van ammel

Asus · 12 oktober 2016

hallo

Ik heb een i mac gekocht en zou graag mijn hotmail willen koppelen.

heb op het internet al vanalles gezocht maar het lukt niet.

hopelijk kunnen jullie mij helpen.

alvast bedankt.

17 november 2014

# DelFix v10.8 - Logfile created 17/11/2014 at 19:24:36

# Updated 29/07/2014 by Xplode

# Username : jonas - JONAS-HP

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT

Deleted : C:\zoek_backup

Deleted : C:\AdwCleaner

Deleted : C:\zoek-results.log

Deleted : C:\zoek-results2014-11-15-190422.log

Deleted : C:\Users\jonas\Desktop\adwcleaner_4.101.exe

Deleted : C:\Users\jonas\Downloads\RSITx64.exe

Deleted : HKLM\SOFTWARE\AdwCleaner

Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #456 [Windows Update | 10/27/2014 19:41:35]

Deleted : RP #457 [Windows Update | 10/28/2014 18:31:22]

Deleted : RP #458 [Windows Update | 10/28/2014 18:54:10]

Deleted : RP #459 [Windows Update | 10/28/2014 19:17:38]

Deleted : RP #460 [Windows Update | 11/12/2014 19:05:48]

Deleted : RP #461 [Windows Update | 11/12/2014 20:33:30]

Deleted : RP #462 [zoek.exe restore point | 11/15/2014 18:58:04]

Deleted : RP #463 [Windows Update | 11/16/2014 18:28:08]

Deleted : RP #464 [Windows Update | 11/16/2014 21:03:06]

Deleted : RP #465 [Garmin Express | 11/17/2014 17:02:54]

Deleted : RP #466 [Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 | 11/17/2014 17:03:41]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

17 november 2014

het is al een stuk beter. Is hij nu trug helemaal de oude ?

bedankt voor de hulp !!

16 november 2014

# AdwCleaner v4.101 - Rapport aangemaakt 16/11/2014 op 21:47:16

# Laatste Update 09/11/2014 door Xplode

# Database : 2014-11-16.1 [Live]

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : jonas - JONAS-HP

# Gestart vanuit : C:\Users\jonas\Desktop\adwcleaner_4.101.exe

# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default\user.js

Map Gevonden : C:\Program Files (x86)\SearchProtect

Map Gevonden : C:\Users\jonas\AppData\Local\SearchProtect

Map Gevonden : C:\Users\jonas\AppData\Roaming\OpenCandy

***** [ Taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

Sleutel Gevonden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Sleutel Gevonden : HKCU\Software\Classes\pokki

Sleutel Gevonden : HKCU\Software\lollipop

Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Sleutel Gevonden : [x64] HKCU\Software\lollipop

Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Sleutel Gevonden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Sleutel Gevonden : HKLM\SOFTWARE\SearchProtect

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592

-\\ Mozilla Firefox v27.0.1 (nl)

[356zj2gj.default] - Regel gevonden : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4265963F-B11D-48BC-99F9-4EADA9BDAE42&SearchSource=55&CUI=&UM=6&UP=SP61D2F82F-11B6-4EAE-847A[...]

[356zj2gj.default] - Regel gevonden : user_pref("browser.search.selectedEngine", "Trovi search");

[356zj2gj.default] - Regel gevonden : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4265963F-B11D-48BC-99F9-4EADA9BDAE42&SearchSource=69&CUI=&SSPV=SP21715TA_sp_ff&Lay=1&UM=6&UP=SP61[...]

*************************

AdwCleaner[R0].txt - [2962 octets] - [16/11/2014 21:47:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3022 octets] ##########

- - - Updated - - -

# AdwCleaner v4.101 - Rapport aangemaakt 16/11/2014 op 21:53:01

# Laatste Update 09/11/2014 door Xplode

# Database : 2014-11-16.1 [Live]

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : jonas - JONAS-HP

# Gestart vanuit : C:\Users\jonas\Desktop\adwcleaner_4.101.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Program Files (x86)\SearchProtect

Map Verwijderd : C:\Users\jonas\AppData\Local\SearchProtect

Map Verwijderd : C:\Users\jonas\AppData\Roaming\OpenCandy

Bestand Verwijderd : C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default\user.js

***** [ Taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\Classes\pokki

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Sleutel Verwijderd : HKCU\Software\lollipop

Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Sleutel Verwijderd : HKLM\SOFTWARE\SearchProtect

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Gegevens Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16592

-\\ Mozilla Firefox v27.0.1 (nl)

[356zj2gj.default\prefs.js] - Regel verwijderd : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4265963F-B11D-48BC-99F9-4EADA9BDAE42&SearchSource=55&CUI=&UM=6&UP=SP61D2F82F-11B6-4EAE-847A[...]

[356zj2gj.default\prefs.js] - Regel verwijderd : user_pref("browser.search.selectedEngine", "Trovi search");

[356zj2gj.default\prefs.js] - Regel verwijderd : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4265963F-B11D-48BC-99F9-4EADA9BDAE42&SearchSource=69&CUI=&SSPV=SP21715TA_sp_ff&Lay=1&UM=6&UP=SP61[...]

