Ga naar inhoud

appdata\roaming\newnext.me\nengine.dll


klaasje

Aanbevolen berichten

HOI wie kan me helpen met deze probleem had altijd internet explorer maar die deed opeens niks meer heb nu google chroom en nu gaat alles mis als ik mijn computer opstart krijg ik de melding appdata roaming newnext me nengine dll een error pc blijft soms hangen eigelijk alles gaat fout pc al gescant etc. maar alles blijft zoals t nu is wat kan ik doen om dit probleem op te lossen alvast bedankt

Link naar reactie
Delen op andere sites

@ Klaasje,

:welkom: op PCH!.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

heb gedaan wat je zei en dit is wat ik heb

Logfile of random's system information tool 1.09 (written by random/random)

Run by klaasje at 2014-03-02 23:17:07

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 166 GB (81%) free of 205 GB

Total RAM: 3692 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:17:23, on 2-3-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

Running processes:

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe

C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\klaasje.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = 0

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Delta Homes

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Homes

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll

O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll

O2 - BHO: Bcool - {424FBC2D-3A8E-EE29-6182-8A5C284A57C7} - C:\ProgramData\Bcool\507875609ea20.ocx (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe

O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S

O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe"

O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0AMQA3ADAAMwA1ADMANAA0ADIANgAtAFYATwBQADkAKwAxAC0ARABEAFQAKwAwAA"&"prod=90"&"ver=9.0.914

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\klaasje\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C6BD965D-45A5-483C-8D87-12051FC0459D}: NameServer = 156.154.70.25,156.154.71.25

O17 - HKLM\System\CCS\Services\Tcpip\..\{D424A798-9EC6-4968-B088-E352F5FC33A6}: NameServer = 156.154.70.25,156.154.71.25

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--

End of file - 13929 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"

C:\Windows\system32\svchost.exe -k RPCSS

"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

atieclxx

"C:\Windows\system32\FBAgent.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"

C:\ProgramData\IePluginService\PluginService.exe -service

C:\ProgramData\WPM\wprotectmanager.exe -service

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe"

"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 2468

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files\Microsoft Security Client\NisSrv.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"taskhost.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Windows\AsScrPro.exe"

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe"

"C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe"

"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe"

"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

"C:\Program Files\COMODO\GeekBuddy\unit" "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

ATKOSD.exe

KBFiltr.exe

WDC.exe

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"

"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory=Default

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3308.0.1595115452\410842181" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x9806 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.930.13.6000 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group2 pct:10b stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3308.1.2096108404\818254187" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group2 pct:10b stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3308.2.1102806125\1434353110" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group2 pct:10b stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="3308.4.116209775\795281977" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group2 pct:10b stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_40/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="3308.5.1765753504\1540841938" /prefetch:673131151

"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding

taskeng.exe {F68BC4B5-7E12-4823-A46D-48B40EC5C693}

"C:\Users\klaasje\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\ChicaPC-Shield-Notification.job

C:\Windows\tasks\Digital Sites.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\powersuite_monitor.job

C:\Windows\tasks\ROC_REG_JAN_DELETE.job

C:\Windows\tasks\WS-Booster-S-46480778.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]

PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll [2013-12-13 842920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]

PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-07-01 1144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-02-26 513136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7}]

Bcool Class - C:\ProgramData\Bcool\507875609ea20.ocx []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]

PrivDog Extension - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll [2013-12-13 745640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-07-01 1144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-10 1360600]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

"RtsCM"=C:\Windows\RTSCM64.EXE [2014-01-10 147160]

"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-11-11 1612504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-01-14 20728480]

"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\AsScrPro.exe [2012-01-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

C:\Users\klaasje\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-04 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-10 13662936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]

C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-07-07 12862]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-02-02 2321072]

"PCTools FGuard"=C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [2011-07-01 247760]

"SonicMasterTray"=C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]

"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"fst_nl_22"= []

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [2012-08-03 740736]

"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2013-05-31 235072]

"PrivDogService"=C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe [2013-12-13 525480]

"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-02-27 2327248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA&inst=NwA3AC0AMQA3ADAAMwA1ADMANAA0ADIANgAtAFYATwBQADkAKwAxAC0ARABEAFQAKwAwAA∏=90&ver=9.0.914 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" C:\PROGRA~2\WS-BOO~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=16

"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=lvcod64.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"MSVideo"=vfwwdm32.dll

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

"VIDC.LAGS"=lagarith.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-03-02 21:59:50 ----D---- C:\Program Files\trend micro

2014-03-02 21:59:48 ----D---- C:\rsit

2014-03-02 21:05:18 ----D---- C:\zoek_backup

2014-03-02 18:46:13 ----A---- C:\Windows\ntbtlog.txt

2014-03-02 17:40:39 ----A---- C:\Windows\system32\drivers\fvstore.dat

2014-03-02 17:26:49 ----D---- C:\Users\klaasje\AppData\Roaming\Comodo

2014-03-02 16:49:14 ----A---- C:\Windows\system32\drivers\sfi.dat

2014-03-02 16:48:26 ----A---- C:\Windows\SYSWOW64\certsentry.dll

2014-03-02 16:46:55 ----SD---- C:\ProgramData\Shared Space

2014-03-02 16:46:41 ----A---- C:\Windows\SYSWOW64\mfc71.dll

2014-03-02 16:46:40 ----A---- C:\Windows\SYSWOW64\msvcr71.dll

2014-03-02 16:46:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll

2014-03-02 16:44:13 ----D---- C:\Program Files\AdTrustMedia

2014-03-02 16:44:13 ----D---- C:\Program Files (x86)\AdTrustMedia

2014-03-02 16:44:10 ----D---- C:\ProgramData\Adtrustmedia

2014-03-02 16:43:49 ----D---- C:\ProgramData\COMODO

2014-03-02 16:43:27 ----D---- C:\Program Files\COMODO

2014-03-02 16:43:02 ----D---- C:\first_launch

2014-03-02 16:42:53 ----A---- C:\Windows\system32\certsentry.dll

2014-03-02 16:42:13 ----D---- C:\Program Files (x86)\Comodo

2014-03-02 16:41:53 ----D---- C:\ProgramData\Comodo Downloader

2014-03-01 22:44:31 ----A---- C:\prefs.js

2014-03-01 22:44:02 ----D---- C:\ProgramData\Anti-phishing Domain Advisor

2014-03-01 21:58:56 ----A---- C:\autoexec.bat

2014-03-01 21:57:13 ----D---- C:\Program Files\Enigma Software Group

2014-03-01 21:54:28 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP

2014-03-01 21:31:27 ----D---- C:\ProgramData\Fighters

2014-03-01 19:07:29 ----D---- C:\Users\klaasje\AppData\Roaming\ChicaLogic

2014-03-01 19:06:51 ----D---- C:\ProgramData\ChicaLogic

2014-03-01 19:06:44 ----D---- C:\Program Files (x86)\ChicaLogic

2014-03-01 18:25:32 ----D---- C:\Users\klaasje\AppData\Roaming\Nico Mak Computing

