65Hans

Sinds enkele dagen krijg ik onderstaande foutmelding wanneer ik emails wil openen op mijn laptop. Zelfs als ik mijn gebruikersnaam en wachtwoord opnieuw instel.

Nochtans is er niets veranderd aan mijn instellingen of paswoorden. Alleen gebruik ik gmail al een tijdje niet meer.

Op mijn smartphone openen de mails wel nog.

 

"Voor het account Gmail (*********) kunnen geen berichten verzonden of ontvangen worden. Het downloaden van kopteksten voor de map Postvak IN is niet voltooid. De server heeft de verbinding onverwachts verbroken. Mogelijke oorzaken zijn problemen met de server, netwerkproblemen of te lange inactiviteit.

 

Reactie van server: De IMAP-opdracht kan niet naar de server worden verzonden, vanwege fouten die geen verband houden met het netwerk. Dit kan bijvoorbeeld wijzen op onvoldoende geheugen op het systeem.

Server: 'imap.gmail.com'

Windows Live Mail-fout-id: 0x800CCC0E

Protocol: IMAP

Poort: 993

Beveiligd(SSL): Ja

 

Voor het account Telenet (*********02) kunnen geen berichten verzonden of ontvangen worden. Er is een onjuiste gebruikersnaam voor e-mail ingevoerd. De volgende keer dat er berichten worden verzonden of ontvangen, moet een gebruikersnaam en wachtwoord voor dit account worden ingevoerd.

 

Serverfout: 0x800CCC90

Reactie van server: -ERR No POP server defined. Use real server address instead of 127.0.0.1 in your account.

Server: 'in.telenet.be'

Windows Live Mail-fout-id: 0x800CCC91

Protocol: POP3

Poort: 110

Beveiligd(SSL): Nee"

Alvast van harte bedankt voor de vlotte hulp.

De laptop werkt inmiddels weer even vlot als voorheen.

 

Mvg

Hans

Hieronder het verkregen logbestand.

AdwCleanerS0.txt

Het bekomen zoek log bestand.

 

 

zoek-results.log

Hierbij voeg ik het log bestandje.

log.txt

Bedankt voor de vlotte hulp.

Nu werkt hij weer normaal. Ik zal er in het vervolg op letten java op tijd te updaten.

 

Doe ik nu nog best een malware scan om eventuele infecties op te sporen?

En zo ja, welke kan ik dan best gebruiken?

 

Mvg

Hans

Sorry,

 

Alvast bedankt,

 

mvg

Tweede poging.

log.txt

Hierbij het logbestand :

Sedert enkele dagen is mijn laptop extreem traag. Dit ontstond nadat ik hem opstartte nadat de batterij volledig leeg was.

Hij start nu wel normaal op, maar bij opstarten google chrome reageert hij niet. Wel met IE, maar het duurt langer dan normaal. En dan blijft de cursor constant draaien alsof hij steeds bezig is met iets op de achtergrond. Ook bij de emails opent hij geen aangeklikte linken.

Ook andere programma's reageren heel traag bij openen. De cursor blijft bezig.

Ik heb al systeemherstel gedaan, maar dit brengt geen oplossing.

 

Na scannen met AVG komen geen problemen voor.

Ook cc-cleaner brengt geen soelaas.

Ook afsluiten duurt extreem lang.

En de batterij gaat nu slechts een half uur mee, terwijl die het daarvoor nog anderhalf à twee uur uithield.

 

Wat kan hier de oorzaak zijn?

 

Dank bij voorbaat,

Mvg

Hans

Ik heb nu google chrome als browser geïnstalleerd en dit verloopt nu heel vlot. Ook bij IE verloopt alles vlot.

Het zal dus inderdaad een probleem van firefox geweest zijn.

Ik zal voorlopig wel nog niet direct firefox opnieuw installeren.

Alvast heel erg bedankt voor de hulp.

Mvg

Hans

Ik zal inderdaad een andere browser proberen. Eventueel firefox de-installeren en opnieuw installeren.

Nu weet ik toch zeker dat het niet aan malware ligt.

Alvast heel erg bedankt voor de moeite.

Mvg

Hans

Het probleem is helaas nog niet verholpen.

Misschien ligt et aan mozilla firefox zelf?

Emsisoft Anti-Malware - Versie 9.0

Laatste Update: 11/11/2014 17:54:17

Gebruikersaccount: Hans-PC\Hans

Scaninstellingen:

Scanmodus: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, E:\, Q:\

Detecteer PUPs: Aan

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 11/11/2014 17:57:09

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Ontdekt: Setting.NoFolderOptions (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Ontdekt: Setting.DisableTaskMgr (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Ontdekt: Setting.DisableRegistryTools (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Ontdekt: Setting.NoRun (A)

Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir Ontdekt: Adware.Generic.1027643 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir Ontdekt: Adware.Generic.1027643 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir Ontdekt: Adware.Generic.1022920 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir Ontdekt: Trojan.Generic.11531027 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir Ontdekt: Gen:Variant.Adware.BHO.Agent.4 (

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Ontdekt: Gen:Adware.Heur.im9@gniZLef (

Gescand: 370017

Gevonden: 14

Scan geëindigd: 11/11/2014 20:24:20

Scantijd: 2:27:11

Mvg

Hans

- - - Updated - - -

2e maal dit logbestand, nu na quarantaine.

