found

"C:\PROGRA~2\Microsoft Application Virtualization Client" not found

==== EOF on wo 29-10-2014 at 11:35:27,80 ======================

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
 C:\autoexec.bat;f
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r64
"fmconverter@gmail.com"=-;r64
 {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA};c
 autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.