*************************

AdwCleaner[R0].txt - [3126 octets] - [16/11/2014 21:47:16]

AdwCleaner[s0].txt - [2818 octets] - [16/11/2014 21:53:01]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2878 octets] ##########

16 november 2014

Zoek.exe v5.0.0.0 Updated 16-November-2014

Tool run by jonas on zo 16/11/2014 at 19:32:43,38.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jonas\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-11-15-190422.log 29139 bytes

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== C:\zoek_backup content ======================

C:\zoek_backup (files=211 folders=55 80121151 bytes)

==== EOF on zo 16/11/2014 at 19:35:33,48 ======================

15 november 2014

Zoek.exe v5.0.0.0 Updated 15-November-2014

Tool run by jonas on za 15/11/2014 at 19:57:12,21.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jonas\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

15/11/2014 19:58:45 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\office.tmp deleted successfully

C:\Users\jonas\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\jonas\AppData\Local\Lollipop deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files\Java\jre6 deleted

C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted

"C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default\searchplugins\trovi-search.xml" deleted

"C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\jonas\AppData\Local\Temp ====

2014-11-15 18:43:48 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\OSProvider.dll

2014-11-15 18:43:48 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\IntlProvider.dll

2014-11-15 18:43:48 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\UnattendProvider.dll

2014-11-15 18:43:48 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\wdscore.dll

2014-11-15 18:43:48 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\TransmogProvider.dll

2014-11-15 18:43:48 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\WimProvider.dll

2014-11-15 18:43:48 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\MsiProvider.dll

2014-11-15 18:43:48 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\SmiProvider.dll

2014-11-15 18:43:47 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DismCorePS.dll

2014-11-15 18:43:47 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DismProv.dll

2014-11-15 18:43:47 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DmiProvider.dll

2014-11-15 18:43:47 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\CbsProvider.dll

2014-11-15 18:43:47 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DismCore.dll

2014-11-15 18:43:47 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\FolderProvider.dll

2014-11-15 18:43:47 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\CompatProvider.dll

2014-11-15 18:43:47 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DismHost.exe

2014-11-15 18:37:25 FB7EDC0B379D842219E7993181C0CB15 8864 ----a-w- C:\Users\jonas\AppData\Local\Temp\{A89DD7C3-42F6-4FFE-8D26-0DEE0123B0BE}\SetupRes.dll

2014-11-15 18:37:25 E6737687B7587339D1A6473117159F40 186672 ----a-w- C:\Users\jonas\AppData\Local\Temp\{A89DD7C3-42F6-4FFE-8D26-0DEE0123B0BE}\EppManifest.dll

2014-11-15 18:37:25 93812FDC01AA864195816CD814445F95 241984 ----a-w- C:\Users\jonas\AppData\Local\Temp\{A89DD7C3-42F6-4FFE-8D26-0DEE0123B0BE}\sqmapi.dll

2014-11-15 18:37:25 24AA2834406B9A8E517011650B6092FD 1081408 ----a-w- C:\Users\jonas\AppData\Local\Temp\{A89DD7C3-42F6-4FFE-8D26-0DEE0123B0BE}\Setup.exe

====== Java Cache =====

2014-11-15 18:50:51 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-6823de9a

2014-11-15 18:50:46 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-7e029e72

2014-11-15 18:50:46 BE25609FFD7C2F8B5449CDA16077A87E 424 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap

2014-11-15 18:50:45 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-767d018e

2014-11-15 18:50:46 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-2217e479

====== C:\Windows\SysWOW64 =====

2014-11-12 19:26:14 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\SysWOW64\adtschema.dll

2014-11-12 19:26:10 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll

2014-11-12 19:26:09 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2014-11-12 19:26:09 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2014-11-12 19:25:57 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-11-12 19:25:56 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll

2014-11-12 19:25:55 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL

2014-11-12 19:25:52 565188FD523603C94FD7619E14FB7E32 421376 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-11-12 19:25:52 0484379BFC58E440EF432D2C80CF0912 1810944 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-11-12 19:25:51 AB9015D5B288898E7298BE0DC93BFF0E 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-11-12 19:25:51 556F78D100D031073A7A01992B74E98E 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-11-12 19:25:51 348F63C1CD7952B1433691D4F8E8B1A8 353792 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-11-12 19:25:50 B6260FAA9ACF8AC13312C739B23BD0BE 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-11-12 19:25:50 4AF7834C2D41512749BE5FB46CF6EF37 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-11-12 19:25:48 BF493C48DF485DF0DE5F10EFA1BAA1D2 223232 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-11-12 19:25:47 9F702DD4CE7AC7C5FD3D8E10D012AC06 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-11-12 19:25:42 5BDCC7129C2F0A25F8A8FF6A3BDD9896 12366848 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-11-12 19:25:39 DE0269B69861CD68EC8D29AD4A01894E 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe

2014-11-12 19:25:38 08E805C724637412C73A57E50212DBEC 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-11-12 19:25:37 27FA9CA22666E0AFB03F4433A4CEA5B7 1139712 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-11-12 19:25:33 ECED64B195BF217D5CFD65698BC9727D 65536 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-11-12 19:25:33 2A60B15FFD6EEDFBA73728593171AA19 41472 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

2014-11-12 19:25:31 5C4AE6F46A4307CC5885FF000EEF3A5D 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2014-11-12 19:25:30 D07699ACF5301E45006AFD7566769E1B 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-11-12 19:25:30 BE27559260267DD7431F9E01F0BF87B6 1802752 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-11-12 19:25:28 C94AEBE5CCA3F390E7CBC64D2FF30CDF 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-11-12 19:25:27 3A98C11FD14209D9D3A0B4E2943B302C 9739776 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-11-12 19:25:25 F832CFAFA6015E21B33A583C7B2CA19A 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2014-11-12 19:25:09 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll

2014-11-12 19:25:07 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll

2014-11-12 19:25:07 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll

2014-11-12 19:24:56 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2014-11-12 19:24:56 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll

2014-11-12 19:24:55 3B3B8BA16DC999EA17D075D2F1064DE4 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2014-11-12 19:24:54 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2014-11-12 19:24:52 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2014-11-12 19:24:51 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-11-12 19:24:48 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-11-12 19:23:39 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\SysWOW64\packager.dll

2014-11-12 19:23:30 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-11-12 19:22:14 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-11-12 19:26:36 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\Windows\Sysnative\generaltel.dll

2014-11-12 19:26:35 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\Windows\Sysnative\aepdu.dll

2014-11-12 19:26:33 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll

2014-11-12 19:26:15 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\Windows\Sysnative\termsrv.dll

2014-11-12 19:26:14 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2014-11-12 19:26:14 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\Windows\Sysnative\adtschema.dll

2014-11-12 19:26:10 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll

2014-11-12 19:25:57 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-11-12 19:25:56 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll

2014-11-12 19:25:55 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL

2014-11-12 19:25:52 0053EA3A1291B2D91C237AF3BC7F60BC 2339840 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-11-12 19:25:51 3EB858DEABAE01C426ED4202C3424867 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-11-12 19:25:51 2DBFA18FF28839418387519F573CCA6C 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-11-12 19:25:50 DAB06C4B2931783188E045FE723F53C5 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-11-12 19:25:50 435CD55A531A8CE35F6ABE0E7708530F 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-11-12 19:25:49 189A96C0E45C4A3814C9160EF1F790B5 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-11-12 19:25:48 79585625DDF8FD8B4EF3289491321A2C 86016 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-11-12 19:25:46 BE956E1FAF9217F0FAC32E538FB2BE33 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-11-12 19:25:43 857D7A99E30C975A8541C2905B9551B8 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-11-12 19:25:43 6F980F2FF2978D2D4AF9C1B699EB1F68 282112 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-11-12 19:25:41 93690EE6C30DEFC5E07D33B440BCC985 17870336 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-11-12 19:25:35 E8DE90B036D513905C4FFDADAC966F8B 12800 ----a-w- C:\Windows\Sysnative\mshta.exe

2014-11-12 19:25:33 82D4EA3C0103833E38A63964299B1E88 2157056 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-11-12 19:25:32 659B7AA886B669E0F6FAFED8DBDA0814 55296 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2014-11-12 19:25:31 EA68F5EF02B136582E28E62F2F98D1FF 1388032 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-11-12 19:25:31 00A7D6582A860ECE9ACC1A93D79FC60D 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-11-12 19:25:29 EA6E0E20941FEFAB89A617200686817B 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-11-12 19:25:29 A7E9D88EB3026DF3807589F377640D44 1494016 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-11-12 19:25:28 B55354B1FFCF46543EEA4AA2510699E6 237056 ----a-w- C:\Windows\Sysnative\url.dll

2014-11-12 19:25:27 57472704B1786A678359786291E4E9DE 10921472 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-11-12 19:25:24 0552324DFF49A7137E9B7B33845B77C0 11264 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2014-11-12 19:25:09 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll

2014-11-12 19:25:08 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll

2014-11-12 19:25:08 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll

2014-11-12 19:25:08 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll

2014-11-12 19:25:08 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll

2014-11-12 19:24:57 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\Windows\Sysnative\schannel.dll

2014-11-12 19:24:56 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2014-11-12 19:24:54 028D99F83CBB31DB7995530B89EA13CF 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll

2014-11-12 19:24:53 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2014-11-12 19:24:53 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2014-11-12 19:24:52 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-11-12 19:24:49 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-11-12 19:23:39 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\Windows\Sysnative\packager.dll

2014-11-12 19:23:38 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys

2014-11-12 19:23:31 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\Windows\Sysnative\msi.dll

2014-11-12 19:22:14 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll

====== C:\Windows\Sysnative\drivers =====

2014-11-12 19:26:15 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2014-10-20 17:25:29 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys

2014-10-20 17:25:19 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-10-28 19:08:31 -------- d-----w- C:\Program Files\iPod

2014-10-28 19:08:29 -------- d-----w- C:\Program Files\iTunes

======= C:\PROGRA~2 =====

2014-11-15 18:47:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2014-10-28 19:11:49 -------- d-----w- C:\PROGRA~2\QuickTime

2014-10-28 19:08:29 -------- d-----w- C:\PROGRA~2\iTunes

======= C: =====

====== C:\Users\jonas\AppData\Roaming ======

2014-11-15 18:48:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun

====== C:\Users\jonas ======

2014-11-15 18:44:08 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\jonas\Downloads\JavaSetup8u25.exe

2014-11-15 18:24:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jonas\Downloads\RSITx64.exe

2014-11-12 19:30:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2014-10-28 19:12:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2014-10-28 19:10:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

====== C: exe-files ==

2014-11-15 18:47:13 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe

2014-11-15 18:47:13 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe

2014-11-15 18:47:13 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe

2014-11-15 18:47:03 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe

2014-11-15 18:47:03 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe

2014-11-15 18:47:02 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe

2014-11-15 18:47:02 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe

2014-11-15 18:47:02 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe

2014-11-15 18:47:02 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe

2014-11-15 18:47:02 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe

2014-11-15 18:47:01 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe

2014-11-15 18:47:01 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe

2014-11-15 18:47:00 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe

2014-11-15 18:47:00 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe

2014-11-15 18:47:00 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe

2014-11-15 18:47:00 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe

2014-11-15 18:46:57 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe

2014-11-15 18:46:57 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe

2014-11-15 18:46:55 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe

2014-11-15 18:46:54 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe

2014-11-15 18:46:52 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe

2014-11-15 18:46:49 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe

2014-11-15 18:46:47 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe

2014-11-15 18:46:47 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe

2014-11-15 18:44:08 92F975B07E65EF3AE67D89A016FDAACC 638888 ----a-w- C:\Users\jonas\Downloads\JavaSetup8u25.exe