2014-02-26 14:05:09 ----D---- C:\Users\klaasje\AppData\Roaming\WinZipper

2014-02-26 14:05:09 ----D---- C:\Program Files (x86)\WinZipper

2014-02-26 14:04:41 ----D---- C:\ProgramData\IePluginService

2014-02-26 14:04:40 ----D---- C:\Users\klaasje\AppData\Roaming\SupTab

2014-02-26 14:04:35 ----D---- C:\Program Files (x86)\SupTab

2014-02-25 21:04:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2014-02-25 21:04:21 ----A---- C:\Windows\system32\mstscax.dll

2014-02-24 21:15:48 ----HD---- C:\$AVG

2014-02-24 21:15:48 ----D---- C:\ProgramData\AVG2014

2014-02-24 21:04:37 ----D---- C:\ProgramData\SafeSoft

2014-02-24 21:04:28 ----D---- C:\Program Files (x86)\WS-Booster

2014-02-24 21:03:04 ----D---- C:\ProgramData\YoutubeAdblocker

2014-02-24 21:03:03 ----D---- C:\Program Files (x86)\YoutubeAdblocker

2014-02-24 21:02:25 ----D---- C:\ProgramData\websaVe

2014-02-24 21:02:24 ----D---- C:\Program Files (x86)\websaVe

2014-02-24 21:01:50 ----D---- C:\ProgramData\85a93ac36f72f73

2014-02-24 20:33:45 ----SHD---- C:\$RECYCLE.BIN

2014-02-24 16:45:09 ----D---- C:\Users\klaasje\AppData\Roaming\newnext.me

2014-02-24 16:42:39 ----D---- C:\Users\klaasje\AppData\Roaming\ExpressFiles

2014-02-24 16:42:39 ----D---- C:\Program Files (x86)\ExpressFiles

2014-02-24 16:30:42 ----D---- C:\Users\klaasje\AppData\Roaming\ParetoLogic

2014-02-24 16:30:42 ----D---- C:\Users\klaasje\AppData\Roaming\DriverCure

2014-02-24 16:30:24 ----D---- C:\ProgramData\ParetoLogic

2014-02-20 15:54:45 ----D---- C:\Program Files\Microsoft Office 15

2014-02-20 15:53:21 ----D---- C:\ProgramData\WPM

2014-02-20 15:53:07 ----D---- C:\Users\klaasje\AppData\Roaming\sweet-page

2014-02-20 15:52:48 ----D---- C:\Program Files (x86)\SimilarSites

2014-02-20 15:52:40 ----D---- C:\Users\klaasje\AppData\Roaming\SimilarSites

2014-02-17 20:27:32 ----D---- C:\Windows\system32\drivers\en-US

2014-02-17 20:26:08 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-02-17 20:25:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-02-17 20:25:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-02-17 20:25:54 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys

2014-02-17 20:25:50 ----A---- C:\Windows\SYSWOW64\tsgqec.dll

2014-02-17 20:25:50 ----A---- C:\Windows\system32\tsgqec.dll

2014-02-17 20:25:49 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll

2014-02-17 20:25:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll

2014-02-17 20:25:49 ----A---- C:\Windows\system32\wksprtPS.dll

2014-02-17 20:25:49 ----A---- C:\Windows\system32\TSWbPrxy.exe

2014-02-17 20:25:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll

2014-02-17 20:25:48 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2014-02-17 20:25:48 ----A---- C:\Windows\system32\wksprt.exe

2014-02-17 20:25:47 ----A---- C:\Windows\system32\mstsc.exe

2014-02-17 20:25:44 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll

2014-02-17 20:25:43 ----A---- C:\Windows\system32\rdvidcrl.dll

2014-02-17 20:24:32 ----A---- C:\Windows\system32\TSWorkspace.dll

2014-02-17 20:24:31 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll

2014-02-13 16:03:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-02-13 16:03:11 ----A---- C:\Windows\system32\vbscript.dll

2014-02-13 16:00:35 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-02-13 16:00:35 ----A---- C:\Windows\system32\msrating.dll

2014-02-13 16:00:33 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-02-13 16:00:32 ----A---- C:\Windows\system32\ieui.dll

2014-02-13 16:00:30 ----A---- C:\Windows\system32\iernonce.dll

2014-02-13 16:00:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-02-13 16:00:30 ----A---- C:\Windows\system32\ie4uinit.exe

2014-02-13 16:00:28 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-13 16:00:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-02-13 16:00:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-02-13 16:00:27 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-13 16:00:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-02-13 16:00:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-02-13 16:00:25 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-13 16:00:25 ----A---- C:\Windows\system32\iesetup.dll

2014-02-13 16:00:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-02-13 16:00:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-02-13 16:00:24 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-02-13 16:00:23 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-02-13 16:00:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-02-13 16:00:21 ----A---- C:\Windows\system32\mshtml.dll

2014-02-13 16:00:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-02-13 16:00:20 ----A---- C:\Windows\system32\jscript9diag.dll

2014-02-13 16:00:19 ----A---- C:\Windows\system32\ieapfltr.dll

2014-02-13 16:00:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-02-13 16:00:17 ----A---- C:\Windows\system32\iertutil.dll

2014-02-13 16:00:16 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-02-13 16:00:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-02-13 16:00:15 ----A---- C:\Windows\system32\wininet.dll

2014-02-13 16:00:15 ----A---- C:\Windows\system32\urlmon.dll

2014-02-13 16:00:11 ----A---- C:\Windows\system32\ieframe.dll

2014-02-13 16:00:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-02-13 16:00:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-02-13 16:00:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-02-13 16:00:03 ----A---- C:\Windows\system32\jscript9.dll

2014-02-13 15:45:41 ----A---- C:\Windows\system32\msxml3.dll

2014-02-13 15:45:40 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-02-13 15:45:40 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-02-13 15:45:40 ----A---- C:\Windows\system32\msxml3r.dll

2014-02-13 15:45:12 ----A---- C:\Windows\system32\RMActivate_isv.exe

2014-02-13 15:45:11 ----A---- C:\Windows\system32\RMActivate.exe

2014-02-13 15:45:10 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe

2014-02-13 15:45:10 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe

2014-02-13 15:45:10 ----A---- C:\Windows\SYSWOW64\RMActivate.exe

2014-02-13 15:45:08 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-13 15:45:07 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe

2014-02-13 15:45:07 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2014-02-13 15:45:05 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll

2014-02-13 15:45:05 ----A---- C:\Windows\system32\secproc_isv.dll

2014-02-13 15:45:04 ----A---- C:\Windows\system32\secproc.dll

2014-02-13 15:45:04 ----A---- C:\Windows\system32\msdrm.dll

2014-02-13 15:45:03 ----A---- C:\Windows\SYSWOW64\secproc.dll

2014-02-13 15:45:03 ----A---- C:\Windows\SYSWOW64\msdrm.dll

2014-02-13 15:45:03 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2014-02-13 15:45:03 ----A---- C:\Windows\system32\secproc_ssp.dll

2014-02-13 15:45:02 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll

2014-02-13 15:45:02 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll

2014-02-13 15:44:52 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-02-13 15:44:51 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-13 15:44:50 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2014-02-13 15:44:50 ----A---- C:\Windows\system32\d2d1.dll

2014-02-08 19:49:19 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-02-08 19:49:14 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys

2014-02-08 19:49:14 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys

2014-02-08 19:49:08 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll

2014-02-08 19:49:07 ----A---- C:\Windows\system32\rdpudd.dll

2014-02-08 19:49:06 ----A---- C:\Windows\system32\rdpendp_winip.dll

2014-02-08 19:49:04 ----A---- C:\Windows\system32\rdpcorets.dll

======List of files/folders modified in the last 1 month======

2014-03-02 23:05:04 ----SHD---- C:\Windows\Installer

2014-03-02 23:05:03 ----D---- C:\Windows\Temp

2014-03-02 21:59:50 ----RD---- C:\Program Files

2014-03-02 21:05:32 ----D---- C:\Windows\SysWOW64

2014-03-02 20:20:40 ----D---- C:\Users\klaasje\AppData\Roaming\Skype

2014-03-02 20:17:07 ----AD---- C:\ProgramData\Temp

2014-03-02 20:17:03 ----D---- C:\Windows

2014-03-02 19:14:57 ----D---- C:\Program Files\Uninstaller

2014-03-02 17:40:39 ----D---- C:\Windows\system32\drivers

2014-03-02 17:08:40 ----D---- C:\Program Files (x86)\Common Files

2014-03-02 17:00:13 ----D---- C:\Windows\system32\Tasks

2014-03-02 16:54:22 ----A---- C:\Windows\system32\AutoRunFilter.ini

2014-03-02 16:54:17 ----A---- C:\Windows\system32\ServiceFilter.ini

2014-03-02 16:53:14 ----SHD---- C:\System Volume Information

2014-03-02 16:49:04 ----D---- C:\Windows\inf

2014-03-02 16:48:55 ----D---- C:\Windows\system32\catroot

2014-03-02 16:48:53 ----D---- C:\Windows\system32\DriverStore

2014-03-02 16:48:51 ----D---- C:\Windows\system32\catroot2

2014-03-02 16:47:18 ----D---- C:\Windows\System32

2014-03-02 16:46:55 ----HD---- C:\ProgramData

2014-03-02 16:44:13 ----RD---- C:\Program Files (x86)

2014-03-02 16:43:59 ----D---- C:\Windows\winsxs

2014-03-02 16:32:13 ----D---- C:\Windows\system32\config

2014-03-02 16:25:26 ----D---- C:\Program Files (x86)\PDFCreator

2014-03-02 10:52:53 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-01 22:42:22 ----SD---- C:\Users\klaasje\AppData\Roaming\Microsoft

2014-03-01 22:35:39 ----D---- C:\Windows\Minidump

2014-03-01 21:35:47 ----RSD---- C:\Windows\assembly

2014-03-01 21:34:29 ----D---- C:\Users\klaasje\AppData\Roaming\ASUS WebStorage

2014-03-01 21:30:03 ----D---- C:\ProgramData\MFAData

2014-03-01 19:15:32 ----A---- C:\Windows\win.ini

2014-03-01 19:13:52 ----D---- C:\Windows\Tasks

2014-03-01 19:04:54 ----D---- C:\ProgramData\clp

2014-03-01 17:36:29 ----D---- C:\Windows\system32\NDF

2014-03-01 16:34:13 ----HD---- C:\Windows\msdownld.tmp

2014-03-01 16:34:12 ----D---- C:\Program Files\Internet Explorer

2014-02-26 14:05:08 ----A---- C:\Windows\SYSWOW64\msvcr100.dll

2014-02-26 14:05:08 ----A---- C:\Windows\SYSWOW64\msvcp100.dll

2014-02-25 22:06:54 ----D---- C:\Windows\system32\wbem

2014-02-25 22:05:59 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-02-25 22:05:59 ----D---- C:\Windows\system32\nl-NL

2014-02-25 22:05:58 ----D---- C:\Windows\registration

2014-02-24 22:05:42 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-24 22:05:38 ----D---- C:\Users\klaasje\AppData\Roaming\Mozilla

2014-02-24 22:01:21 ----D---- C:\Program Files (x86)\Google

2014-02-24 21:40:12 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-02-24 21:01:46 ----RD---- C:\Users

2014-02-24 21:00:18 ----D---- C:\ProgramData\InstallMate

2014-02-24 16:17:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-02-21 00:12:29 ----D---- C:\Windows\Microsoft.NET

2014-02-20 15:59:45 ----D---- C:\Program Files (x86)\Microsoft Office

2014-02-20 15:59:02 ----SD---- C:\ProgramData\Microsoft

2014-02-17 21:05:37 ----D---- C:\AdwCleaner

2014-02-17 20:27:32 ----D---- C:\Windows\SYSWOW64\wbem

2014-02-17 15:04:29 ----D---- C:\Program Files (x86)\PC Tools Security

2014-02-17 02:51:58 ----SHD---- C:\Recovery

2014-02-16 09:58:38 ----D---- C:\Windows\system32\MRT

2014-02-16 09:58:33 ----A---- C:\Windows\system32\MRT.exe

2014-02-13 21:12:12 ----D---- C:\Program Files (x86)\Internet Explorer

2014-02-13 16:08:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-02-09 21:10:21 ----D---- C:\Users\klaasje\AppData\Roaming\DivX

2014-02-08 19:53:00 ----D---- C:\Windows\system32\drivers\nl-NL

2014-02-08 19:53:00 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2014-01-10 82240]

R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2014-01-10 42304]

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2014-01-10 11904]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]

R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2013-05-07 37976]

R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]

R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-11-14 709144]

R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]

R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2013-10-07 14888]

R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-22 10721280]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-22 327168]

R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2014-01-10 3995136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-01-10 96256]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-10 3698904]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]

R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-01-10 264408]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-10 883928]

R3 rtsuvc;Realtek USB2.0 PC Camera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2014-01-10 8244312]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S0 amdkmafd;AMD Audio Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmafd.sys [2014-01-10 21160]

S1 SBRE;SBRE; C:\Windows\system32\drivers\SBRE.sys []

S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-19 80384]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]

S3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]

S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2014-01-10 171008]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]

S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]

S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]

S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-22 235520]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]

R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-07-01 337872]

R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-02-27 70352]

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-01-28 2135232]

R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-02-27 2327248]

R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-02-26 508016]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 84ef8d51;WS-Sustainer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]

S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-08-17 5132888]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-20 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Je zit met behoorlijk wat rotzooi op je PC :dong:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c
 C:\Program Files (x86)\SupTab;fs
 {424FBC2D-3A8E-EE29-6182-8A5C284A57C7};c
 C:\ProgramData\Bcool;fs
IePluginService;s
 {d2ce3e00-f94a-4740-988e-03dc2f38c34f};c
 C:\Program Files (x86)\Microsoft\BingBar;fs
 {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC};c
 C:\Program Files (x86)\AdTrustMedia;fs
 {8dcb7100-df86-4384-8842-8fa844297b3f};c
 mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 PrivDogService;s
 AvgUninstallURL;s
 NextLive;s
 C:\Users\klaasje\AppData\Roaming\newnext.me;fs
 C:\Windows\tasks\ChicaPC-Shield-Notification.job;f
C:\Windows\tasks\Digital Sites.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "NextLive"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "fst_nl_22"=-;r64
 "mobilegeni daemon"=-;r64
 "PrivDogService"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce];r64
"AvgUninstallURL"=-;r64
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
 rd /s /q C:\zoek_backup;b
 C:\Program Files\AdTrustMedia;fs
C:\ProgramData\Adtrustmedia;fs
 C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP;f
 C:\ProgramData\IePluginService;fs
C:\Users\klaasje\AppData\Roaming\SupTab;fs
C:\ProgramData\SafeSoft;fs
C:\Program Files (x86)\WS-Booster;fs
 C:\ProgramData\websaVe;fs
C:\Program Files (x86)\websaVe;fs
C:\ProgramData\85a93ac36f72f73;fs
 C:\Users\klaasje\AppData\Roaming\ParetoLogic;fs
 C:\Users\klaasje\AppData\Roaming\sweet-page;fs
C:\Program Files (x86)\SimilarSites;fs
C:\Users\klaasje\AppData\Roaming\SimilarSites;fs
 C:\ProgramData\InstallMate;fs
 C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308};fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

