vogeltje

Zoek.exe v5.0.0.0 Updated 18-Januari-2014 Tool run by Peter on zo 19/01/2014 at 14:16:18,54. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Peter\Desktop\zoek.com [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-18-221835.log 27421 bytes C:\zoek-results2014-01-19-125605.log 5437 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wondershare Helper Compact.exe"=- ==== Deleting Files \ Folders ====================== C:\Users\Peter\AppData\Local\Wondershare not found C:\ProgramData\InstallMate not found C:\Windows\SysNative\tasks\0 not found C:\Windows\SysNative\tasks\4693 not found "C:\Users\Peter\Downloads\adwcleaner (1).exe" not found "C:\Users\Peter\Downloads\adwcleaner.exe" not found "C:\Users\Peter\daemonprocess.txt" not found "C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job" not found ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] Advanced SystemCare Surfing Protection - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?ocid=iehp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?ocid=iehp" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Peter\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Peter\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 19/01/2014 at 14:40:11,65 ======================

Zoek.exe v5.0.0.0 Updated 18-Januari-2014 Tool run by Peter on za 18/01/2014 at 23:01:54,46. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Film downloads\Voor Tom\zoek.scr [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 18/01/2014 23:05:11 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Advanced File Optimizer deleted successfully C:\PROGRA~2\Astonsoft deleted successfully C:\PROGRA~2\BearShare Applications deleted successfully C:\PROGRA~2\Uniblue deleted successfully C:\ProgramData\IDM deleted successfully C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Users\Peter\AppData\Roaming\28968 deleted successfully C:\Users\Peter\AppData\Roaming\30760 deleted successfully C:\Users\Peter\AppData\Roaming\DMCache deleted successfully C:\Users\Peter\AppData\Roaming\HpUpdate deleted successfully C:\Users\Peter\AppData\Roaming\MusicNet deleted successfully C:\Users\Peter\AppData\Local\calibre-cache deleted successfully C:\Users\Peter\AppData\Local\CrashDumps deleted successfully C:\Users\Peter\AppData\Local\PowerCinema deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Common Files\Wondershare deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Peter\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2014-01-13 04:48:35 594F39871E3186EB8E0135C7E2CC5258 15877216 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll 2014-01-13 04:48:33 BDC32E3B7E5297EC0B4E0AEA2E2E55E0 9657464 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2014-01-13 04:48:25 A403088619D575D43AA0C46AD56BB203 22960416 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-01-13 04:48:18 C1E3CC280E6CB4F3C1BA9F9EC50683E2 2747680 ----a-w- C:\Windows\SysWOW64\nvcuvenc.dll 2014-01-13 04:48:18 9C1FBE3D3CBFCF88DCDFCB21D38307A3 2947872 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-01-13 04:48:18 5F0E3FBF97F9AABBC6B7227B77F7E958 15230352 ----a-w- C:\Windows\SysWOW64\nvd3dum.dll 2014-01-13 04:48:18 39BD6D4EF0FDBC92D0B1CD86A4D0BFF0 9700224 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-01-13 04:48:10 5F67586FFD23EBEF5C074296AA1E0F76 17560352 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-01-13 04:48:07 ABA754CB11D3C3D7C9C3A75449D2A96D 2698272 ----a-w- C:\Windows\SysWOW64\nvapi.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-01-13 04:48:36 F734952C1ECF5987F7A9442479BD7598 18310112 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll 2014-01-13 04:48:31 8C0E8871D4E2FFAB20319FB4162FDA00 11554264 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-01-13 04:48:28 006A27B58271126AD1D58302666F1471 30372640 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2014-01-13 04:48:23 CBF3BF5CFA0AB6D77AB59272605F625B 1884448 ----a-w- C:\Windows\Sysnative\nvdispco6433221.dll 2014-01-13 04:48:23 328D7B3C63E21B9B0D557484F99C177F 1511712 ----a-w- C:\Windows\Sysnative\nvdispgenco6433221.dll 2014-01-13 04:48:18 96E23AC6B6E6007CC2B42C9FE2BD4E69 3132704 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-01-13 04:48:18 334ECC4245D7E8A648D338E325E11C57 3125024 ----a-w- C:\Windows\Sysnative\nvcuvenc.dll 2014-01-13 04:48:18 10A5FF3ACDBA9289381772C5535CB55C 11605752 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-01-13 04:48:07 CD4EC143C035E069B40775197336DD1A 25257248 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-01-13 04:31:52 F0D94C5786977B4C44A914683DEBAA9A 1958616 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl 2014-01-13 04:31:50 A501B35471810628A9263E966FBCB362 153304 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll 2014-01-13 04:31:50 43E5AC698CDB42A7823106FF22D14F26 43342848 ----a-w- C:\Windows\Sysnative\RCoRes64.dat ====== C:\Windows\Sysnative\drivers ===== 2014-01-13 04:51:40 3E636A8B877F843C5F531BF478B24910 266968 ----a-w- C:\Windows\Sysnative\drivers\RtsUStor.sys 2014-01-13 04:48:23 0218E1CE8F7B5D404980192B9112D03A 12645664 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-01-13 04:31:52 69976169745EDFB3225D9ABEB5E91155 3771352 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2014-01-13 04:31:51 8AD236A88D274D688105C23679723581 693385 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT ====== C:\Windows\Tasks ====== 2013-12-20 04:33:59 97A18E313136E8F2F8BEC88B342643F2 3256 ----a-w- C:\Windows\Sysnative\Tasks\SomotoUpdateCheckerAutoStart ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-27 09:25:21 -------- d-----w- C:\Program Files\Enigma Software Group ======= C:\PROGRA~2 ===== 2014-01-18 17:28:06 -------- d-----w- C:\PROGRA~2\Trend Micro 2014-01-12 16:10:34 -------- d-----w- C:\PROGRA~2\DVDFab 9 2014-01-01 20:13:25 -------- d-----w- C:\PROGRA~2\Comical 2014-01-01 20:04:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Soda PDF 3D Reader 2013-12-30 15:17:59 -------- d-----w- C:\PROGRA~2\Calibre2 2013-12-20 06:02:26 -------- d-----w- C:\PROGRA~2\Wondershare 2013-12-20 04:56:54 -------- d-----w- C:\PROGRA~2\ImgBurn ======= C: ===== ====== C:\Users\Peter\AppData\Roaming ====== 2014-01-12 16:10:43 -------- d-----w- C:\Users\Peter\AppData\Roaming\DVDFab9 2014-01-04 13:40:45 1B8EC71C5204956F540D154CFA9F0AC1 38 ----a-w- C:\Users\Peter\AppData\Roaming\mbam.context.scan 2014-01-01 20:13:32 -------- d-----w- C:\Users\Peter\AppData\Local\cache 2014-01-01 20:05:09 -------- d-----w- C:\Users\Peter\AppData\Roaming\PDF Software 2013-12-30 15:18:15 -------- d-----w- C:\Users\Peter\AppData\Roaming\calibre 2013-12-27 11:07:41 -------- d-----w- C:\Users\Peter\AppData\Roaming\Movie DVD Convert 2013-12-27 09:39:53 -------- d-----w- C:\Users\Peter\AppData\Local\Temp 2013-12-25 20:31:59 059D947848840D73F4A36DE4C98FF85F 12194 ----a-w- C:\Users\Peter\AppData\Local\dd_vcredistUI0764.txt 2013-12-25 09:26:06 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG 2013-12-24 08:36:03 -------- d-----w- C:\Users\Peter\AppData\Roaming\AVG 2013-12-24 08:08:00 -------- d-----w- C:\Users\Peter\AppData\Roaming\AVG2014 2013-12-24 08:06:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2013-12-24 08:05:05 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2013-12-24 08:01:33 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2013-12-24 07:52:29 -------- d-----w- C:\Users\Peter\AppData\Local\Avg2014 2013-12-20 06:02:32 -------- d-----w- C:\Users\Peter\AppData\Local\Wondershare 2013-12-20 05:21:41 -------- d-----w- C:\Users\Peter\AppData\Roaming\DeepBurner Pro 2013-12-20 05:12:51 -------- d-----w- C:\Users\Peter\AppData\Roaming\ImgBurn 2013-12-20 04:44:21 -------- d-----w- C:\Users\Peter\AppData\Roaming\Canneverbe Limited 2013-12-20 04:33:55 -------- d-----w- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop ====== C:\Users\Peter ====== 2014-01-18 16:22:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner (2).exe 2014-01-18 16:21:33 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner (1).exe 2014-01-18 16:21:29 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner.exe 2014-01-12 16:10:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 2014-01-01 20:13:33 -------- d-----w- C:\Users\Peter\.android 2014-01-01 20:13:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Peter\daemonprocess.txt 2014-01-01 20:13:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comical 2013-12-30 15:17:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2013-12-27 10:06:38 -------- d-----w- C:\ProgramData\InstallMate 2013-12-24 08:36:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014 2013-12-24 08:35:22 -------- d-----w- C:\ProgramData\AVG 2013-12-24 08:01:46 -------- d-----w- C:\ProgramData\AVG2014 2013-12-20 04:44:30 -------- d-----w- C:\ProgramData\Canneverbe Limited 2013-12-20 04:33:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burn4Free ====== C: exe-files == 2014-01-18 16:22:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner (2).exe 2014-01-18 16:21:33 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner (1).exe 2014-01-18 16:21:29 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\Peter\Downloads\adwcleaner.exe 2014-01-16 07:39:54 1D0A1FF655C6CF2EA2DE4FB6AA8246AD 9046696 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.63_chrome_updater.exe 2014-01-13 04:51:35 1E00A0A539E7C30DD418E774428BA35B 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{8C0F2BE8-2214-4B3E-95A2-6CFA5B6DE558}\setup.exe 2014-01-13 04:51:07 B7973C405247C5A44BA46B12A4B7AEEA 922912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\nvvsvc.exe 2014-01-13 04:51:07 900B47792F30734A2805395EBEBB705E 1194784 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\nvxdsync.exe 2014-01-13 04:51:07 1E00A0A539E7C30DD418E774428BA35B 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\setup.exe 2014-01-13 04:51:06 8E3B16C9BADBEAC35F92F4553E38B171 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\nvSmartMaxapp64.exe 2014-01-13 04:51:06 556A74975E52F0853FCE02C05F83F9FF 2448160 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\NvTray.exe 2014-01-13 04:51:06 3C7224A0D1F629EB9B2BC2A79D86CAAE 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\nvSmartMaxapp.exe 2014-01-13 04:51:05 0FCBAB692485A4B867AC5EF896A2ED55 6866208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{1C89022E-99C3-474B-B2E4-874FE179E0AB}\nvcplui.exe 2014-01-13 04:50:59 1E00A0A539E7C30DD418E774428BA35B 407328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{12B99D19-5965-47B8-ADCE-A3B7646EEF39}\setup.exe 2014-01-13 04:48:07 AA24F8E20A16B9D9DFFC44A8158A2D6A 250144 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-01-13 04:31:52 781BAF1C6935A5D60C7945B34313F2DE 7506136 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 2014-01-13 04:31:52 72C58C9DE23EE6B9B15E9D3A33E5B59E 1719512 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe 2014-01-12 17:09:24 F8FAF72FB5835518531ACAC6661D8825 235040 ----a-w- C:\Program Files (x86)\DVDFab 9\FabCopy.exe 2014-01-12 17:09:24 9E9B6FBB987A9EEC284AE7DCFD3AE834 1290784 ----a-w- C:\Program Files (x86)\DVDFab 9\unins000.exe 2014-01-12 17:09:24 6BE267C6DC2857A08D52DEA8A9B520C9 867192 ----a-w- C:\Program Files (x86)\DVDFab 9\FabUpdate.exe 2014-01-12 16:10:36 D9FF547DF27616679B1D3B7D532F48FF 182776 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFab2Dto3D.exe 2014-01-12 