2014-11-15 18:43:47 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\jonas\AppData\Local\Temp\512AB1BB-34FC-4FEE-8438-3580B61EE8FA\DismHost.exe

2014-11-15 18:37:25 24AA2834406B9A8E517011650B6092FD 1081408 ----a-w- C:\Users\jonas\AppData\Local\Temp\{A89DD7C3-42F6-4FFE-8D26-0DEE0123B0BE}\Setup.exe

2014-11-15 18:24:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jonas\Downloads\RSITx64.exe

2014-11-12 19:26:34 C265E023A65D7DA049E1B1D957F714EE 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe

2014-11-12 19:26:34 037DF5FF4E17AD355309F0E4B15B48BE 46752 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe

2014-11-12 19:25:55 73E0DAD52482E65C478EA46081C8785A 141312 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe

2014-11-12 19:25:53 7EEB4D2A17421D337F970FB5C3B24410 106496 ----a-w- C:\Windows\SysWOW64\IME\IMEJP10\imjpuexc.exe

2014-11-12 19:25:39 DE0269B69861CD68EC8D29AD4A01894E 11776 ----a-w- C:\Windows\SysWOW64\mshta.exe

2014-11-12 19:25:35 E8DE90B036D513905C4FFDADAC966F8B 12800 ----a-w- C:\Windows\System32\mshta.exe

2014-11-12 19:25:35 06DE47CAE6D862847A4F24753C199394 757968 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-11-12 19:25:31 00A7D6582A860ECE9ACC1A93D79FC60D 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-11-12 19:25:30 7BA2683147FD7748A54D2F04306561CB 22528 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe

2014-11-12 19:25:28 C94AEBE5CCA3F390E7CBC64D2FF30CDF 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-11-12 19:25:28 B1CE75EA01F9562284D711EE7B928548 763600 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-11-12 19:25:25 F832CFAFA6015E21B33A583C7B2CA19A 10752 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2014-11-12 19:25:24 4A201AEA90D14809BED083D876A43669 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-11-12 19:25:24 446DA3FA1EB4294A0270B6369FC49C4E 223232 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-11-12 19:25:24 3DF83938DDB281B310D1CA27A08C4411 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-11-12 19:25:24 3AA7BA61D586DF930689BD00611721C3 223744 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-11-12 19:25:24 0552324DFF49A7137E9B7B33845B77C0 11264 ----a-w- C:\Windows\System32\msfeedssync.exe

=== C: other files ==

2014-11-15 18:47:04 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip

2014-11-12 19:26:15 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-11-12 19:23:38 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3343596038-506895183-3734673535-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

==== Startup Folders ======================

2010-12-20 00:49:56 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/11/2014 21:37]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Ad-Aware Update (Weekly)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SolutoTask_de2f3dc5-0e77-4e86-85b2-93c086da5137" [C:\ProgramData\Soluto\Temp\ninite.k-litecodecs_10_0_0.setup-22f9a8f9-a07c-2ef5-943b-d1f90f22c361.exe]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2011" [C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade" [C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [14/08/2014 21:34]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default

D892C77AFA8AFABA6F474A7DA401BD7C - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== C:\zoek_backup content ======================

C:\zoek_backup (files=211 folders=55 80121151 bytes)

==== EOF on za 15/11/2014 at 20:04:22,84 ======================

15 november 2014

Hallo iedereen.

Mijn laptop is weer heel traag en start soms heel moeilijk op.

Wie kan mij helpen ?

Alvast bedankt

Dit is mijn logje

Logfile of random's system information tool 1.10 (written by random/random)

Run by jonas at 2014-11-15 19:30:25

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 371 GB (81%) free of 456 GB

Total RAM: 2934 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:30:28, on 15/11/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16592)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\trend micro\jonas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = {searchTerms} - Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = {searchTerms} - Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10695 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

"c:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"

"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 2816

"c:\Program Files\Microsoft Security Client\NisSrv.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2780

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

taskeng.exe {644F2F4C-1458-4FE7-B8F5-0A394822106C}

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5948 CREDAT:79873

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>2046076545</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"

"C:\Windows\system32\wuauclt.exe"

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt

"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536

"C:\Users\jonas\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default

prefs.js - "browser.startup.homepage" - "Zoeken"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.223 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]

"Description"=Garmin GPS Control for Firefox

"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.223 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default\searchplugins\

trovi-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-14 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-12 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-14 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-13 2281256]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2010-09-22 6489704]

"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-08-16 2736128]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-03 19604072]

"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720]

"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2013-12-30 1095000]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-09-28 584760]

"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-08-30 61112]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-14 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Snapfish PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-11-12 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-15 19:25:52 ----D---- C:\rsit

2014-11-12 20:26:36 ----A---- C:\Windows\system32\generaltel.dll

2014-11-12 20:26:35 ----A---- C:\Windows\system32\aepdu.dll

2014-11-12 20:26:33 ----A---- C:\Windows\system32\aeinv.dll

2014-11-12 20:26:15 ----A---- C:\Windows\system32\termsrv.dll

2014-11-12 20:26:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2014-11-12 20:26:14 ----A---- C:\Windows\SYSWOW64\adtschema.dll