aangepast door kape
Link naar reactie
Delen op andere sites

iedergeval dit is wat ik heb ontvangen

Zoek.exe v5.0.0.0 Updated 02-March-2014

Tool run by klaasje on ma 03-03-2014 at 16:31:43,73.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\klaasje\Downloads\zoek (3).exe [scan all users] [script inserted]

==== System Restore Info ======================

3-3-2014 16:43:56 Zoek.exe System Restore Point Created Succesfully

Link naar reactie
Delen op andere sites

Dat kan behoorlijk lang duren ... en volgens de gegevens in bericht 6 is het programma wel degelijk gestart. Kijk eens in je C-partitie of je daar een bestand zoek-results.log kan vinden ? Zo ja, kopieer dit even en plak dit in een volgende bericht.

Link naar reactie
Delen op andere sites

oek.exe v5.0.0.0 Updated 07-March-2014

Tool run by klaasje on do 06-03-2014 at 16:34:34,90.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\klaasje\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-03-03-154357.log 420 bytes

C:\zoek-results2014-03-04-210925.log 402 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Lavasoft deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\OnlineHD.TV deleted successfully

C:\PROGRA~2\SimilarSites deleted successfully

C:\PROGRA~2\YoutubeAdblocker deleted successfully

C:\Program Files\PDFCreator deleted successfully

C:\PROGRA~3\AMD deleted successfully

C:\PROGRA~3\AVAST Software deleted successfully

C:\PROGRA~3\Deadtime Stories deleted successfully

C:\PROGRA~3\DriverGenius deleted successfully

C:\PROGRA~3\Norton deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\PROGRA~3\YoutubeAdblocker deleted successfully

C:\Users\klaasje\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\klaasje\AppData\Roaming\ShieldApps deleted successfully

C:\Users\klaasje\AppData\Roaming\SimilarSites deleted successfully

C:\Users\klaasje\AppData\Roaming\TP deleted successfully

C:\Users\klaasje\AppData\Roaming\WinZipper deleted successfully

C:\Users\klaasje\AppData\Local\cache deleted successfully

C:\Users\klaasje\AppData\Local\genienext deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\ProgramData\IePluginService\PluginService.exe

C:\ProgramData\WPM\wprotectmanager.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe

C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe

C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

C:\Users\klaasje\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Wpm deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Wpm deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\klaasje\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 1);

---- FireFox user.js and prefs.js backups ----

user_06-03-2014_2154_.backup

prefs_06-03-2014_2154_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{424FBC2D-3A8E-EE29-6182-8A5C284A57C7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"fst_nl_22"=-

"mobilegeni daemon"=-

"PrivDogService"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

C:\ProgramData\Bcool not found

C:\Program Files (x86)\Mobogenie not found

C:\Program Files (x86)\SimilarSites not found

C:\Users\klaasje\AppData\Roaming\SimilarSites not found

C:\Program Files (x86)\SupTab deleted

C:\Program Files (x86)\Microsoft\BingBar deleted

C:\Users\klaasje\AppData\Roaming\newnext.me deleted

C:\ProgramData\Adtrustmedia deleted

C:\ProgramData\IePluginService deleted

C:\Users\klaasje\AppData\Roaming\SupTab deleted

C:\ProgramData\SafeSoft deleted

C:\Program Files (x86)\WS-Booster deleted

C:\ProgramData\websaVe deleted

C:\Program Files (x86)\websaVe deleted

C:\ProgramData\85a93ac36f72f73 deleted

C:\Users\klaasje\AppData\Roaming\ParetoLogic deleted

C:\Users\klaasje\AppData\Roaming\sweet-page deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted

C:\Users\klaasje\AppData\LocalLow\{5326ED16-34AB-A3E8-60FF-C6B8793CD8B1} deleted

C:\Users\klaasje\AppData\LocalLow\{87FC8A8F-1CA8-0B87-FAD4-3D3CB29D0548} deleted

C:\Users\klaasje\AppData\Local\Packages\windows_ie_ac_001\AC\{5326ED16-34AB-A3E8-60FF-C6B8793CD8B1} deleted

C:\Users\klaasje\AppData\Local\Packages\windows_ie_ac_001\AC\{87FC8A8F-1CA8-0B87-FAD4-3D3CB29D0548} deleted

C:\Users\klaasje\daemonprocess.txt deleted

C:\Users\klaasje\.android deleted

C:\PROGRA~2\ExpressFiles deleted

C:\PROGRA~2\WinZipper deleted

C:\PROGRA~2\SoftQuick deleted

C:\Program Files\Uninstaller deleted

C:\Users\klaasje\AppData\Roaming\SecureSearch deleted

C:\Users\klaasje\AppData\Roaming\ExpressFiles deleted

C:\Users\klaasje\AppData\Roaming\DriverCure deleted

C:\PROGRA~3\ParetoLogic deleted

C:\PROGRA~3\WPM deleted

C:\PROGRA~3\AVG January 2013 Campaign deleted

C:\PROGRA~3\WoW Worldwide Software LTD deleted

C:\Users\klaasje\AppData\Local\Mobogenie deleted

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx deleted

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper deleted

C:\Users\klaasje\Downloads\rcpsetupapnnew_apnnew2_1421462_nl_bp.exe deleted

C:\Users\klaasje\Downloads\rcpsetupmarm1_marm1162230300nl.exe deleted

C:\Users\klaasje\Downloads\rcpsetupmarm1_marm1370078065nl.exe deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted

C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\windows\SysNative\tasks\Digital Sites deleted

C:\Windows\tasks\Digital Sites.job deleted

C:\prefs.js deleted

C:\Windows\Syswow64\RegistryHelperLM.ocx deleted

"C:\Windows\tasks\ChicaPC-Shield-Notification.job" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCall.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla2.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla21.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla32.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla33.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla34.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseData.ini" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\magpie.dll" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\mfc100u.dll" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\msvcp100.dll" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\msvcr100.dll" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\scriptservice.dll" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe" deleted

"C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18\magpie.dll" deleted

"C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP" deleted

"C:\Program Files (x86)\AdTrustMedia" deleted

"C:\Program Files\AdTrustMedia" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog" deleted

"C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18" deleted

"C:\Program Files\AdTrustMedia\PrivDog" deleted

"C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 3692 MB

CPU Info: AMD E-450 APU with Radeon HD Graphics

CPU Speed: 1676,7 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Display Adapters: AMD Radeon HD 6320 Graphics | AMD Radeon HD 6320 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Qualcomm Atheros AR9285 Wireless Network Adapter | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 200,3GB | D: 240,5GB | Q: 0,0MB