16:10:36 D69F7D3552837F8D07050A6E14651167 180216 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabBluRay2Mobile3D.exe 2014-01-12 16:10:36 BED0EAB1C05C98395645429A8E74FD48 180728 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabFile2Mobile.exe 2014-01-12 16:10:36 AEB5AB975FFDA1B6AA82EB81763430FA 180768 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabBluRay2BluRay.exe 2014-01-12 16:10:36 A51EC85A81A8E7B11F3610538054C988 180728 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabBluRay2Mobile.exe 2014-01-12 16:10:36 A2AC590BF725B9506C1BE7B19D577A56 180728 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabBluRay2DVD.exe 2014-01-12 16:10:36 91DF740EDD0D828D6DFC4F1545E17A75 180216 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabFile2BluRay.exe 2014-01-12 16:10:36 76A6859F6AE756A951DECB0CBBDA8112 183288 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabDVD2DVD.exe 2014-01-12 16:10:36 3B75CF637E0E2BB6FB29946F7122497D 181752 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabFile2DVD.exe 2014-01-12 16:10:36 352403FAE3C1035610C0B6F4139C1564 193328 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabAddonDVD.exe 2014-01-12 16:10:36 27E51DA69725F8E3430416A8DE9C1062 181752 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabFileMover.exe 2014-01-12 16:10:36 224BDE43A113F30EBCE6D9BC351D06BF 195576 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabAddonBluRay.exe 2014-01-12 16:10:36 117D280AF3E4296F7C9ACBE0EC6D7013 183288 ----a-w- C:\Program Files (x86)\DVDFab 9\Options\DVDFabDVD2Mobile.exe 2014-01-12 16:10:35 FF9EE2FD7A4469C98605A986CA677B12 320376 ----a-w- C:\Program Files (x86)\DVDFab 9\FabCheck.exe 2014-01-12 16:10:35 DA9CDF1766D33DD953FB14546767A8D9 2095136 ----a-w- C:\Program Files (x86)\DVDFab 9\FabReport.exe 2014-01-12 16:10:35 9EC4CF2BE831C22DE9EB9258DE2F98BE 1206816 ----a-w- C:\Program Files (x86)\DVDFab 9\FileMover.exe 2014-01-12 16:10:35 99FD72C7F013922A796000652DAFB183 149024 ----a-w- C:\Program Files (x86)\DVDFab 9\FabRegOp.exe 2014-01-12 16:10:35 15468DDE424134A788ED34EFE7875F08 542240 ----a-w- C:\Program Files (x86)\DVDFab 9\FabCore.exe 2014-01-12 16:10:34 F26BCC142EFDBDC681BB55B860297CBB 12589600 ----a-w- C:\Program Files (x86)\DVDFab 9\DVDFab.exe 2014-01-12 14:30:57 7B06272220D17921BEB54BC46F7FA661 46629360 ----a-w- C:\Users\Peter\Documents\DVDFab9\updateTemp\downloadTemp_9122\DVDFab_setup.exe === C: other files == 2014-01-13 19:33:57 76AC2E857B7000C34DB6F1FB90479DA2 367895 ----a-w- C:\ProgramData\AVG2014\IDS\outbox\tmp_f3667191-b298-47d2-89c4-d16f5ed96a71.zip 2014-01-13 04:51:40 3E636A8B877F843C5F531BF478B24910 266968 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rtsustor.inf_d793cfc3\RtsUStor.sys 2014-01-13 04:51:40 3E636A8B877F843C5F531BF478B24910 266968 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys 2014-01-13 04:48:23 0218E1CE8F7B5D404980192B9112D03A 12645664 ----a-w- C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_63f515ed\nvlddmkm.sys 2014-01-13 04:48:23 0218E1CE8F7B5D404980192B9112D03A 12645664 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-01-13 04:31:52 69976169745EDFB3225D9ABEB5E91155 3771352 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdxcpc.inf_a983f82e\RTKVHD64.sys 2014-01-13 04:31:52 69976169745EDFB3225D9ABEB5E91155 3771352 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto " "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "KBD"="C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" "OsdMaestro"="c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 " "UpdateLBPShortCut"="c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 " "UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0 " "UpdatePSTShortCut"="c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium UpdateWithCreateOnce Software\CyberLink\PowerStarter" "TSMAgent"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "CLMLServer for HP TouchSmart"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "DVDAgent"="c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart " "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto " "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Health Check Scheduler"="\"c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe\"" "HP Software Update"="\"C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "BrMfcWnd"="\"C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe\" /AUTORUN" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lollipop.lnk] "backup"="C:\\Windows\\pss\\lollipop.lnk.Startup" "backupExtension"=".Startup" "item"="lollipop" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/12/2013 22:57] C:\Windows\tasks\Driver Booster Update.job --a------ C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [04/11/2013 11:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03] C:\Windows\tasks\HPCeeScheduleForPeter.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 17:17] C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job --a------ C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [02/02/2009 19:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4693" [wscript.exe C:\Users\Peter\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_Peter" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\ASO-System Protector_startup" [C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\FGRun" [C:\Users\Peter\AppData\Roaming\pack.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard online update program" [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] "C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\SysNative\tasks\HP online update program" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPeter" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\ParetoLogic Update Version3 Startup Task" [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe] "C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe] "C:\Windows\SysNative\tasks\Peter DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"] "C:\Windows\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\SysNative\tasks\SomotoUpdateCheckerAutoStart" [C:\Users\Peter\AppData\Local\FilesFrog Update Checker\update_checker.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Analyzer" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Processor" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] Advanced SystemCare Surfing Protection - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Google Wallet - Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Reset Google Chrome ====================== C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== C:\zoek_backup content ====================== ==== EOF on za 18/01/2014 at 23:18:35,24 ======================

Hallo, Heb probleem met Google Chrome, internet kan ik gebruiken, maar krijg telkens de boodschap: Google Chrome: Je voorkeuren kunnen niet worden gelezen. S Sommige functies zijn wellicht niet beschikbaar en wijzigingen in voorkeuren worden niet opgeslagen. Kan iemand helpen! Bedankt alvast! Mvg Vogeltje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:50:26, on 18/01/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12871 bytes

De computer reageert sneller, moet minder lang zoeken en blokkeert tot nu toe niet meer. Ben zeer blij dat jullie me konden helpen en doe met plezier een bijdrage voor PC Helpforum - Gratis hulp bij computer problemen Succes verder... Mvg Vogeltje

Zoek.exe Version 4.0.0.5 Updated 14-November-2013 Tool run by Peter on za 16/11/2013 at 9:20:23,13. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Film downloads\zoek.com [script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-15-212228.log 52925 bytes C:\zoek-results2013-11-16-081324.log 4392 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (2).exe" not found "C:\Users\Peter\Downloads\ChromeSetup (4).exe" not found "C:\Users\Peter\Downloads\ChromeSetup (3).exe" not found "C:\Users\Peter\Downloads\ChromeSetup (2).exe" not found "C:\Users\Peter\Downloads\ChromeSetup (1).exe" not found "C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (1).exe" not found "C:\Users\Peter\Documents\APNSetup1.exe" not found ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] Advanced SystemCare Surfing Protection - Peter - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Peter\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on za 16/11/2013 at 9:34:08,88 ======================

Zoek.exe Version 4.0.0.5 Updated 14-November-2013 Tool run by Peter on vr 15/11/2013 at 21:56:14,44. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Film downloads\zoek.scr [script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/11/2013 21:58:16 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\GUM6135.tmp deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\TuneUp Utilities 2011 deleted successfully C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\ProgramData\AOL deleted successfully C:\ProgramData\Babylon deleted successfully C:\ProgramData\Browser Manager deleted successfully C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted successfully C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC} deleted successfully C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\Peter\AppData\Roaming\7952 deleted successfully C:\Users\Peter\AppData\Roaming\HpUpdate deleted successfully C:\Users\Peter\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Peter\AppData\Roaming\Opera deleted successfully C:\Users\Peter\AppData\Roaming\PerformerSoft deleted successfully C:\Users\Peter\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Peter\AppData\Roaming\YourFileDownloader deleted successfully C:\Users\Peter\AppData\Local\Opera deleted successfully C:\Users\Peter\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} deleted successfully HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4849502D-5637-006A-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{6e47d688-85ec-465a-9946-ec58220f14fc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASO3DiskOptimizer deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ASO3DiskOptimizer deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\Babylon not found C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} not found C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC} not found C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found "C:\Windows\Installer\651b5b.msi" not found "C:\Windows\Installer\651b62.msi" not found C:\ProgramData\AskPartnerNetwork deleted C:\ProgramData\APN deleted C:\PROGRA~2\Uniblue\SpeedUpMyPC deleted C:\PROGRA~2\Advanced System Optimizer 3 deleted C:\PROGRA~2\BearShare Applications\Mediabar deleted C:\PROGRA~2\iMesh Applications deleted C:\PROGRA~2\Protected Search deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Red Sky deleted C:\PROGRA~2\Search Results Toolbar deleted C:\PROGRA~2\AVG Secure Search deleted C:\found.000 deleted C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk deleted C:\Users\Peter\AppData\Roaming\Uniblue deleted C:\Users\Peter\AppData\Roaming\Searchya deleted C:\Users\Peter\AppData\Roaming\GoforFiles deleted C:\Users\Peter\AppData\Roaming\DDownTango6bToolbar deleted C:\Users\Peter\AppData\Roaming\ExpressFiles deleted C:\Users\Peter\AppData\Roaming\Systweak deleted C:\ProgramData\BrowserProtect deleted C:\ProgramData\Systweak deleted C:\ProgramData\StarApp deleted C:\ProgramData\Wincert