2014-11-12 20:26:14 ----A---- C:\Windows\system32\lsasrv.dll

2014-11-12 20:26:14 ----A---- C:\Windows\system32\adtschema.dll

2014-11-12 20:26:10 ----A---- C:\Windows\SYSWOW64\msaudite.dll

2014-11-12 20:26:10 ----A---- C:\Windows\system32\msaudite.dll

2014-11-12 20:26:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2014-11-12 20:26:09 ----A---- C:\Windows\SYSWOW64\secur32.dll

2014-11-12 20:25:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-11-12 20:25:57 ----A---- C:\Windows\system32\msxml3.dll

2014-11-12 20:25:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-11-12 20:25:56 ----A---- C:\Windows\system32\msxml3r.dll

2014-11-12 20:25:55 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL

2014-11-12 20:25:55 ----A---- C:\Windows\system32\IMJP10K.DLL

2014-11-12 20:25:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-11-12 20:25:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-11-12 20:25:52 ----A---- C:\Windows\system32\jscript9.dll

2014-11-12 20:25:51 ----A---- C:\Windows\SYSWOW64\jscript.dll

2014-11-12 20:25:51 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-11-12 20:25:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-11-12 20:25:51 ----A---- C:\Windows\system32\vbscript.dll

2014-11-12 20:25:50 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-11-12 20:25:50 ----A---- C:\Windows\system32\mshtmled.dll

2014-11-12 20:25:50 ----A---- C:\Windows\system32\dxtmsft.dll

2014-11-12 20:25:49 ----A---- C:\Windows\system32\wininet.dll

2014-11-12 20:25:48 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-11-12 20:25:48 ----A---- C:\Windows\system32\jsproxy.dll

2014-11-12 20:25:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-11-12 20:25:46 ----A---- C:\Windows\system32\jscript.dll

2014-11-12 20:25:43 ----A---- C:\Windows\system32\ieui.dll

2014-11-12 20:25:43 ----A---- C:\Windows\system32\dxtrans.dll

2014-11-12 20:25:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-11-12 20:25:41 ----A---- C:\Windows\system32\mshtml.dll

2014-11-12 20:25:39 ----A---- C:\Windows\SYSWOW64\mshta.exe

2014-11-12 20:25:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-11-12 20:25:35 ----A---- C:\Windows\system32\mshta.exe

2014-11-12 20:25:33 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll

2014-11-12 20:25:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-11-12 20:25:33 ----A---- C:\Windows\system32\iertutil.dll

2014-11-12 20:25:32 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-11-12 20:25:31 ----A---- C:\Windows\SYSWOW64\url.dll

2014-11-12 20:25:31 ----A---- C:\Windows\system32\urlmon.dll

2014-11-12 20:25:31 ----A---- C:\Windows\system32\ieUnatt.exe

2014-11-12 20:25:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-11-12 20:25:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-11-12 20:25:29 ----A---- C:\Windows\system32\msfeeds.dll

2014-11-12 20:25:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-11-12 20:25:28 ----A---- C:\Windows\system32\url.dll

2014-11-12 20:25:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-11-12 20:25:27 ----A---- C:\Windows\system32\ieframe.dll

2014-11-12 20:25:25 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe

2014-11-12 20:25:24 ----A---- C:\Windows\system32\msfeedssync.exe

2014-11-12 20:25:09 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll

2014-11-12 20:25:09 ----A---- C:\Windows\system32\AUDIOKSE.dll

2014-11-12 20:25:08 ----A---- C:\Windows\system32\EncDump.dll

2014-11-12 20:25:08 ----A---- C:\Windows\system32\audiosrv.dll

2014-11-12 20:25:08 ----A---- C:\Windows\system32\AudioSes.dll

2014-11-12 20:25:08 ----A---- C:\Windows\system32\AudioEng.dll

2014-11-12 20:25:07 ----A---- C:\Windows\SYSWOW64\AudioSes.dll

2014-11-12 20:25:07 ----A---- C:\Windows\SYSWOW64\AudioEng.dll

2014-11-12 20:24:57 ----A---- C:\Windows\system32\schannel.dll

2014-11-12 20:24:56 ----A---- C:\Windows\SYSWOW64\schannel.dll

2014-11-12 20:24:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2014-11-12 20:24:56 ----A---- C:\Windows\system32\ncrypt.dll

2014-11-12 20:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2014-11-12 20:24:54 ----A---- C:\Windows\SYSWOW64\msv1_0.dll

2014-11-12 20:24:54 ----A---- C:\Windows\system32\kerberos.dll

2014-11-12 20:24:53 ----A---- C:\Windows\system32\wdigest.dll

2014-11-12 20:24:53 ----A---- C:\Windows\system32\msv1_0.dll

2014-11-12 20:24:52 ----A---- C:\Windows\SYSWOW64\wdigest.dll

2014-11-12 20:24:52 ----A---- C:\Windows\system32\TSpkg.dll

2014-11-12 20:24:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2014-11-12 20:24:49 ----A---- C:\Windows\system32\credssp.dll

2014-11-12 20:24:48 ----A---- C:\Windows\SYSWOW64\credssp.dll

2014-11-12 20:23:39 ----A---- C:\Windows\SYSWOW64\packager.dll

2014-11-12 20:23:39 ----A---- C:\Windows\system32\packager.dll

2014-11-12 20:23:38 ----A---- C:\Windows\system32\win32k.sys

2014-11-12 20:23:31 ----A---- C:\Windows\system32\msi.dll

2014-11-12 20:23:30 ----A---- C:\Windows\SYSWOW64\msi.dll

2014-11-12 20:22:14 ----A---- C:\Windows\SYSWOW64\oleaut32.dll

2014-11-12 20:22:14 ----A---- C:\Windows\system32\oleaut32.dll

2014-10-28 20:11:49 ----D---- C:\Program Files (x86)\QuickTime

2014-10-28 20:08:31 ----D---- C:\Program Files\iPod

2014-10-28 20:08:29 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2014-10-28 20:08:29 ----D---- C:\Program Files\iTunes