Hard Disks - Free: C: 162,0GB | D: 240,1GB | Q: 0,0MB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 11/08/11 | _ASUS_ - 1072009

Time Zone: West-Europa (standaardtijd)

Motherboard *: ASUSTeK Computer Inc. K53U

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Virus: COMODO Antivirus On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Anti-Spyware: COMODO Antivirus disabled (Outdated)

Firewall: COMODO Firewall disabled

Default Browser: Google Chrome 33.0.1750.146

Internet Explorer Version: 11.0.9600.16518

Google Chrome version: 33.0.1750.146

Adobe Reader version: 11.0.06.70

Sun Java version: 1.7.0_51 (32-bit)

Flash Player version: 12.0.0.70

Shockwave Player version: 12.0.7r148

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\klaasje\AppData\Local\Temp ====

2014-03-02 21:17:51 1AEF21A46ACD1D379D37CF819467D139 9361536 ----a-w- C:\Users\klaasje\AppData\Local\Temp\uninstall7307866.exe

2014-03-01 21:27:16 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\SmiProvider.dll

2014-03-01 21:27:16 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\WimProvider.dll

2014-03-01 21:27:16 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\OSProvider.dll

2014-03-01 21:27:16 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\UnattendProvider.dll

2014-03-01 21:27:16 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\wdscore.dll

2014-03-01 21:27:16 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\TransmogProvider.dll

2014-03-01 21:27:14 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\DmiProvider.dll

2014-03-01 21:27:14 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\FolderProvider.dll

2014-03-01 21:27:14 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\IntlProvider.dll

2014-03-01 21:27:14 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\DismHost.exe

2014-03-01 21:27:14 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\DismProv.dll

2014-03-01 21:27:14 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\MsiProvider.dll

2014-03-01 21:27:13 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\DismCore.dll

2014-03-01 21:27:13 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\CbsProvider.dll

2014-03-01 21:27:13 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\CompatProvider.dll

2014-03-01 21:27:13 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\klaasje\AppData\Local\Temp\38B41A11-3106-4380-B520-1F9ACDA1463A\DismCorePS.dll

2014-03-01 20:57:45 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\klaasje\AppData\Local\Temp\ESGScanner.sys

2014-03-01 20:53:58 5C28E508C83A3B0DDBB224B04B1418B9 47329360 ----a-w- C:\Users\klaasje\AppData\Local\Temp\SHSetup.exe

2014-03-01 18:07:54 C59E338679AE5F5326EEBC28D50DA068 14002344 ----a-w- C:\Users\klaasje\AppData\Local\Temp\DRIVERfighter_Full.exe

2014-03-01 18:05:03 1B3ADC684A69176DC8E0F46BBE5D7A46 15250712 ----a-w- C:\Users\klaasje\AppData\Local\Temp\CPCShield_Setup.exe

2014-02-26 13:05:08 B37F5D5016C76E2C79E09CE09CF301FA 421008 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\eInstall\msvcp100.dll

2014-02-26 13:05:08 0268D8F6C9BD03F52EE18CDA5EB13DF3 773776 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\eInstall\msvcr100.dll

2014-02-26 13:05:07 FD62134EE6F8AB85E9CB002B5053AB00 1489040 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\eInstall\eInstall.exe

2014-02-26 13:05:07 204706C8F3F0FEA2BBA3C5A90A926CD3 612496 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\sqlite3.dll

2014-02-26 13:05:06 EA072D1EE6CEF67B3DFCE24A90C89D5F 680592 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\ebase.dll

2014-02-26 13:05:06 D1270ADF50A2134620404F477D9F29FD 857744 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\7z.dll

2014-02-26 13:05:06 BC349189801777AAF0FD23958E24DC79 1558160 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\ouilibnl.dll

2014-02-26 13:05:06 456DCA76CF761D76776DA14675878B6D 150160 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\eshellctx64.dll

2014-02-26 13:05:06 3C8939F624210E77DC95BFD20AC1C7D9 73872 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\eshellctx.dll

2014-02-26 13:05:06 272B6D0E70E72B0E412DFCA658F5857C 181904 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\libpng.dll

2014-02-26 13:05:05 CA875E4EF327C501BA9FD9C2216025E4 505488 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\WinZipper.exe

2014-02-26 13:05:01 8F9D8732840C374D1C5EAF9E1645F4AC 425104 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\winzipersvc.exe

2014-02-26 13:05:01 539B243749E2296813EC7A5D9E9DCA29 151696 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\TrayDownloader.exe

2014-02-26 13:05:00 B0D7BE11F149BB35C3E0EA439A82DC53 1148560 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\eUninstall.exe

2014-02-26 13:04:59 81E7BE1D97415D35F859557595F5E2CD 236176 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WinZipper\omigazip\dup.exe

2014-02-26 09:25:35 F621E1F41EF117A0FC84A401570159B3 1073728 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WpmUpdate\3492DAFB6483448aAFE96CACCE9E0FEC\SupTab.exe

2014-02-26 09:25:35 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WpmUpdate\3492DAFB6483448aAFE96CACCE9E0FEC\Baofeng.exe

2014-02-26 09:25:35 9E343AE10F8B2F8C75B957E065D004D4 100864 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WpmUpdate\3492DAFB6483448aAFE96CACCE9E0FEC\UpDate.dll

2014-02-26 09:25:35 486C2BD4296D3B64D95F058C28771FE4 3298960 ----a-w- C:\Users\klaasje\AppData\Local\Temp\WpmUpdate\3492DAFB6483448aAFE96CACCE9E0FEC\WinZipper.exe

2014-02-24 20:04:42 48C9D2FBE78C17EEF9D1E3AF9B705755 5226512 ----a-w- C:\Users\klaasje\AppData\Local\Temp\down.3492.OptimizerProInstaller.exe

2014-02-24 20:00:17 E717F6CE3A7429BFA6D7F3CF66737A4B 15968 --s---r- C:\Users\klaasje\AppData\Local\Temp\{E70ADAE0-E1B6-49C4-AB2F-A9943CE9F816}\Setup.exe

2014-02-24 20:00:17 449E327AD7B62D3A446B1D5C97C76DEA 174592 --s---r- C:\Users\klaasje\AppData\Local\Temp\{E70ADAE0-E1B6-49C4-AB2F-A9943CE9F816}\_Setup.dll

2014-02-24 20:00:16 AF7CE801C8471C5CD19B366333C153C4 275552 --s---r- C:\Users\klaasje\AppData\Local\Temp\TsuF780957A.dll

2014-02-24 15:42:35 1B6F552D7C46272FAD4A9B72DD7EB01D 331264 ----a-w- C:\Users\klaasje\AppData\Local\Temp\Launcher_i382471052.exe

2014-02-24 15:42:26 A55B82103A202C20717F45C201EC4553 936960 ----a-w- C:\Users\klaasje\AppData\Local\Temp\htmlayout.dll

2014-02-24 15:16:38 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\WimProvider.dll

2014-02-24 15:16:38 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\wdscore.dll

2014-02-24 15:16:37 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\SmiProvider.dll

2014-02-24 15:16:37 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\DmiProvider.dll