deleted C:\ProgramData\SweetIM deleted C:\ProgramData\Uniblue\DriverScanner deleted C:\ProgramData\AVG Secure Search deleted C:\ProgramData\InstallMate deleted C:\ProgramData\Package Cache deleted C:\Users\Peter\AppData\Local\speeddial.crx deleted C:\Users\Peter\AppData\Local\AVG Secure Search deleted C:\Users\Peter\AppData\Local\BearShare deleted C:\Users\Peter\AppData\Local\Systweak deleted C:\Users\Peter\AppData\Local\DownTango deleted C:\Users\Peter\AppData\Local\AskPartnerNetwork deleted C:\Users\Peter\AppData\Local\Babylon deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\Searchya deleted C:\Windows\Tasks\SpeedUpMyPC.job deleted C:\Windows\SysNative\sasnative64.exe deleted C:\Users\Peter\AppData\LocalLow\express-files deleted C:\Users\Peter\AppData\LocalLow\SweetIM deleted C:\Users\Peter\AppData\LocalLow\AVG Secure Search deleted C:\Users\Peter\AppData\LocalLow\IAC deleted C:\Users\Peter\AppData\LocalLow\bearsharetoolbarguid deleted C:\Users\Peter\AppData\LocalLow\Delta deleted C:\Users\Peter\AppData\LocalLow\Smartbar deleted C:\Users\Peter\AppData\LocalLow\DataMngr deleted C:\Users\Peter\AppData\LocalLow\SimplyTech deleted C:\Users\Peter\AppData\LocalLow\PriceGong deleted C:\Users\Peter\AppData\LocalLow\Conduit deleted C:\Users\Peter\AppData\LocalLow\Toolbar4 deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\windows\SysNative\tasks\ProtectedSearch deleted C:\windows\SysNative\Tasks\Express FilesUpdate deleted C:\windows\SysNative\Tasks\Advanced System Protector deleted C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\Windows\tasks\spmonitor.job deleted C:\windows\SysNative\tasks\spmonitor deleted C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job deleted C:\Windows\tasks\ASO-OneClickCare.job deleted C:\windows\SysNative\tasks\YourFile DownloaderUpdate deleted C:\windows\SysNative\tasks\RegClean Pro deleted C:\Windows\Launcher.exe deleted C:\Users\Public\Desktop\Advanced System Protector.lnk deleted C:\Users\Public\Desktop\SpeedUpMyPC.lnk deleted C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted "C:\Windows\tasks\Driver Booster Update.job" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCall.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla17.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla18.exe" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla19.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla20.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.dll" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.exe" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseData.ini" deleted "C:\PROGRA~2\ExpressFiles\EFUpdater.exe" deleted "C:\PROGRA~2\ExpressFiles\htmlayout.dll" deleted "C:\PROGRA~2\Advanced System Protector\AdvancedSystemProtector.exe" deleted "C:\PROGRA~2\Advanced System Protector\aspsys.dll" deleted "C:\PROGRA~2\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\PROGRA~2\Advanced System Protector\System.Data.SQLite.dll" deleted "C:\PROGRA~2\Advanced System Protector\unrar.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Compression.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.FileSystem.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Zip.dll" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\PROGRA~2\ExpressFiles" deleted "C:\PROGRA~2\Advanced System Protector" not deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Peter\AppData\Local\Temp ==== 2013-11-06 02:26:34 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\Peter\AppData\Local\Temp\69492353-BAB0-7891-8CCF-681D164AB388\Latest\IEHelper.dll 2013-11-06 02:26:34 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\Peter\AppData\Local\Temp\69492353-BAB0-7891-8CCF-681D164AB388\Latest\sqlite3.dll 2013-11-06 02:25:24 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\Peter\AppData\Local\Temp\E445E0A7-BAB0-7891-84DD-7DF30FFDE075\Latest\IEHelper.dll 2013-11-06 02:25:24 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\Peter\AppData\Local\Temp\E445E0A7-BAB0-7891-84DD-7DF30FFDE075\Latest\sqlite3.dll 2013-11-05 23:56:35 D8CD92EC440E97B9F146AB8AF5A22599 163720 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\psuser.dll 2013-11-05 23:56:35 CFAF7B67C78D09D79688AEDCA3D090E2 597896 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\npGoogleUpdate3.dll 2013-11-05 23:56:35 5A868A07FD086421BC103C8087023B31 163720 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\psmachine.dll 2013-11-05 23:56:33 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateBroker.exe 2013-11-05 23:56:33 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleCrashHandler.exe 2013-11-05 23:56:33 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateOnDemand.exe 2013-11-05 23:56:33 70AB209D149CB85AB9B8021947AFB6B0 26112 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateHelper.msi 2013-11-05 23:56:33 6D6B5D52BB81F82F5D0103E6175D1F4F 869256 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\goopdate.dll 2013-11-05 23:56:33 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdate.exe 2013-11-05 23:56:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleUpdateSetup.exe 2013-11-05 23:56:33 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Peter\AppData\Local\Temp\{B3B090A7-9AA1-4739-BEA2-9CC26BCDB253}\GoogleCrashHandler64.exe ====== C:\Windows\SysWOW64 ===== 2013-11-14 22:28:12 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 22:28:05 DCB083DB10F5CD7570482954BDFE6DB3 3627008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-11-14 22:28:05 94BA6C93133DE9808813EA28C85FA6F2 480256 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-11-14 22:28:02 CBB77FF32F63F6C5D0A64B33F3296401 671232 ----a-w- C:\Windows\SysWOW64\mstime.dll 2013-11-14 22:28:02 BEF8AD1543B64730785D2109C1D13439 389632 ----a-w- C:\Windows\SysWOW64\html.iec 2013-11-14 22:28:02 B1BFB57EE386721291523F0F84A1B8F4 1383424 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-11-14 22:28:02 A5200E2D1322AF0F7D277183184B1F5A 180736 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-11-14 22:28:02 86341C8175272B17CC745D0CD0419189 498688 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-11-14 22:28:02 763D527FB0BED25520F9EC0FB3C70AB3 27648 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-11-14 22:28:02 548468398917AA0A2BABDBFC4B12E429 1177600 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-11-14 22:28:02 4BC634AC420F0A19C0877DFD107765FC 193024 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-11-14 22:28:02 2F5B397636F8FE52DC30A6B4102FE6EE 6119424 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-11-14 22:28:02 223C58197AB81772A121F8E92ECFB1C7 19456 ----a-w- C:\Windows\SysWOW64\corpol.dll 2013-11-14 22:28:02 20CCD6A06E5908107B0FA0DE7C93EB3E 106496 ----a-w- C:\Windows\SysWOW64\url.dll 2013-11-14 22:28:02 1CF733C64CA2C8A334991EE11172F3EB 834048 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-11-14 22:28:02 1937AFFC20FEAFD62EA4B6B542F7E0B1 271872 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-11-14 22:28:01 9D2DE6F8E73ADAEB7F25F1E4DA553C80 380928 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2013-11-14 22:27:49 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-11-14 22:25:36 804513A03B06FE8DC56CAD879BA42FD6 304128 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2013-11-05 04:17:19 6D9909BC35F789D4FF9243220694EE66 4392 ----a-w- C:\Windows\SysWOW64\HideMyIpSRVOff.ini 2013-11-05 04:17:19 5D446E440DC9F102342E77EBDE3682A4 8240 ----a-w- C:\Windows\SysWOW64\HideMyIpSRV.ini ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-11-14 22:28:13 0401A380C88754B2399F8043AC9B2BF9 462848 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL 2013-11-14 22:28:12 F947921ABCF504A7CA03F28709324F9D 781824 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL 2013-11-14 22:28:12 294362FF85B023080703240B0696D1D8 217074 ----a-w- C:\Windows\Sysnative\WFP.TMF 2013-11-14 22:28:09 A4B19D5D686C2DB90004875BD15AB509 5737984 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-11-14 22:28:05 8F4BEDAA4B06D1F4962A43CF3C7C033F 763392 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-11-14 22:28:02 F5C4F4FF16FDAF8B20D4447186A7D9C5 1383424 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-11-14 22:28:02 BCDDEA75EF56A5D76CE6051D60184AFB 249856 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-11-14 22:28:02 BCCAA65BDDDF000ED7D833BD7AE44769 33792 ----a-w- C:\Windows\Sysnative\corpol.dll 2013-11-14 22:28:02 A80333C6695E8260659F24F0F95DE1A9 623104 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-11-14 22:28:02 A1E6CB146F6DFE122E9D828EF3ED446D 7051776 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-11-14 22:28:02 89533400A5ED732B7DD0B4FFF5CA73C5 1032192 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-11-14 22:28:02 67460D3E934323F914F6BB529F47AF38 32256 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-11-14 22:28:02 64266732A841CD56E450B63BBEE96D2F 224768 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-11-14 22:28:02 53920CF165DC550F090B535EC87D9504 1430528 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-11-14 22:28:02 405B795794A087E36A183BACFB4C2708 1129984 ----a-w- C:\Windows\Sysnative\mstime.dll 2013-11-14 22:28:02 3AD2EF3A0B6F50DBAE8095B9C90B283F 422400 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2013-11-14 22:28:02 31D494735F33D1202D9949E4DDCBF0F4 485376 ----a-w- C:\Windows\Sysnative\html.iec 2013-11-14 22:28:02 2CEF39BCC201A3D0C8056BBCCD637B81 108544 ----a-w- C:\Windows\Sysnative\url.dll 2013-11-14 22:28:02 2202EBD33F34CAD2D41D290131C06EDD 377856 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-11-14 22:27:49 3B748E0A5FAA10E4DD2165A6E859C59C 1278976 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-11-14 22:25:36 8C92D6DB08B4632D9E680B783C02DE04 389632 ----a-w- C:\Windows\Sysnative\gdi32.dll 2013-11-05 04:36:38 210F65597C5D49E462BF47E845CE31F7 528 ----a-w- C:\Windows\Sysnative\avgrep.txt 2013-11-05 04:17:19 DE98A7BA286610F52872FFBFDF7785B3 4392 ----a-w- C:\Windows\Sysnative\HideMyIpSRVOff.ini ====== C:\Windows\Sysnative\drivers ===== 2013-11-14 22:25:32 2BA159E1F9FD75F6A496742B20F1D9CF 404992 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-11-05 04:17:19 D32A664F2F0F396511D0403142C4C80B 30056 ----a-w- C:\Windows\Sysnative\drivers\hmip64.sys 2013-11-01 08:49:10 0F74F85AAB85B099BF900D6FF63D85B9 646313 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT 2013-11-01 08:49:10 0CDE7928C4B99C25AAED3B4E84E78168 3641688 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys 2013-11-01 08:45:26 5A81DCCDA60D41BAC26C00B650D8769D 12537632 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2013-11-01 08:15:33 B68385FD0CB677A1BB3EAB0BEB2999B7 17720 ----a-w- C:\Windows\Sysnative\drivers\SmartDefragDriver.sys 2013-11-01 08:10:03 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2013-11-01 08:25:40 C380DA57651440D4D8934F8FA3B42905 3166 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag_Startup 2013-11-01 08:25:39 70394E5A240B76CF70C04E5F38E8A0D8 3164 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefragUpdate 2013-11-01 08:15:31 74100C64FA17818A612FF0EE7BE4619C 3214 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Scan ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-11-12 20:53:08 -------- d-----w- C:\Program Files\trend micro 2013-11-06 02:25:29 -------- d-----w- C:\Program Files\Unlocker ======= C:\PROGRA~2 ===== 2013-11-06 