2014-10-28 20:08:29 ----D---- C:\Program Files (x86)\iTunes

2014-10-20 18:28:38 ----A---- C:\Windows\SYSWOW64\mscorier.dll

2014-10-20 18:28:37 ----A---- C:\Windows\SYSWOW64\dfshim.dll

2014-10-20 18:28:37 ----A---- C:\Windows\system32\mscorier.dll

2014-10-20 18:28:37 ----A---- C:\Windows\system32\dfshim.dll

2014-10-20 18:28:36 ----A---- C:\Windows\system32\mscories.dll

2014-10-20 18:28:35 ----A---- C:\Windows\SYSWOW64\mscories.dll

2014-10-20 18:25:48 ----A---- C:\Windows\SYSWOW64\rastls.dll

2014-10-20 18:25:48 ----A---- C:\Windows\system32\rastls.dll

2014-10-20 18:25:40 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2014-10-20 18:25:40 ----A---- C:\Windows\system32\mstscax.dll

2014-10-20 18:25:33 ----A---- C:\Windows\system32\mstsc.exe

2014-10-20 18:25:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2014-10-20 18:25:29 ----A---- C:\Windows\SYSWOW64\winsta.dll

2014-10-20 18:25:29 ----A---- C:\Windows\system32\winsta.dll

2014-10-20 18:25:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-10-20 18:25:28 ----A---- C:\Windows\system32\rdpcorekmts.dll

2014-10-20 18:25:26 ----A---- C:\Windows\system32\winlogon.exe

2014-10-20 18:25:25 ----A---- C:\Windows\SYSWOW64\aaclient.dll

2014-10-20 18:25:19 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

======List of files/folders modified in the last 1 month======

2014-11-16 03:45:45 ----SHD---- C:\System Volume Information

2014-11-15 19:30:28 ----D---- C:\Program Files\trend micro

2014-11-15 19:24:57 ----D---- C:\Windows\Temp

2014-11-15 18:59:38 ----RSD---- C:\Windows\assembly

2014-11-15 18:59:38 ----D---- C:\Windows\Microsoft.NET

2014-11-15 18:57:19 ----D---- C:\Users\jonas\AppData\Roaming\Apple Computer

2014-11-15 18:55:57 ----D---- C:\Windows\system32\config

2014-11-15 18:55:56 ----D---- C:\Windows\winsxs

2014-11-15 18:54:53 ----A---- C:\Windows\SYSWOW64\log.txt

2014-11-15 18:53:41 ----D---- C:\Windows

2014-11-15 18:42:40 ----SD---- C:\Windows\system32\CompatTel

2014-11-15 18:42:40 ----D---- C:\Windows\System32

2014-11-15 18:42:38 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-11-15 18:42:38 ----D---- C:\Windows\SysWOW64

2014-11-15 18:42:38 ----D---- C:\Windows\system32\nl-NL

2014-11-15 18:42:36 ----D---- C:\Windows\system32\drivers

2014-11-15 18:42:33 ----D---- C:\Windows\SYSWOW64\migration

2014-11-15 18:42:33 ----D---- C:\Program Files (x86)\Internet Explorer

2014-11-15 18:42:32 ----D---- C:\Windows\system32\migration

2014-11-15 18:42:25 ----D---- C:\Program Files\Internet Explorer

2014-11-13 04:53:37 ----D---- C:\Windows\system32\wfp

2014-11-13 04:53:37 ----D---- C:\Windows\system32\DriverStore

2014-11-13 04:53:35 ----D---- C:\Windows\SYSWOW64\Macromed

2014-11-13 04:53:31 ----D---- C:\Windows\system32\CodeIntegrity

2014-11-13 04:53:27 ----D---- C:\Windows\system32\wbem

2014-11-13 04:53:27 ----D---- C:\Windows\registration

2014-11-12 21:43:22 ----D---- C:\Windows\system32\catroot

2014-11-12 21:40:37 ----SHD---- C:\Windows\Installer

2014-11-12 21:40:37 ----SHD---- C:\Config.Msi

2014-11-12 21:39:24 ----D---- C:\Windows\system32\MRT

2014-11-12 21:37:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-11-12 21:35:52 ----D---- C:\Windows\debug

2014-11-12 21:35:48 ----A---- C:\Windows\system32\MRT.exe

2014-11-12 20:43:39 ----D---- C:\Windows\inf

2014-11-12 20:43:18 ----D---- C:\Windows\Logs

2014-11-12 20:21:46 ----D---- C:\Windows\system32\catroot2

2014-11-12 19:55:51 ----D---- C:\Windows\Tasks

2014-11-12 19:55:51 ----D---- C:\Windows\system32\Tasks

2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe

2014-10-28 20:11:49 ----D---- C:\Program Files (x86)

2014-10-28 20:08:31 ----D---- C:\Program Files

2014-10-28 20:08:30 ----D---- C:\Program Files\Common Files\Apple

2014-10-28 20:08:29 ----HD---- C:\ProgramData

2014-10-28 20:08:19 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-10-28 19:32:41 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-10-27 20:32:23 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-14 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-14 224896]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-14 93568]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-14 1041168]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-14 427360]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2014-01-22 64288]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-14 29208]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-14 79184]

R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-14 92008]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-09-28 31088]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-03-05 158720]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-22 2494056]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-03-05 271872]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-09-10 1014624]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-23 347680]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-13 1390640]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-05-07 245792]

S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-14 50344]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]

R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-09-28 26680]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-08-16 73728]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-04 2026304]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]

S2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-12-30 250712]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-25 1255736]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

12 maart 2014

Ok dank u voor de hulp.