2014-02-24 15:16:37 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\DismCore.dll

2014-02-24 15:16:37 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\CbsProvider.dll

2014-02-24 15:16:37 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\OSProvider.dll

2014-02-24 15:16:37 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\FolderProvider.dll

2014-02-24 15:16:37 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\IntlProvider.dll

2014-02-24 15:16:37 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\DismHost.exe

2014-02-24 15:16:37 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\UnattendProvider.dll

2014-02-24 15:16:37 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\DismProv.dll

2014-02-24 15:16:37 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\TransmogProvider.dll

2014-02-24 15:16:37 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\CompatProvider.dll

2014-02-24 15:16:37 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\DismCorePS.dll

2014-02-24 15:16:37 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\klaasje\AppData\Local\Temp\5BB38AA6-16C5-4D7F-8B2C-5AA902BDEBB6\MsiProvider.dll

====== Java Cache =====

2014-03-04 21:31:47 117874D748D93730AC0FCDE495F3F5B7 933 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3d9bb503-63ab7451

2014-02-19 20:08:58 E1A0EE3B26B6AA6D0B23B3F333324F71 43446 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ae6746b-222a2028

2014-03-04 21:31:50 5CA4418A0034F8CCDDFAEF86ADF2ACFB 122112 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\2b6ccb6b-2ec9dea6

2014-02-19 20:08:43 2B71E4C4D79C98943635E6F8AE7694E6 75 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\617101ad-6.0.lap

2014-02-19 20:08:53 3755B42055866329BFCCE635C4DE5FA7 286365 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\20eb5045-35569369

2014-02-19 20:08:55 CCBB274DEE899C60BA564BA4AC293240 2771625 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\1ca9f8f2-5a2cbc61

2014-02-19 20:08:50 AA63B8EAABD53E31CDC70ABC4AC35253 22462 ----a-w- C:\Users\klaasje\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\62de1075-34ad7b21

====== C:\Windows\SysWOW64 =====

2014-03-02 15:48:26 E6BB9F8C97B2CCF676227226700800AF 48392 ----a-w- C:\Windows\SysWOW64\certsentry.dll

2014-03-02 15:46:41 1FD3F9722119BDF7B8CFF0ECD1E84EA6 1060864 ----a-w- C:\Windows\SysWOW64\mfc71.dll

2014-03-02 15:46:40 D0AAAE16BA162DD89D646887F1539855 1700352 ----a-w- C:\Windows\SysWOW64\gdiplus.dll

2014-03-02 15:46:40 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Windows\SysWOW64\msvcr71.dll

2014-02-25 20:04:21 204882085A7D984D455AA4DE7B7074C6 5694464 ----a-w- C:\Windows\SysWOW64\mstscax.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-03-02 15:42:53 9CDB22EAB44FC064EAE9B30D1AF1ABB2 57096 ----a-w- C:\Windows\Sysnative\certsentry.dll

2014-02-25 20:04:21 879A3F94118D686E63041A386FE91EBE 6574592 ----a-w- C:\Windows\Sysnative\mstscax.dll

====== C:\Windows\Sysnative\drivers =====

2014-03-02 16:40:39 2A7A4483A325BB74394992D1F3BA4F69 4324 ----a-w- C:\Windows\Sysnative\drivers\fvstore.dat

2014-03-02 15:49:14 F2CC1F6D302AF5750D4C77996BE74665 450801 ----a-w- C:\Windows\Sysnative\drivers\sfi.dat

2014-02-17 19:25:54 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys

2014-02-08 18:49:14 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys

2014-02-08 18:49:14 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys

====== C:\Windows\Tasks ======

2014-03-02 16:00:13 -------- d-----w- C:\Windows\Sysnative\Tasks\COMODO

2014-02-25 20:49:03 7DA303FF6ED79F3FDBCC079C7F1BF06F 2986 ----a-w- C:\Windows\Sysnative\Tasks\{61FDFDAC-8631-4D92-8375-CF453FB50053}

2014-02-24 21:00:54 611C4BD67D0FE4B899877BB1C0F94D15 1058 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-24 21:00:54 4001AE5B7D19CE170EFE4BE2F9AD54DD 4054 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2014-02-24 21:00:53 D9A1A3BD04FDAE91EB2A3959F6BE8EF4 1054 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-24 21:00:53 9331AF210250EF085881099CD6E70442 3802 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2014-02-24 20:04:38 CC40AB900595495CAAA0951ACA40FA3F 2686 ----a-w- C:\Windows\Sysnative\Tasks\WS-Booster-S-46480778

2014-02-24 20:04:38 372702B2ED9ED1C7E038DF11F36072A0 440 ---ha-w- C:\Windows\Tasks\WS-Booster-S-46480778.job

2014-02-24 15:01:33 7DA303FF6ED79F3FDBCC079C7F1BF06F 2986 ----a-w- C:\Windows\Sysnative\Tasks\{671533E5-87D2-4CBB-AE55-8ECEFBFE43D8}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-02 20:59:50 -------- d-----w- C:\Program Files\trend micro

2014-03-02 15:43:27 -------- d-----w- C:\Program Files\COMODO

2014-03-01 20:57:13 -------- d-----w- C:\Program Files\Enigma Software Group

2014-02-20 14:54:45 -------- d-----w- C:\Program Files\Microsoft Office 15

======= C:\PROGRA~2 =====

2014-03-02 16:08:40 -------- d-----w- C:\PROGRA~2\COMMON~1\COMODO

2014-03-02 15:42:13 -------- d-----w- C:\PROGRA~2\Comodo

2014-03-01 20:54:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard

======= C: =====

2014-03-01 20:58:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\klaasje\AppData\Roaming ======

2014-03-02 16:26:49 -------- d-----w- C:\Users\klaasje\AppData\Roaming\Comodo

2014-03-02 15:48:58 -------- d-----w- C:\Users\klaasje\AppData\Locallow\COMODO

2014-03-02 15:48:52 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Comodo

2014-03-02 15:47:59 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\COMODO

2014-03-02 15:46:26 -------- d-----w- C:\Users\klaasje\AppData\Local\AdTrustMedia

2014-03-02 15:44:06 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\COMODO

2014-02-24 20:02:25 -------- d-----w- C:\Users\klaasje\AppData\Local\Packages

2014-02-24 20:01:49 -------- d-----w- C:\Users\klaasje\AppData\Local\Torch

2014-02-24 20:01:49 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-02-24 20:01:49 -------- d-----w- C:\Users\Gast\AppData\Local\Torch

2014-02-24 20:01:48 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch

2014-02-24 20:01:47 -------- d-----w- C:\Users\klaasje\AppData\Local\Comodo

2014-02-24 20:01:47 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-02-24 20:01:47 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo

2014-02-24 20:01:47 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo

2014-02-24 20:01:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google

2014-02-24 20:01:46 -------- d-----w- C:\Users\Gast\AppData\Local\Google

2014-02-24 20:01:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Google

2014-02-24 19:43:36 -------- d-----w- C:\Users\klaasje\AppData\Local\Avg2014

2014-02-09 20:09:57 E53F9D610633FA1754476FFBBEC4D934 10498 ----a-w- C:\Users\klaasje\AppData\Locallow\lpm.dat