20:46:48 -------- d-----w- C:\PROGRA~2\Internet Explorer 2013-11-01 07:37:45 -------- d-----w- C:\PROGRA~2\IObit 2013-10-31 21:51:49 -------- d-----w- C:\PROGRA~2\Enigma Software Group 2013-10-31 21:51:00 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard ======= C: ===== 2013-10-31 21:52:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Peter\AppData\Roaming ====== 2013-11-06 02:25:29 -------- d-----w- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2013-11-05 23:41:50 87720BD21772A6174705E3317322DD05 732 ----a-w- C:\Users\Peter\AppData\Local\d3d9caps64.dat 2013-11-01 07:45:52 -------- d-----w- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 07:38:00 -------- d-----w- C:\Users\Peter\AppData\Roaming\Apple Computer 2013-11-01 07:38:00 -------- d-----w- C:\Users\Peter\AppData\Locallow\IObit 2013-11-01 07:37:53 -------- d-----w- C:\Users\Peter\AppData\Roaming\IObit 2013-10-26 13:46:46 -------- d-----w- C:\Users\Peter\AppData\Roaming\HideIPEasy 2013-10-18 04:33:41 8C44D0657088A26BE0B4B4BB1FF6B78E 17136 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\prvlcl.dat ====== C:\Users\Peter ====== 2013-11-06 01:58:44 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (2).exe 2013-11-06 01:55:53 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (4).exe 2013-11-06 01:55:52 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (3).exe 2013-11-06 01:54:17 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (2).exe 2013-11-06 01:54:09 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup (1).exe 2013-11-06 01:54:04 F69DB987E7E0433B2F0EB778646C1A4C 819184 ----a-w- C:\Users\Peter\Downloads\ChromeSetup.exe 2013-11-06 00:56:45 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed (1).exe 2013-11-06 00:49:53 EEA229F729537E17677A4C9827E42BC2 2243616 ----a-w- C:\Users\Peter\Downloads\GoogleToolbarInstaller_en32_signed.exe 2013-11-05 03:02:43 363A4A68A86441777924DF8219AEB72C 489392 ----a-w- C:\Users\Peter\Documents\APNSetup1.exe 2013-11-01 08:15:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2013-11-01 08:01:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2 2013-11-01 07:45:52 -------- d-----w- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 07:38:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2013-11-01 07:37:59 -------- d-----w- C:\ProgramData\ProductData 2013-11-01 07:37:53 -------- d-----w- C:\ProgramData\IObit 2013-10-26 13:46:46 -------- d-----w- C:\ProgramData\HideIPEasy 2013-10-26 13:46:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP Easy 2013-10-23 14:33:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG ====== C: exe-files == 2013-11-14 22:28:02 8F12A96E94811AD0FAAE6950A0B343C5 389632 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe 2013-11-14 22:28:02 1232E2041A428E860F794392AA7B8912 304128 ----a-w- C:\Program Files (x86)\Internet Explorer\ieuser.exe 2013-11-12 20:53:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Peter.exe 2013-11-12 20:52:13 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Film downloads\RSITx64.exe 2013-11-12 05:23:57 4D0EE094196D56C30E34F92C851C0E9B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IR3NU9U.exe 2013-11-11 06:11:49 F5B8CF5BD7BFFAD1CF53BD08810B10CC 331712 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RR3NU9U.exe === C: other files == 2013-11-15 20:51:52 1BBC4C5188C847EE6FAC6D94E1049F47 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IRFA52J.com 2013-11-15 20:37:37 90BD324DA65A123553AB4759378B6596 1394331 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RRFA52J.com 2013-11-14 22:25:32 2BA159E1F9FD75F6A496742B20F1D9CF 404992 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-11-14 22:24:38 996A3276CC02FFE94C81D1D305EBF713 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IR0LDMO.zip 2013-11-14 22:23:31 F929500C03A3E6B6D690983BCB0D1503 32047 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RR0LDMO.zip 2013-11-14 20:54:12 CB4F5E32EF002544FEE60898B3EDC794 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IJQF274.zip 2013-11-14 20:51:09 F929500C03A3E6B6D690983BCB0D1503 32047 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RJQF274.zip 2013-11-12 05:24:05 2EB0F5D7036A1CB096603EA4896D24D4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$ICIQIAD.zip 2013-11-11 11:19:20 F96078A869F5EC97363588128E8EC38F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IHBZ8NK.zip 2013-11-11 11:18:17 AD4D73F19FC3096DCE5D4E707E1800B1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$I8J8TFT.zip 2013-11-11 11:18:14 89C874C3738729E88A62DA3C42137443 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IYXVK4H.zip 2013-11-11 11:16:46 6EA30B18A524A27AE9DCA96829C67217 29638 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$R8J8TFT.zip 2013-11-11 11:16:13 2DDA225F2BA5F5350D58877635A90563 30624 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RYXVK4H.zip 2013-11-11 11:15:06 CC520186B880281E1F3BFF73E95AEB75 33602 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$RCIQIAD.zip 2013-11-11 10:59:32 EF7B75190B50BF6B6C10CA355097357E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3930024867-1471058179-2470722348-1000\$IVQK1BB.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3930024867-1471058179-2470722348-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "KBD"="C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" "OsdMaestro"="c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "UpdateP2GoShortCut"="c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 " "UpdateLBPShortCut"="c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 " "UpdatePDIRShortCut"="c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0 " "UpdatePSTShortCut"="c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium UpdateWithCreateOnce Software\CyberLink\PowerStarter" "TSMAgent"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "CLMLServer for HP TouchSmart"="c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "DVDAgent"="c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart " "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden " "Akamai NetSession Interface"="C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe " "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "SmartMenu"="%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Health Check Scheduler"="\"c:\\Program Files (x86)\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe\"" "HP Software Update"="\"C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe\"" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "BrMfcWnd"="\"C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe\" /AUTORUN" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/11/2012 12:03] C:\Windows\tasks\HPCeeScheduleForPeter.job --a------ C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [24/02/2009 17:17] C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [02/02/2009 19:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4693" [wscript.exe C:\Users\Peter\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASO-System Protector_startup" [C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\FGRun" [C:\Users\Peter\AppData\Roaming\pack.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard online update program" [c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe] "C:\Windows\SysNative\tasks\HP Health Check" ["c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\SysNative\tasks\HP online update program" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPeter" [C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe] "C:\Windows\SysNative\tasks\Peter DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\Windows\SysNative\tasks\RecoveryCD" ["C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"] "C:\Windows\SysNative\tasks\ScanSoft Background Update" [C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Analyzer" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Management\Norton Error Processor" [C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\Peter\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [21/08/2013 19:15] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ajcghoegamlabppilamagaddfdfamden - C:\Program Files (x86)\LyricsArt\116.crx[] gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Peter\AppData\Roaming\7go\7go.crx[] nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12/10/2013 13:04] niapdbllcanepiiimjjndipklodoedlc - No path found[] Google Docs - Peter - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Peter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Peter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Peter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Peter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Peter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutDtDtByCtCzztA0DzztAzztB0EtD0D0AtN0D0Tzu0CyEzztDtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0M1L1E1F1G2U&cr=790149319&ir=" "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt" "Default_Search_URL"="http://www.google.com" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.searchya.com/?f=1&a=SearchooD&cd=2XzuyEtN2Y1L1QzutDtDtByCtCzztA0DzztAzztB0EtD0D0AtN0D0Tzu0CyEzztDtN1L2XzutBtFtBtFtCtFyEtAtBtN1L1Czu0M1L1E1F1G2U&cr=790149319&ir=" "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt" "Default_Search_URL"="http://www.google.com" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=QuickOC&dpid=QuickOC&co=BE&userid=cfc0bbe8-3108-4859-9274-cd4029da5060&searchtype=ds&q={searchTerms}&installDate=01/01/1970" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Default_Search_URL"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Default_Search_URL"="http://www.google.com/" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Default_Search_URL"="http://www.google.com/" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&home=true&tid=3231" "Default_Search_URL"="http://www.google.com" "Search Bar"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "Search Page"="http://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ajcghoegamlabppilamagaddfdfamden deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Peter\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\PROGRA~2\Advanced System Protector" not found ==== EOF on vr 15/11/2013 at 22:22:28,61 ======================