Ja hij is al een stuk sneller.

11 maart 2014

# AdwCleaner v3.021 - Report created 11/03/2014 at 19:53:43

# Updated 10/03/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : jonas - JONAS-HP

# Running from : C:\Users\jonas\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\BearShare Applications

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL

Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery

Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1

Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_itunes_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_itunes_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\BrowseFox

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\BrowseFox

Key Deleted : HKLM\Software\caphyon

Key Deleted : HKLM\Software\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v27.0.1 (nl)

[ File : C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [6063 octets] - [11/03/2014 19:51:35]

AdwCleaner[s0].txt - [5886 octets] - [11/03/2014 19:53:43]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5946 octets] ##########

10 maart 2014

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by jonas on ma 10/03/2014 at 20:19:49,69.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jonas\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-10-182023.log 16892 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3343596038-506895183-3734673535-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2A5333E5-2681-467B-BB5E-4CFFCCAB6334} deleted successfully

HKEY_USERS\S-1-5-21-3343596038-506895183-3734673535-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default

user.js not found

---- Lines Search modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\

---- FireFox user.js and prefs.js backups ----

prefs_20141003_2030_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"adaware"=-

"adaware_XP"=-

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"adaware"=-

"adaware_XP"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\30169 deleted

C:\Windows\SysNative\tasks\SolutoTask_701554ea-aed9-402f-90f7-64eae992335a deleted

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\PROGRA~2\Toolbar Cleaner deleted

C:\Users\jonas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted

C:\Users\jonas\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\PROGRA~3\qjaxlkio.dss deleted

C:\PROGRA~3\4000741.reg deleted

C:\PROGRA~3\4000741.bat deleted

C:\PROGRA~3\Package Cache deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\adawaretb deleted

C:\Windows\Syswow64\sho144F.tmp deleted

C:\Windows\Syswow64\sho20C9.tmp deleted

C:\Windows\Syswow64\sho255C.tmp deleted

C:\Windows\Syswow64\sho26E5.tmp deleted

C:\Windows\Syswow64\sho2859.tmp deleted

C:\Windows\Syswow64\sho699F.tmp deleted

C:\Windows\Syswow64\shoDBA2.tmp deleted

C:\Windows\Syswow64\shoDEBA.tmp deleted

C:\Windows\Syswow64\shoF26B.tmp deleted

C:\Windows\Syswow64\shoFB01.tmp deleted

C:\Windows\SysWow64\AI_RecycleBin deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\Albums.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\Artists.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\BitTorrent.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\Cddb.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\ContentDirs.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\ContentFile.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\DownloadFile.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\PartsHashes.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\Playlists.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\StreamingFiles.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data\VirtualFile.db" not deleted

"C:\Users\jonas\AppData\Local\BearShare" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Artwork" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Data" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Partials" not deleted

"C:\Users\jonas\AppData\Local\BearShare\Temp" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/02/2014 17:53]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\356zj2gj.default

D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash

18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17

D892C77AFA8AFABA6F474A7DA401BD7C - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{2A5333E5-2681-467B-BB5E-4CFFCCAB6334}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2A5333E5-2681-467B-BB5E-4CFFCCAB6334}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="Zoekresultaten voor "{searchTerms" - Wikipedia}"

{d944bb61-2e34-4dbf-a683-47e505c587dc} eBay Url="Elektronica, auto's, kleding, verzamelobjecten, cadeaubons en meer | eBay"

{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="{searchTerms} - Bing"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHPC7BTF will be deleted at reboot

C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\jonas\AppData\Local\Mozilla\Firefox\Profiles\356zj2gj.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=199 folders=47 77187587 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\jonas\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\jonas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\jonas\AppData\Local\BearShare\Data\Albums.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\Artists.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\BitTorrent.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\Cddb.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\ContentDirs.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\ContentFile.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\DownloadFile.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\PartsHashes.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\Playlists.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\StreamingFiles.db" not found

"C:\Users\jonas\AppData\Local\BearShare\Data\VirtualFile.db" not found

"C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\jonas\AppData\Local\BearShare" not found

"C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHPC7BTF" not found

==== EOF on ma 10/03/2014 at 20:36:20,75 ======================

10 maart 2014

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by jonas on ma 10/03/2014 at 19:14:25,65.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jonas\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

10/03/2014 19:15:07 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Program Files\Google deleted successfully

C:\Users\jonas\AppData\Roaming\TP deleted successfully

C:\Users\jonas\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\jonas\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\BrowseFox not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\jonas\AppData\Local\Temp ====

====== Java Cache =====

2014-02-24 21:00:21 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6619ee07-53bfa577

2014-02-24 21:00:21 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\jonas\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-75934ce5

====== C:\Windows\SysWOW64 =====

2014-02-28 15:40:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\shoDEBA.tmp