====== C:\Users\klaasje ======

2014-03-02 20:58:33 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\klaasje\Downloads\RSITx64.exe

2014-03-02 15:49:25 -------- d-----w- C:\Users\HomeGroupUser$\Links

2014-03-02 15:49:25 -------- d-----w- C:\Users\Gast\Links

2014-03-02 15:49:25 -------- d-----w- C:\Users\Administrator\Links

2014-03-02 15:46:55 -------- d-s---w- C:\ProgramData\Shared Space

2014-03-02 15:43:49 -------- d-----w- C:\ProgramData\COMODO

2014-03-02 15:43:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

2014-03-02 15:41:53 -------- d-----w- C:\ProgramData\Comodo Downloader

2014-03-02 15:36:28 FCA43F488AFA6EE28B7380024F005BCF 211388240 ----a-w- C:\Users\klaasje\Downloads\cispremium_installer.exe

2014-03-01 21:40:41 653814DFA9E848C5656234AF0D223B42 1214896 ----a-w- C:\Users\klaasje\Downloads\toolbarcleaner_setup.exe

2014-03-01 20:53:37 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\klaasje\Downloads\SpyHunter-Installer.exe

2014-03-01 20:31:27 -------- d-----w- C:\ProgramData\Fighters

2014-03-01 18:00:53 82EA1F27AD12A206120ED2894FD53AA1 2380312 ----a-w- C:\Users\klaasje\Downloads\spywarefighter (1).exe

2014-03-01 18:00:10 82EA1F27AD12A206120ED2894FD53AA1 2380312 ----a-w- C:\Users\klaasje\Downloads\spywarefighter.exe

2014-03-01 17:23:33 7FFE531FC3065DE780E683F4197B5F67 4892480 ----a-w- C:\Users\klaasje\Downloads\wzmp_8.exe

2014-03-01 15:32:12 17E23888931AF88CF01F438748A0BDDD 61205128 ----a-w- C:\Users\klaasje\Downloads\EIE11_NL-NL_WOL_WIN764.EXE

2014-02-24 21:01:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-24 20:59:55 0C5228FC51B0C4A52AF3CB17404ED8D5 847856 ----a-w- C:\Users\klaasje\Downloads\ChromeSetup.exe

2014-02-24 20:15:48 -------- d-----w- C:\ProgramData\AVG2014

2014-02-24 20:01:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData

2014-02-24 20:01:46 -------- d-----w- C:\Users\Gast\AppData

2014-02-24 20:01:46 -------- d-----w- C:\Users\Administrator\AppData

2014-02-24 18:12:59 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.6331669093476003.1.11.Run.exe

2014-02-24 18:10:03 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.WinFileFolder.FISC.6331669093476003.1.9.Run.exe

2014-02-24 18:06:01 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.6331669093476003.1.8.Run.exe

2014-02-24 17:56:28 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.IEAddon.FISC.6331669093476003.1.7.Run.exe

2014-02-24 17:54:25 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.malware.FISC.6331669093476003.1.5.Run.exe

2014-02-24 17:51:14 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.IEPerformance.FISC.6331669093476003.1.4.Run.exe

2014-02-24 17:47:00 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.malware.FISC.6331669093476003.1.2.Run.exe

2014-02-24 17:43:29 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\klaasje\Downloads\MicrosoftFixit.IEAddon.FISC.6331669093476003.1.1.Run.exe

2014-02-24 15:45:41 -------- d-----w- C:\Users\klaasje\Nieuwe map

2014-02-24 15:42:07 1AEF21A46ACD1D379D37CF819467D139 9361536 ----a-w- C:\Users\klaasje\Downloads\Installer.exe

====== C: exe-files ==

2014-03-06 15:22:42 FF605ABC36C0324ECF95C0B1AB836FE1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$I7VTAV1.exe

2014-03-04 22:22:28 31F84033861685285B84441483DF1829 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$IL5VBTX.exe

2014-03-04 21:04:46 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RL5VBTX.exe

2014-03-04 21:02:32 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$R7VTAV1.exe

2014-03-04 21:01:45 8AD5F3E3CA64DAEB1A41F874CCD31712 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$IH5B76W.exe

2014-03-04 21:01:40 082C2A7E7D876ED0DF64254791F03B7A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$I0RZAQG.exe

2014-03-04 20:57:28 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$R0RZAQG.exe

2014-03-04 20:56:31 2531C42AB9614CB02C4EA21EF10A5F9F 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$I3247O5.exe

2014-03-04 20:56:25 0E30BED52F236F61B52BE18C43DD8BAD 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$IGZ3B1M.exe

2014-03-04 20:56:20 5AADAF737473237DB4BABFA49B8CF9E4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$ICNTBDT.exe

2014-03-04 17:11:15 BF5CEC6E1B258EDC7E14833379E211C5 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$IFQBOHX.exe

2014-03-04 17:09:48 99EDAB82414D23D14947415E5C502FE1 786136 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.146\33.0.1750.146_33.0.1750.117_chrome_updater.exe

2014-03-04 17:08:16 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RCNTBDT.exe

2014-03-03 15:28:36 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RGZ3B1M.exe

2014-03-02 20:59:50 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\klaasje.exe

2014-03-02 20:10:33 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$R3247O5.exe

2014-03-02 20:03:15 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RFQBOHX.exe

2014-03-02 20:02:43 9E66D07BD346C1128BAE0582C731C146 1284608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RH5B76W.exe

2014-03-02 15:48:18 48BCBA027266A791B332DFE01C46337A 474760 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_cross_selling_installer_monitor_release.exe

2014-03-02 15:48:09 42FC3DA39F9D50137C5151993BADB6AE 459432 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_memory_monitor_release.exe

2014-03-02 15:48:02 2776D067266E6C1225C1E2D0979FCB8B 646112 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_application_vulnerability_monitor_release.exe

2014-03-02 15:47:47 38FFB4E8AF8338BB8D4DACF5293B9F6A 547672 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_hardware_monitor_api_release.exe

2014-03-02 15:47:31 A8CFDD40CFBE85E3AF5BE3AC6096DEB5 475904 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_hardware_monitor_release.exe

2014-03-02 15:47:09 CEC88F19A71819B2FC00475B420CF548 1152480 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_system_cleaner_api_release.exe

2014-03-02 15:46:58 FB4A55E6961EEEDC19CF9028A14BF0EC 1915520 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_system_cleaner_monitor_release.exe

2014-03-02 15:46:41 C100E5F48489FD3BB9F9F5CFD9A465B9 1017960 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_browser_addons_api_release.exe

2014-03-02 15:46:10 17D5BE0324F2A7EE295AD65E74045F1C 474504 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_browser_addons_monitor_release.exe

2014-03-02 15:44:55 1FB3666620A74FB04C349AB885DF755F 2126136 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_autoruns_manager_api_release.exe

2014-03-02 15:44:34 E6320D262B0A332B446F2BD87B4E41BE 467608 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_boot_time_monitor_release.exe

2014-03-02 15:44:14 D75F4FA764404179A817B73B2EF1540E 949328 ----a-w- C:\ProgramData\COMODO\lps4\temp\setup_clps_client_transaction_release.exe

2014-03-01 17:44:25 97513F6F4D85C36FAF109093C0B1C7E0 19572040 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$RVCMSOJ\winzip150.exe