Logfile of random's system information tool 1.09 (written by random/random) Run by Peter at 2013-11-14 21:42:18 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 358 GB (51%) free of 699 GB Total RAM: 8182 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:42:28, on 14/11/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\ExpressFiles\EFUpdater.exe C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Peter.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Searchya Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Ask Toolbar BHO - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: (no name) - {6e47d688-85ec-465a-9946-ec58220f14fc} - (no file) O3 - Toolbar: Ask Toolbar - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing) O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: ASO3DiskOptimizer - Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13866 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=ceb53750-52d4-4164-be54-d41e0f78e529 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\7b94e044-f7bd-4f65-b51b-810add4f9019-29c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 wininit.exe winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\SysWOW64\brsvc01a.exe taskeng.exe {3EB84A13-D5CE-42E0-8D35-08C62C8CF273} C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork taskeng.exe {890D3C43-381C-4CD7-BB82-54E7BCBF3BDC} taskeng.exe {9982C4FA-31DB-48C9-A1A1-259390083486} "C:\Program Files (x86)\ExpressFiles\EFUpdater.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch brss01a.exe "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe" "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe" "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Windows\ehome\ehtray.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" C:\Windows\ehome\ehmsas.exe -Embedding "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=568cac2d-9040-4e58-821f-8e67cec22509 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f6b68271-0353-456a-adb8-27136819ef65-d9c-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" "C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess C:\Windows\System32\svchost.exe -k swprv "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe" C:\Windows\system32\vssvc.exe "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2188 "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 2612 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Sidebar\sidebar.exe /autoRun C:\Program Files\Windows Sidebar\sidebar.exe /autoRun C:\Windows\system32\conime.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe" "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe" "C:\Program Files\WinRAR\WinRAR.exe" x -iext -ow -ver "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part2.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part3.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part4.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part5.rar" "-an=C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part6.rar" -- "C:\Film downloads\Voor Tom\Machtte Kills (2013)\m.2013.1080p.u19172.part1.rar" "C:\Film downloads\Voor Tom\Machtte Kills (2013)\" "C:\Users\Peter\Desktop\RSITx64.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.pc-helpforum.be/f167/een-object-van-het-type-system-66095-new/" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="5716.0.293326529\102109566" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5716.1.344493155\387118332" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:r5 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="5716.2.791265607\1340135522" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5716.3.1405962242\871466136" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0603 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3158 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5716.4.467888764\1042384261" --ppapi-flash-args --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job C:\Windows\tasks\ASO-OneClickCare.job C:\Windows\tasks\Driver Booster Update.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForPeter.job C:\Windows\tasks\PCDRScheduledMaintenance.job C:\Windows\tasks\SpeedUpMyPC.job C:\Windows\tasks\spmonitor.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-01 2486592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\Windows\system32\mscoree.dll [2009-11-08 444752] {4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {6e47d688-85ec-465a-9946-ec58220f14fc} {4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184] "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512] "IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616] "Akamai NetSession Interface"=C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472] "Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2013-05-30 122984] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288] "OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600] "UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdateLBPShortCut"=c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePSTShortCut"=c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe [2009-02-02 210216] "TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424] "CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640] "DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200] "NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2009-01-09 114688] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-19 1150976] "DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30 1517640] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-11-07 1707472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-06-19 52272] "UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= [] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "EnableLinkedConnections"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\academy-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bejeweledtwist-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blasterball3-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\buildalot2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chocolatier-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chuzzle-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deathonthenile-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diner dash-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dinerdash2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\farm-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fate-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\golf-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\insaniquarium-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jewelquest3-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\labelprint.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong_artifacts-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onplay.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdr5cuiw32.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdr.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pegglenights-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\penguins-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polar-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polarpool-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regcleanpro.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\slingo-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stoneloops-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sump.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tradewindscaravans-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\turbopizza-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins001.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtual villagers - the secret city-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtualvillagers-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wedding dash-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winbej2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zuma-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "wave2"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .cmd - open - NOTEPAD.EXE %1 .vbs - open - NOTEPAD.EXE %1 ======List of files/folders created in the last 3 months====== 2013-11-13 05:05:41 ----A---- C:\Windows\system32\IKEEXT.DLL 2013-11-13 05:05:41 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 05:05:40 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL 2013-11-13 05:05:37 ----A---- C:\Windows\system32\mshtml.dll 2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-11-13 05:05:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-11-13 05:05:34 ----A---- C:\Windows\system32\wininet.dll 2013-11-13 05:05:34 ----A---- C:\Windows\system32\urlmon.dll 2013-11-13 05:05:34 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-13 05:05:34 ----A---- C:\Windows\system32\ieframe.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\url.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\mstime.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2013-11-13 05:05:33 ----A---- C:\Windows\SYSWOW64\corpol.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\url.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\mstime.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\jsproxy.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\ieui.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\iertutil.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\iepeers.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\ieapfltr.dll 2013-11-13 05:05:33 ----A---- C:\Windows\system32\corpol.dll 2013-11-13 05:05:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-11-13 05:05:32 ----A---- C:\Windows\system32\crypt32.dll 2013-11-13 05:05:30 ----A---- C:\Windows\SYSWOW64\gdi32.dll 2013-11-13 05:05:30 ----A---- C:\Windows\system32\gdi32.dll 2013-11-13 05:05:30 ----A---- C:\Windows\system32\drivers\afd.sys 2013-11-12 21:53:08 ----D---- C:\rsit 2013-11-12 21:53:08 ----D---- C:\Program Files\trend micro 2013-11-06 21:46:48 ----D---- C:\Program Files (x86)\Internet Explorer 2013-11-06 03:25:29 ----D---- C:\Program Files\Unlocker 2013-11-05 05:36:38 ----A---- C:\Windows\system32\avgrep.txt 2013-11-05 05:34:09 ----A---- C:\Windows\ntbtlog.txt 2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRVOff.ini 2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRV.ini 2013-11-05 05:17:19 ----A---- C:\Windows\system32\HideMyIpSRVOff.ini 2013-11-05 05:17:19 ----A---- C:\Windows\system32\drivers\hmip64.sys 2013-11-05 04:11:04 ----D---- C:\ProgramData\AskPartnerNetwork 2013-11-05 04:11:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork 2013-11-05 04:03:24 ----D---- C:\ProgramData\APN 2013-11-01 12:44:51 ----D---- C:\Users\Peter\AppData\Roaming\Nico Mak Computing 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtPgEx64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtDataProc64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys 2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT 2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoRes64.dat 2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoInstII64.dll 2013-11-01 09:49:07 ----A---- C:\Windows\system32\FMAPO64.dll 2013-11-01 09:49:07 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvwgf2umx.dll 2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvopencl.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvoglv64.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispgenco6433158.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispco6433158.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvid.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvenc.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcuda.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcompiler.dll 2013-11-01 09:25:40 ----A---- C:\Windows\system32\SmartDefragBootTime.exe 2013-11-01 09:20:44 ----A---- C:\Windows\system32\PROUnstl.exe 2013-11-01 09:15:33 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys 2013-11-01 09:10:03 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-11-01 08:45:52 ----D---- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 08:45:52 ----D---- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 08:38:00 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer 2013-11-01 08:37:59 ----D---- C:\ProgramData\ProductData 2013-11-01 08:37:55 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2013-11-01 08:37:53 ----D---- C:\Users\Peter\AppData\Roaming\IObit 2013-11-01 08:37:53 ----D---- C:\ProgramData\IObit 2013-11-01 08:37:45 ----D---- C:\Program Files (x86)\IObit 2013-10-31 22:52:10 ----A---- C:\autoexec.bat 2013-10-31 22:51:49 ----D---- C:\Program Files (x86)\Enigma Software Group 2013-10-31 22:51:01 ----D---- C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP 2013-10-27 16:46:50 ----D---- C:\ProgramData\Package Cache 2013-10-26 14:46:46 ----D---- C:\Users\Peter\AppData\Roaming\HideIPEasy 2013-10-26 14:46:46 ----D---- C:\ProgramData\HideIPEasy 2013-10-24 04:53:40 ----D---- C:\Users\Peter\AppData\Roaming\7952 2013-10-10 04:25:41 ----A---- C:\Windows\system32\win32k.sys 2013-10-10 04:25:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-10 04:25:36 ----A---- C:\Windows\system32\cdd.dll 2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2013-10-10 04:25:28 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll 2013-10-10 04:25:28 ----A---- C:\Windows\system32\FntCache.dll 2013-10-10 04:25:28 ----A---- C:\Windows\system32\DWrite.dll 2013-10-10 04:25:28 ----A---- C:\Windows\system32\d3d10warp.dll 2013-10-10 04:25:28 ----A---- C:\Windows\system32\d3d10level9.dll 2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10core.dll 2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll 2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll 2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d3d10.dll 2013-10-10 04:25:27 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10core.dll 2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10_1core.dll 2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10_1.dll 2013-10-10 04:25:27 ----A---- C:\Windows\system32\d3d10.dll 2013-10-10 04:25:27 ----A---- C:\Windows\system32\d2d1.dll 2013-10-10 04:25:25 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-10 04:25:25 ----A---- C:\Windows\system32\atmfd.dll 2013-10-10 04:25:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-10 04:25:24 ----A---- C:\Windows\system32\atmlib.dll 2013-10-10 04:25:23 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2013-10-10 04:25:23 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2013-10-10 04:25:21 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-10 04:25:21 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-10 04:25:20 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 04:25:20 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 04:25:19 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-10 04:25:19 ----A---- C:\Windows\system32\comctl32.dll 2013-10-07 09:26:33 ----D---- C:\Users\Peter\AppData\Roaming\OpenOffice 2013-10-07 09:25:09 ----D---- C:\Program Files (x86)\OpenOffice 4 2013-09-15 17:01:35 ----D---- C:\Studietoelage aanvraag Maité Willem 2013 2013-09-14 12:00:43 ----D---- C:\Users\Peter\AppData\Roaming\Zeon 2013-09-11 06:10:24 ----A---- C:\Windows\system32\themeui.dll 2013-09-11 06:10:23 ----A---- C:\Windows\SYSWOW64\themeui.dll 2013-09-05 00:43:42 ----A---- C:\Windows\system32\drivers\avgrkx64.sys 2013-09-02 20:49:11 ----D---- C:\Temp 2013-08-28 04:27:12 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-28 04:27:12 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-22 21:31:56 ----D---- C:\Users\Peter\AppData\Roaming\vlc 2013-08-21 19:18:30 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-08-21 19:15:11 ----D---- C:\Users\Peter\AppData\Roaming\PerformerSoft 2013-08-21 19:14:39 ----D---- C:\Users\Peter\AppData\Roaming\Mozilla 2013-08-21 19:14:35 ----D---- C:\ProgramData\Babylon ======List of files/folders modified in the last 3 months====== 2013-11-14 21:42:26 ----D---- C:\Windows\Temp 2013-11-14 21:41:29 ----D---- C:\Windows\Prefetch 2013-11-14 21:40:55 ----D---- C:\Film downloads 2013-11-14 21:25:43 ----D---- C:\ProgramData\MFAData 2013-11-14 21:21:45 ----D---- C:\Muziek downloads 2013-11-14 21:20:58 ----D---- C:\Windows\system32\Tasks 2013-11-13 21:38:33 ----SHD---- C:\Windows\Installer 2013-11-13 06:17:24 ----D---- C:\Windows\rescache 2013-11-13 05:59:09 ----D---- C:\Windows\SysWOW64 2013-11-13 05:59:08 ----D---- C:\Windows\System32 2013-11-13 05:59:07 ----D---- C:\Windows\SYSWOW64\migration 2013-11-13 05:59:07 ----D---- C:\Program Files\Internet Explorer 2013-11-13 05:59:06 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-11-13 05:59:06 ----D---- C:\Windows\system32\nl-NL 2013-11-13 05:59:06 ----D---- C:\Windows\system32\migration 2013-11-13 05:59:06 ----D---- C:\Windows\AppPatch 2013-11-13 05:59:05 ----D---- C:\Windows\system32\drivers 2013-11-13 05:25:02 ----D---- C:\ProgramData\Microsoft Help 2013-11-13 05:23:35 ----D---- C:\Windows\winsxs 2013-11-13 05:23:16 ----D---- C:\Windows\system32\catroot 2013-11-13 05:23:11 ----D---- C:\Windows\system32\MRT 2013-11-13 05:21:12 ----D---- C:\Windows\Debug 2013-11-13 05:21:09 ----A---- C:\Windows\system32\mrt.exe 2013-11-13 05:19:00 ----SHD---- C:\System Volume Information 2013-11-13 05:04:52 ----D---- C:\Windows\system32\catroot2 2013-11-13 04:46:16 ----D---- C:\Users\Peter\AppData\Roaming\Vso 2013-11-12 21:53:08 ----RD---- C:\Program Files 2013-11-12 15:20:35 ----D---- C:\Windows\system32\config 2013-11-12 15:20:31 ----D---- C:\Windows\Tasks 2013-11-12 15:20:31 ----D---- C:\Windows\system32\spool 2013-11-12 15:20:31 ----D---- C:\Windows\system32\Msdtc 2013-11-12 15:20:31 ----D---- C:\Windows\system32\CodeIntegrity 2013-11-12 15:20:30 ----D---- C:\Windows\system32\wbem 2013-11-12 15:20:30 ----D---- C:\Windows\registration 2013-11-12 15:20:30 ----D---- C:\Windows\inf 2013-11-12 15:20:30 ----D---- C:\Windows 2013-11-12 15:20:30 ----D---- C:\Program Files (x86)\Protected Search 2013-11-11 15:26:40 ----D---- C:\Program Files (x86)\Advanced System Protector 2013-11-09 17:17:10 ----D---- C:\Users\Peter\AppData\Roaming\Systweak 2013-11-09 17:17:10 ----D---- C:\ProgramData\Systweak 2013-11-07 21:33:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-06 21:46:48 ----RD---- C:\Program Files (x86) 2013-11-06 03:18:16 ----D---- C:\Windows\Minidump 2013-11-06 03:18:12 ----D---- C:\Program Files\Google 2013-11-06 03:18:12 ----D---- C:\Program Files (x86)\Google 2013-11-06 03:16:43 ----HD---- C:\ProgramData 2013-11-06 01:33:51 ----D---- C:\Windows\Panther 2013-11-06 01:29:25 ----RD---- C:\Windows\Offline Web Pages 2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\wbem 2013-11-06 01:29:20 ----SD---- C:\Windows\Downloaded Program Files 2013-11-05 19:40:25 ----D---- C:\Program Files (x86)\Advanced System Optimizer 3 2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013 2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-05 06:14:03 ----D---- C:\ProgramData\ScanSoft 2013-11-05 06:13:56 ----D---- C:\Program Files (x86)\Common Files 2013-11-05 05:17:19 ----D---- C:\Windows\SYSWOW64\drivers 2013-11-02 08:17:16 ----D---- C:\Program Files (x86)\ExpressFiles 2013-11-01 10:16:52 ----D---- C:\Users\Peter\AppData\Roaming\Uniblue 2013-11-01 10:16:51 ----D---- C:\Program Files (x86)\Uniblue 2013-11-01 10:10:12 ----D---- C:\Windows\SoftwareDistribution 2013-11-01 09:49:26 ----D---- C:\Windows\SYSWOW64\RTCOM 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkAPO64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkApi64.dll 2013-11-01 09:46:35 ----D---- C:\ProgramData\NVIDIA 2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvd3dumx.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvapi64.dll 2013-11-01 09:09:59 ----D---- C:\Windows\Logs 2013-11-01 09:09:58 ----D---- C:\ProgramData\VSO 2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\Nero 2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\HpUpdate 2013-10-28 06:41:06 ----D---- C:\Windows\Microsoft.NET 2013-10-28 06:16:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-27 16:52:00 ----D---- C:\Windows\SYSWOW64\en-US 2013-10-27 16:51:59 ----D---- C:\Windows\system32\en-US 2013-10-20 16:13:05 ----D---- C:\ProgramData\TuneUp Software 2013-10-19 00:44:56 ----D---- C:\Acv 2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvsvc64.dll 2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvcpl.dll 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvvsvc.exe 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvshext.dll 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvmctray.dll 2013-10-11 15:38:12 ----A---- C:\Windows\system32\TURegOpt.exe 2013-10-11 15:38:08 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll 2013-10-11 15:38:08 ----A---- C:\Windows\SYSWOW64\authuitu.dll 2013-10-11 15:38:08 ----A---- C:\Windows\system32\uxtuneup.dll 2013-10-11 15:38:08 ----A---- C:\Windows\system32\authuitu.dll 2013-10-10 05:46:10 ----RSD---- C:\Windows\assembly 2013-10-10 05:25:39 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-09 17:12:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-10-07 09:25:25 ----RSD---- C:\Windows\Fonts 2013-10-07 09:24:45 ----D---- C:\Program Files (x86)\OpenOffice.org 3 2013-10-05 21:31:48 ----D---- C:\Mike 2013-09-22 13:23:05 ----D---- C:\Program Files (x86)\DVDFab 9 2013-09-22 13:23:03 ----D---- C:\Users\Peter\AppData\Roaming\DVDFab9 2013-09-19 04:44:11 ----D---- C:\ProgramData\Wincert 2013-09-03 13:35:10 ----N---- C:\Windows\system32\MpSigStub.exe 2013-08-25 11:59:09 ----D---- C:\Windows\system 2013-08-24 13:47:09 ----D---- C:\Program Files (x86)\SMINST ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880] R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2012-04-08 568600] R0 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2013-07-26 123704] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-19 503352] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-05-21 45856] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/19 15:47:50]; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-03-19 146928] R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip64.sys [2013-06-19 30056] R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys [2009-02-18 487936] R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-02-18 37888] R3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2011-10-20 322760] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-01 3641688] R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver; C:\Windows\system32\DRIVERS\jmccgp.sys [2013-07-26 17136] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-03 1885792] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 12537632] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880] R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200] R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 168960] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144] S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-26 250984] S3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS [2013-07-26 52224] S3 ST50220;Sonix ST50220 USB Video Camera Driver; C:\Windows\System32\Drivers\ST50220.sys [2008-05-29 44544] S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232] S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-10 38400] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-11-07 166352] R2 ASO3DiskOptimizer;ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2012-09-07 263520] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-09-04 1432080] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136] R2 Brother XP spl Service;BrSplService; C:\Windows\SysWOW64\brsvc01a.exe [2004-06-14 57344] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208] R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-15 922912] R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-11-01 288472] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-10-11 2409272] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464] S2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-05-30 16000] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648] S3 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 30798512] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 27648] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-22 1012344] S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648] S4 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2008-12-09 242424] S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728] S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random)Run by Peter at 2013-11-12 21:53:08 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 378 GB (54%) free of 699 GB Total RAM: 8182 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:54:35, on 12/11/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\ExpressFiles\EFUpdater.exe C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Peter.