2014-02-24 20:38:42 5EB5B34C2538268B78DD5FD35E09CB00 17858952 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2014-02-24 20:20:40 ED39F048755DBFC0B15757277989DA7E 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-24 20:20:39 EE988079D0D36275A9F7532CE3C59CDF 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-02-24 20:20:37 5702CB3B97F38A29BBFEE33F65306D98 421376 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-24 20:20:32 23C9B050C0390C01A158BDED210B8576 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-24 20:20:30 02D6B948B7FF88D63CB03DC8E8D3EEBD 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-02-24 20:20:28 679EAED8E703235BA81AA2E58F4E2D16 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-24 20:20:28 155B87F83221CA75C2530EA816402145 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-24 20:20:24 254C01E33A4ED7E20B80546B6236280E 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2014-02-24 20:20:15 12F815B1E3F6E2BBE2A2FAC621719876 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-24 20:20:12 116E809E91545A7C1CEA3B191566C6B1 1105408 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-24 20:20:10 7E9A2766BF1B413FC7343CE23AEE0924 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-02-24 20:19:59 DBD6B166FCBC3175F51C2A1F5D9D99FE 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-02-24 20:19:59 4C6EE95535AA0B5C408DDC2D52DE4CA0 1806848 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-24 20:19:54 638E9F4DFA736B2B9ACE968A67CC04BD 65536 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-24 20:19:34 8CD5CA15064C3E47B4F246F98558E2DD 12345344 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-24 20:19:10 602CA05F0ED9E648DA287CA38FAE8EE4 9739264 ----a-w- C:\Windows\SysWOW64\ieframe.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-24 20:20:41 CA66A5F353C6FFF6B0BC05CFD5DD46D4 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-24 20:20:40 3F04913322B5B34C24CCE1A493897124 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-02-24 20:20:33 6093F273C323B9AF846B00F157A77721 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-24 20:20:29 5DE4F56DEA084A56BE8D5DAAA1EFB36F 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-02-24 20:20:29 39CDC7DFDEC6EBA4EAF1D6DDF9CD930B 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-02-24 20:20:25 7A2123BC4CE0485B66A60609154FC835 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-24 20:20:22 C478E897ACBFCBCEE4E84E67CBC9953E 237056 ----a-w- C:\Windows\Sysnative\url.dll

2014-02-24 20:20:15 3D1B333A126AF425D5AA572E6B3B932C 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-24 20:20:14 A1CFD4046434F7504C5928C922D37F27 86016 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-24 20:20:11 B0628850CD1935835ED2B9F62799C003 1347072 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-24 20:20:09 833DA9B50B6202E5B0402B3E5F4607C3 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-02-24 20:20:06 5369AB110B3F0EB4F67799EAA6C42411 2334720 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-24 20:19:57 7667F982DF21368FB2B4A6B4878FB4DA 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-24 20:19:54 DBED605B95C9B78B9D5F06CAF027E05D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-02-24 20:19:14 26A5F0BF200B0688CA9201E821885999 17849344 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-24 20:19:12 AEE82618FBC0472731DA21F2D16D5520 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll

====== C:\Windows\Sysnative\drivers =====

2014-03-09 20:37:21 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2014-02-20 16:53:24 FD3EA14ADF6216BDF4030DB2EFD43D96 80184 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys

====== C:\Windows\Tasks ======

2014-03-10 17:27:03 CD581E378FB1772A14057EB70DC1F091 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForjonas

2014-03-10 17:27:03 324C59580C92CF43B712224EEB86A2A6 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForjonas.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-09 20:20:32 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-03-09 20:17:17 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service

======= C: =====

====== C:\Users\jonas\AppData\Roaming ======

2014-03-09 20:17:26 -------- d-----w- C:\Users\jonas\AppData\Roaming\Mozilla

====== C:\Users\jonas ======

2014-03-10 06:09:48 -------- d-----w- C:\ProgramData\30169

2014-03-09 20:35:45 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\jonas\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-09 20:23:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\jonas\Desktop\RSITx64.exe

2014-03-09 20:19:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\jonas\Downloads\RSITx64.exe

2014-03-09 20:17:18 -------- d-----w- C:\ProgramData\Mozilla

2014-03-09 20:14:49 10EA446EBB0F48D9D4BD1BD2631D7ADF 283064 ----a-w- C:\Users\jonas\Downloads\Firefox Setup Stub 27.0.1.exe

2014-02-20 16:53:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-02-20 16:43:53 -------- d--h--w- C:\ProgramData\CanonBJ

====== C: exe-files ==

2014-03-09 20:35:45 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\jonas\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-09 20:23:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\jonas\Desktop\RSITx64.exe

2014-03-09 20:20:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jonas.exe

2014-03-09 20:19:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\jonas\Downloads\RSITx64.exe

2014-03-09 20:17:18 FC558F42CA98DAB4465263FDE812A5B2 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe

2014-03-09 20:17:17 338037EFA0E8E8699B2667D57B751574 118896 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

2014-03-09 20:14:49 10EA446EBB0F48D9D4BD1BD2631D7ADF 283064 ----a-w- C:\Users\jonas\Downloads\Firefox Setup Stub 27.0.1.exe

2014-03-09 20:13:06 6D8E580ED97464E2CA3A8DE179E534EF 26528 ----a-w- C:\Users\jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JN6RO432\Firefox%20Setup%20Stub%2027.0.1[1].exe

=== C: other files ==

2014-03-10 18:04:24 ECC53CE61E371E785AC3900A8BF394EA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3343596038-506895183-3734673535-1001\$I3DV3I6.zip

2014-03-10 18:03:57 BF7052744ED7F5E7D17F5D5B274510ED 4089572 ----a-w- C:\$Recycle.Bin\S-1-5-21-3343596038-506895183-3734673535-1001\$R3DV3I6.zip

2014-03-09 20:37:21 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3343596038-506895183-3734673535-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"BearShare"="C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe --lightmode"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware /f"

"adaware_XP"="reg.exe delete HKCU\Software\adaware /f"