=== C: other files ==

2014-03-04 21:03:59 E89351207D042BF063762E5AAC5BFBAC 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$I5BIEJ5.zip

2014-03-04 21:02:15 D94E70E3BE0FDE3E074F9F049A829600 4093477 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-337359531-3473574948-1087019513-1002\$R5BIEJ5.zip

2014-03-01 20:58:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2014-03-01 20:57:45 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\klaasje\AppData\Local\Temp\ESGScanner.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-337359531-3473574948-1087019513-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"PCTools FGuard"="C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe"

"SonicMasterTray"="C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe"

"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S"

"tvncontrol"="C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"RtsCM"="RTSCM64.EXE"

"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"DivXUpdate"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Facebook Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\klaasje\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk"

"backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\Windows\\Installer\\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\\_77B5857C27147149171BE7.exe -d"

"item"="FancyStart daemon"

==== Startup Folders ======================

2011-10-19 04:34:37 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk

2014-03-02 16:09:09 2015 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-02-2014 16:17]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002Core.job --a------ C:\Users\klaasje\AppData\Local\Facebook\Update\FacebookUpdate.exe [04-02-2013 09:59]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002UA.job --a------ C:\Users\klaasje\AppData\Local\Facebook\Update\FacebookUpdate.exe [04-02-2013 09:59]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2014 22:00]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2014 22:00]

C:\Windows\tasks\powersuite_monitor.job --a------ C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe []

C:\Windows\tasks\WS-Booster-S-46480778.job --ah----- C:\programdata\safesoft\ws-booster\WS-Booster.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\4912" [wscript.exe C:\Users\klaasje\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]

"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]

"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe]

"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DivX-online actualiseringsprogramma" [C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002Core" [C:\Users\klaasje\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-337359531-3473574948-1087019513-1002UA" [C:\Users\klaasje\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\powersuite_monitor" [C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{19904CA8-2C2F-4089-8314-8D559AFAE255}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\WS-Booster-S-46480778" [c:\programdata\safesoft\ws-booster\WS-Booster.exe]

"C:\Windows\SysNative\tasks\{0CFAFD2E-FA4C-4076-A44B-0A109DF6F051}" [C:\Program Files (x86)\Nuance\PDF Reader\bin\PDFReader.exe]

"C:\Windows\SysNative\tasks\{5A50D360-D564-4266-A057-3FFD038E78FC}" [C:\Program Files (x86)\Nuance\PDF Reader\bin\PDFReader.exe]

"C:\Windows\SysNative\tasks\{61FDFDAC-8631-4D92-8375-CF453FB50053}" [C:\Users\klaasje\Downloads\IE10-Windows6.1-x64-nl-nl.exe]

"C:\Windows\SysNative\tasks\{671533E5-87D2-4CBB-AE55-8ECEFBFE43D8}" [C:\Users\klaasje\Downloads\IE10-Windows6.1-x64-nl-nl.exe]

"C:\Windows\SysNative\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]

"C:\Windows\SysNative\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]

"C:\Windows\SysNative\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]

"C:\Windows\SysNative\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]

"C:\Windows\SysNative\tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69}" ["C:\Program Files\COMODO\COMODO Internet Security\cis.exe"]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cmaiofennmphjldldcpphcechfnnohja - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx[]

dkinklhnkmkhkhofcnapakaoehijaoih - No path found[]

hcdbmpdpbepmnjcalkinljlblbcmiped - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta152\ch\VideoPlayerV3beta152.crx[]

hgfnniaaaebgofmgneclkefjiopaodde - C:\ProgramData\Bcool\hgfnniaaaebgofmgneclkefjiopaodde.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx[]

ogfjmhfnldnajmfaofeiaepghjenbgjo - C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx[]

YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - Gast\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - Gast\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Comodo Web Inspector - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn

PrivDog - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja

Smart Coupon - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

Comodo Share Page Service - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf

webiSave - klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

Google Docs - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

PrivDog - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja

Google Search - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Extended Protection - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo

Gmail - klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

YoutubeAdblocker - klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

YoutubeAdblocker - klaasje\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon

Smart Coupon - klaasje\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp

webiSave - klaasje\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk

==== Chrome Fix ======================

C:\Users\klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage-journal deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogfjmhfnldnajmfaofeiaepghjenbgjo_0.localstorage deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogfjmhfnldnajmfaofeiaepghjenbgjo_0.localstorage-journal deleted successfully

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\klaasje\AppData\Local\Torch\User Data\Default\Extensions\aelkdippechplobppeflfaghepgffnon deleted successfully

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\klaasje\AppData\Local\Torch\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp deleted successfully

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\klaasje\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\klaasje\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

C:\Users\klaasje\AppData\Local\Torch\User Data\Default\Extensions\mimnejdlhgapndeppnbfknppdkmbfmpk deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Bar"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Page"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Start Page"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Bar"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Page"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Start Page"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812"

"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}"

"Search Bar"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812"

"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812"

"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}"

"Search Bar"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812"

"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1392907972&from=cor&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&q={searchTerms}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.certified-toolbar.com?si=75087&st=bs&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Bar"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Page"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Start Page"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Bar"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Search Page"="http://search.certified-toolbar.com?si=75087&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52&st=chrome&q="

"Start Page"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

"Start Default_Page_URL"="http://search.certified-toolbar.com?si=75087&st=home&tid=8679&ver=5.1&ts=1385335344486&tguid=75087-8679-1385335344486-01B373E745F9ADA975601885954C2D52"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"CustomizeSearch"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}"

"SearchAssistant"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"CustomizeSearch"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}"

"SearchAssistant"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST9500325AS_S2WBRS21XXXXS2WBRS21&ts=1393419812&type=default&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.google.com"

"Start Default_Page_URL"="http://www.google.com"

"SearchAssistant"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21ED33C0-319C-4F41-ADAA-79BEFA0E1136} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F1BA30A-E5F1-4D86-AF6D-ADD394F881FC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cmaiofennmphjldldcpphcechfnnohja deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hcdbmpdpbepmnjcalkinljlblbcmiped deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hgfnniaaaebgofmgneclkefjiopaodde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Comodo\Dragon\Extensions\cmaiofennmphjldldcpphcechfnnohja deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SupTab deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe

O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S

O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (file missing)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C6BD965D-45A5-483C-8D87-12051FC0459D}: NameServer = 156.154.70.25,156.154.71.25

O17 - HKLM\System\CCS\Services\Tcpip\..\{D424A798-9EC6-4968-B088-E352F5FC33A6}: NameServer = 156.154.70.25,156.154.71.25

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (file missing)

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\klaasje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\klaasje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\klaasje\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5804 folders=1418 249004850 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\klaasje\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\klaasje\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 07-03-2014 at 2:09:34,53 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\autoexec.bat;f
 C:\Users\klaasje\Downloads\spywarefighter (1).exe;f
 C:\Windows\tasks\WS-Booster-S-46480778.job,f
 C:\Windows\SysNative\tasks\0;fs
 C:\Windows\SysNative\tasks\4912;fs
 C:\Windows\SysNative\tasks\WS-Booster-S-46480778;fs
 C:\Program Files (x86)\VideoPlayerV3;fs
 C:\ProgramData\Bcool;fs
autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.