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=93&bd=Pavilion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Searchya Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Ask Toolbar BHO - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: (no name) - {6e47d688-85ec-465a-9946-ec58220f14fc} - (no file) O3 - Toolbar: Ask Toolbar - {4849502D-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll" (file missing) O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe O4 - HKLM\..\Run: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [brMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: ASO3DiskOptimizer - Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13862 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=aee76b64-a761-4952-800d-b047f1e4e360 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\cb85be25-8c3f-4e23-b09c-192ee331d020-298-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 wininit.exe C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" C:\Windows\system32\svchost.exe -k NetworkService taskeng.exe {A0FEF26B-B3DB-4944-8A6D-79087EE67DE8} C:\Windows\SysWOW64\brsvc01a.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe" "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" brss01a.exe "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" C:\Windows\SysWOW64\svchost.exe -k netsvcs "C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe" "C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe" "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=5d2c1057-b888-4439-8115-1e189fe03b3b /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\354b5a3e-f443-4069-ae59-a345ebe98833-cd8-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" "C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray C:\Windows\Explorer.EXE "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun "C:\Windows\ehome\ehtray.exe" "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" C:\Windows\ehome\ehmsas.exe -Embedding "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS taskeng.exe {A87DE60A-CC7B-455D-B945-AAABA0A81217} "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "C:\Program Files (x86)\ExpressFiles\EFUpdater.exe" "C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe" taskeng.exe {405A74FF-5A6E-46A8-802A-FEC17A23F4D8} "C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 4160 "C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3828 C:\Program Files\Windows Sidebar\sidebar.exe /autoRun C:\Program Files\Windows Sidebar\sidebar.exe /autoRun C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe" "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe" "c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" "C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="6728.0.380038114\1279287436" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6728.1.735603423\1253062332" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6728.2.1231423720\1276455827" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0603 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3158 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="6728.4.1611834849\1035779062" /prefetch:673131151 "C:\Film downloads\RSITx64.exe" "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job C:\Windows\tasks\ASO-OneClickCare.job C:\Windows\tasks\Driver Booster Update.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HPCeeScheduleForPeter.job C:\Windows\tasks\PCDRScheduledMaintenance.job C:\Windows\tasks\SpeedUpMyPC.job C:\Windows\tasks\spmonitor.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-01 2486592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4849502D-5637-006A-76A7-7A786E7484D7}] Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\Windows\system32\mscoree.dll [2009-11-08 444752] {4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport_x64.dll [2013-11-07 13776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {6e47d688-85ec-465a-9946-ec58220f14fc} {4849502D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\HIP-V7\Passport.dll [2013-11-07 12240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184] "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600] "SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-03-05 915512] "IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-04 186904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616] "Akamai NetSession Interface"=C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472] "Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2013-05-30 122984] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "KBD"=C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE [2008-07-21 12288] "OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2008-10-13 281600] "UpdateP2GoShortCut"=c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdateLBPShortCut"=c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePDIRShortCut"=c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408] "UpdatePSTShortCut"=c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\MUITransfer\MUIStartMenu.exe [2009-02-02 210216] "TSMAgent"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2009-04-09 1328424] "CLMLServer for HP TouchSmart"=c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-04-09 185640] "DVDAgent"=c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-03-19 1148200] "NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-03 1406248] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2009-01-09 114688] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-01-19 1150976] "DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30 1517640] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-11-07 1707472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 6669000] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-06-19 52272] "UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= [] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-03-08 4171464] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "EnableLinkedConnections"=1 "HideFastUserSwitching"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "ForceActiveDesktopOn"=0 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\academy-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bejeweledtwist-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blasterball3-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\buildalot2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chocolatier-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chuzzle-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deathonthenile-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\diner dash-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dinerdash2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\farm-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fate-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\golf-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\insaniquarium-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jewelquest3-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\labelprint.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mahjong_artifacts-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onplay.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdr5cuiw32.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pdr.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pegglenights-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\penguins-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polar-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\polarpool-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regcleanpro.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\slingo-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stoneloops-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sump.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tradewindscaravans-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\turbopizza-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins001.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtual villagers - the secret city-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virtualvillagers-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wedding dash-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winbej2-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zuma-wt.exe] "Debugger=""C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "wave2"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .cmd - open - NOTEPAD.EXE %1 .vbs - open - NOTEPAD.EXE %1 ======List of files/folders created in the last 1 month====== 2013-11-12 21:53:08 ----D---- C:\rsit 2013-11-12 21:53:08 ----D---- C:\Program Files\trend micro 2013-11-06 21:46:48 ----D---- C:\Program Files (x86)\Internet Explorer 2013-11-06 21:43:15 ----A---- C:\Windows\system32\jsproxy.dll 2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2013-11-06 21:43:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2013-11-06 21:43:14 ----A---- C:\Windows\system32\iepeers.dll 2013-11-06 21:43:14 ----A---- C:\Windows\system32\ieapfltr.dll 2013-11-06 21:43:14 ----A---- C:\Windows\system32\corpol.dll 2013-11-06 21:43:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-11-06 21:43:13 ----A---- C:\Windows\SYSWOW64\corpol.dll 2013-11-06 21:43:13 ----A---- C:\Windows\system32\url.dll 2013-11-06 21:43:13 ----A---- C:\Windows\system32\mshtmled.dll 2013-11-06 21:43:13 ----A---- C:\Windows\system32\iertutil.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\url.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-11-06 21:43:12 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-11-06 21:43:12 ----A---- C:\Windows\system32\wininet.dll 2013-11-06 21:43:12 ----A---- C:\Windows\system32\urlmon.dll 2013-11-06 21:43:12 ----A---- C:\Windows\system32\msfeeds.dll 2013-11-06 21:43:12 ----A---- C:\Windows\system32\ieui.dll 2013-11-06 21:43:11 ----A---- C:\Windows\SYSWOW64\mstime.dll 2013-11-06 21:43:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-11-06 21:43:11 ----A---- C:\Windows\system32\mstime.dll 2013-11-06 21:43:11 ----A---- C:\Windows\system32\mshtml.dll 2013-11-06 21:43:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-11-06 21:43:09 ----A---- C:\Windows\system32\ieframe.dll 2013-11-06 03:25:29 ----D---- C:\Program Files\Unlocker 2013-11-05 05:36:38 ----A---- C:\Windows\system32\avgrep.txt 2013-11-05 05:34:09 ----A---- C:\Windows\ntbtlog.txt 2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRVOff.ini 2013-11-05 05:17:19 ----A---- C:\Windows\SYSWOW64\HideMyIpSRV.ini 2013-11-05 05:17:19 ----A---- C:\Windows\system32\HideMyIpSRVOff.ini 2013-11-05 05:17:19 ----A---- C:\Windows\system32\drivers\hmip64.sys 2013-11-05 04:11:04 ----D---- C:\ProgramData\AskPartnerNetwork 2013-11-05 04:11:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork 2013-11-05 04:03:24 ----D---- C:\ProgramData\APN 2013-11-01 12:44:51 ----D---- C:\Users\Peter\AppData\Roaming\Nico Mak Computing 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtPgEx64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtDataProc64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys 2013-11-01 09:49:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT 2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoRes64.dat 2013-11-01 09:49:09 ----A---- C:\Windows\system32\RCoInstII64.dll 2013-11-01 09:49:07 ----A---- C:\Windows\system32\FMAPO64.dll 2013-11-01 09:49:07 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvwgf2umx.dll 2013-11-01 09:45:27 ----A---- C:\Windows\system32\nvopencl.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvoglv64.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispgenco6433158.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvdispco6433158.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvid.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvcuvenc.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2013-11-01 09:45:25 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcuda.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvcompiler.dll 2013-11-01 09:25:40 ----A---- C:\Windows\system32\SmartDefragBootTime.exe 2013-11-01 09:20:44 ----A---- C:\Windows\system32\PROUnstl.exe 2013-11-01 09:15:33 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys 2013-11-01 09:10:03 ----A---- C:\Windows\system32\drivers\mbam.sys 2013-11-01 08:45:52 ----D---- C:\Users\Peter\AppData\Roaming\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 08:45:52 ----D---- C:\ProgramData\C__Program Files (x86)_HideIPEasy_HideIPEasy.exe 2013-11-01 08:38:00 ----D---- C:\Users\Peter\AppData\Roaming\Apple Computer 2013-11-01 08:37:59 ----D---- C:\ProgramData\ProductData 2013-11-01 08:37:55 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2013-11-01 08:37:53 ----D---- C:\Users\Peter\AppData\Roaming\IObit 2013-11-01 08:37:53 ----D---- C:\ProgramData\IObit 2013-11-01 08:37:45 ----D---- C:\Program Files (x86)\IObit 2013-10-31 22:52:10 ----A---- C:\autoexec.bat 2013-10-31 22:51:49 ----D---- C:\Program Files (x86)\Enigma Software Group 2013-10-31 22:51:01 ----D---- C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP 2013-10-27 16:46:50 ----D---- C:\ProgramData\Package Cache 2013-10-26 14:46:46 ----D---- C:\Users\Peter\AppData\Roaming\HideIPEasy 2013-10-26 14:46:46 ----D---- C:\ProgramData\HideIPEasy 2013-10-24 04:53:40 ----D---- C:\Users\Peter\AppData\Roaming\7952 ======List of files/folders modified in the last 1 month====== 2013-11-12 21:53:20 ----D---- C:\Windows\Temp 2013-11-12 21:53:19 ----D---- C:\Windows\Prefetch 2013-11-12 21:53:08 ----RD---- C:\Program Files 2013-11-12 21:52:13 ----D---- C:\Film downloads 2013-11-12 21:47:20 ----D---- C:\Users\Peter\AppData\Roaming\Vso 2013-11-12 21:47:10 ----D---- C:\Users\Peter\AppData\Roaming\vlc 2013-11-12 21:37:47 ----D---- C:\ProgramData\MFAData 2013-11-12 15:20:35 ----D---- C:\Windows\system32\config 2013-11-12 15:20:31 ----D---- C:\Windows\Tasks 2013-11-12 15:20:31 ----D---- C:\Windows\system32\spool 2013-11-12 15:20:31 ----D---- C:\Windows\system32\Msdtc 2013-11-12 15:20:31 ----D---- C:\Windows\system32\CodeIntegrity 2013-11-12 15:20:31 ----D---- C:\Windows\system32\catroot2 2013-11-12 15:20:31 ----D---- C:\Windows\System32 2013-11-12 15:20:30 ----D---- C:\Windows\system32\wbem 2013-11-12 15:20:30 ----D---- C:\Windows\registration 2013-11-12 15:20:30 ----D---- C:\Windows\inf 2013-11-12 15:20:30 ----D---- C:\Windows 2013-11-12 15:20:30 ----D---- C:\Program Files (x86)\Protected Search 2013-11-12 06:24:32 ----D---- C:\Windows\system32\Tasks 2013-11-11 15:26:40 ----D---- C:\Program Files (x86)\Advanced System Protector 2013-11-11 15:24:11 ----SHD---- C:\System Volume Information 2013-11-09 17:17:10 ----D---- C:\Users\Peter\AppData\Roaming\Systweak 2013-11-09 17:17:10 ----D---- C:\ProgramData\Systweak 2013-11-08 06:15:12 ----SHD---- C:\Windows\Installer 2013-11-07 21:33:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-11-06 21:46:48 ----RD---- C:\Program Files (x86) 2013-11-06 21:46:48 ----D---- C:\Windows\SYSWOW64\migration 2013-11-06 21:46:48 ----D---- C:\Windows\SysWOW64 2013-11-06 21:46:48 ----D---- C:\Windows\system32\migration 2013-11-06 21:46:48 ----D---- C:\Program Files\Internet Explorer 2013-11-06 21:46:47 ----D---- C:\Windows\AppPatch 2013-11-06 21:45:13 ----D---- C:\Windows\winsxs 2013-11-06 21:44:48 ----D---- C:\Windows\system32\catroot 2013-11-06 03:18:16 ----D---- C:\Windows\Minidump 2013-11-06 03:18:12 ----D---- C:\Program Files\Google 2013-11-06 03:18:12 ----D---- C:\Program Files (x86)\Google 2013-11-06 03:16:43 ----HD---- C:\ProgramData 2013-11-06 02:27:57 ----D---- C:\Windows\rescache 2013-11-06 01:33:51 ----D---- C:\Windows\Panther 2013-11-06 01:29:25 ----RD---- C:\Windows\Offline Web Pages 2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\wbem 2013-11-06 01:29:25 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-11-06 01:29:23 ----D---- C:\Windows\system32\nl-NL 2013-11-06 01:29:20 ----SD---- C:\Windows\Downloaded Program Files 2013-11-05 19:40:25 ----D---- C:\Program Files (x86)\Advanced System Optimizer 3 2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013 2013-11-05 19:40:24 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-05 06:14:03 ----D---- C:\ProgramData\ScanSoft 2013-11-05 06:13:56 ----D---- C:\Program Files (x86)\Common Files 2013-11-05 05:17:19 ----D---- C:\Windows\SYSWOW64\drivers 2013-11-05 05:17:19 ----D---- C:\Windows\system32\drivers 2013-11-02 08:17:16 ----D---- C:\Program Files (x86)\ExpressFiles 2013-11-01 10:16:52 ----D---- C:\Users\Peter\AppData\Roaming\Uniblue 2013-11-01 10:16:51 ----D---- C:\Program Files (x86)\Uniblue 2013-11-01 10:10:12 ----D---- C:\Windows\SoftwareDistribution 2013-11-01 10:01:11 ----D---- C:\Windows\Debug 2013-11-01 09:49:26 ----D---- C:\Windows\SYSWOW64\RTCOM 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkAPO64.dll 2013-11-01 09:49:10 ----A---- C:\Windows\system32\RtkApi64.dll 2013-11-01 09:46:37 ----D---- C:\Temp 2013-11-01 09:46:35 ----D---- C:\ProgramData\NVIDIA 2013-11-01 09:45:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2013-11-01 09:45:26 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2013-11-01 09:45:26 ----A---- C:\Windows\system32\nvd3dumx.dll 2013-11-01 09:45:25 ----A---- C:\Windows\system32\nvapi64.dll 2013-11-01 09:09:59 ----D---- C:\Windows\Logs 2013-11-01 09:09:58 ----D---- C:\ProgramData\VSO 2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\Nero 2013-10-29 22:43:03 ----D---- C:\Users\Peter\AppData\Roaming\HpUpdate 2013-10-28 06:41:06 ----D---- C:\Windows\Microsoft.NET 2013-10-28 06:16:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-27 16:52:00 ----D---- C:\Windows\SYSWOW64\en-US 2013-10-27 16:51:59 ----D---- C:\Windows\system32\en-US 2013-10-27 07:34:10 ----D---- C:\Muziek downloads 2013-10-20 16:13:05 ----D---- C:\ProgramData\TuneUp Software 2013-10-19 00:44:56 ----D---- C:\Acv 2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvsvc64.dll 2013-10-15 22:47:39 ----A---- C:\Windows\system32\nvcpl.dll 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvvsvc.exe 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvshext.dll 2013-10-15 22:47:36 ----A---- C:\Windows\system32\nvmctray.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880] R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2012-04-08 568600] R0 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2013-07-26 123704] R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-19 503352] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-05-21 45856] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/19 15:47:50]; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-03-19 146928] R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip64.sys [2013-06-19 30056] R3 AVER_H193;AVerMedia H193 Video Capture; C:\Windows\system32\drivers\AVer888RC_64.sys [2009-02-18 487936] R3 CXCIR;AVerMedia Consumer Infrared Receiver; C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [2009-02-18 37888] R3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2011-10-20 322760] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-01 3641688] R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver; C:\Windows\system32\DRIVERS\jmccgp.sys [2013-07-26 17136] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-03 1885792] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-11-01 12537632] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880] R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 99200] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 168960] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144] S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-07-26 250984] S3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS [2013-07-26 52224] S3 ST50220;Sonix ST50220 USB Video Camera Driver; C:\Windows\System32\Drivers\ST50220.sys [2008-05-29 44544] S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232] S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-10 38400] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-11-07 166352] R2 ASO3DiskOptimizer;ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2012-09-07 263520] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-09-04 1432080] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136] R2 Brother XP spl Service;BrSplService; C:\Windows\SysWOW64\brsvc01a.exe [2004-06-14 57344] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648] R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208] R2 HPBtnSrv;HP Easy Backup Button Service; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-09-30 192512] R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-15 922912] R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-11-01 288472] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-10-11 2409272] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648] S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464] S2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-05-30 16000] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-11 116648] S3 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-04 354840] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-08 30798512] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 27648] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-22 1012344] S4 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648] S4 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2008-12-09 242424] S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728] S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------