Emsisoft Anti-Malware - Versie 9.0

Laatste Update: 11/11/2014 17:54:17

Gebruikersaccount: Hans-PC\Hans

Scaninstellingen:

Scanmodus: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, E:\, Q:\

Detecteer PUPs: Aan

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 11/11/2014 17:57:09

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Ontdekt: Setting.NoFolderOptions (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Ontdekt: Setting.DisableTaskMgr (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Ontdekt: Setting.DisableRegistryTools (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Ontdekt: Setting.NoRun (A)

Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir Ontdekt: Adware.Generic.1027643 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir Ontdekt: Adware.Generic.1027643 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir Ontdekt: Adware.Generic.1022920 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir Ontdekt: Trojan.Generic.11531027 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir Ontdekt: Gen:Variant.Adware.BHO.Agent.4 (

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Ontdekt: Gen:Adware.Heur.im9@gniZLef (

Gescand: 370017

Gevonden: 14

Scan geëindigd: 11/11/2014 20:24:20

Scantijd: 2:27:11

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll In quarantaine geplaatst Gen:Adware.Heur.im9@gniZLef (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\melondreaBHO.dll.vir In quarantaine geplaatst Gen:Variant.Adware.BHO.Agent.4 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.FFUpdate.dll.vir In quarantaine geplaatst Trojan.Generic.11531027 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\plugins\melondrea.BrowserFilterG.dll.vir In quarantaine geplaatst Adware.Generic.1022920 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.vir In quarantaine geplaatst Adware.Generic.1027643 (

C:\AdwCleaner\Quarantine\C\Program Files (x86)\melondrea\bin\melondrea.BrowserFilter.Helper.dll.old.e2e86ed0-e2f2-4c2f-af1f-099301e1e581.vir In quarantaine geplaatst Adware.Generic.1027643 (

Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A)

Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} In quarantaine geplaatst Application.Win32.InstallAd (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN In quarantaine geplaatst Setting.NoRun (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS In quarantaine geplaatst Setting.DisableRegistryTools (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR In quarantaine geplaatst Setting.DisableTaskMgr (A)

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS In quarantaine geplaatst Setting.NoFolderOptions (A)

In quarantaine geplaatst 13

Het lijkt opgelost.

Mijn startpagina is wel gewijzigd naar google. De filmpjes werken weer normaal.

Toch lukt het nog niet op Yelo tv te bekijken. Die blijft flikkeren. Ook het typen blijft met vertraging.

mvg

Hans

Hieronder het bekomen logbestandje :

Zoek.exe v5.0.0.0 Updated 10-November-2014

Tool run by Hans on di 11/11/2014 at 8:01:54,64.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Hans\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-11-06-201958.log 431 bytes

C:\zoek-results2014-11-08-175522.log 38081 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.nieuwsblad.be/");

Added to C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default\prefs.js:

Added to C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Hans\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Hans\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-11-06 20:06:04 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-11-03 17:59:45 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-11-03 17:59:45 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-11-03 17:59:45 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-11-03 17:59:45 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-11-03 17:59:45 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-11-03 17:59:45 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-03 17:59:45 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-11-03 17:59:45 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-11-03 17:59:45 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-11-03 17:59:44 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-11-03 17:59:43 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-11-03 17:59:43 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-11-03 17:59:43 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-11-03 17:59:43 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-11-03 17:59:42 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-11-03 17:59:41 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-11-03 17:59:41 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-11-03 17:59:41 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-11-03 17:59:40 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-11-03 17:59:40 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-11-03 17:59:40 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-11-03 17:59:40 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-11-03 17:59:40 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-11-03 17:59:40 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-11-03 17:59:40 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-11-03 17:59:07 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll

2014-11-03 17:59:07 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll

2014-11-03 17:59:07 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll

2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\SysWOW64\locale.nls

2014-11-03 17:59:02 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL

2014-11-03 17:59:02 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL

2014-11-03 17:59:02 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL

2014-11-03 17:59:02 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL

2014-11-03 17:59:02 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL

2014-11-03 17:58:45 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-11-03 17:58:44 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll

2014-11-03 17:58:44 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-11-03 17:58:44 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll

2014-11-03 17:58:44 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-11-03 17:58:28 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-11-03 17:57:18 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll

2014-11-03 17:57:13 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-11-03 17:59:45 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-11-03 17:59:45 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-11-03 17:59:45 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-11-03 17:59:45 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-11-03 17:59:43 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-11-03 17:59:43 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-11-03 17:59:42 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-11-03 17:59:41 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-11-03 17:59:41 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-11-03 17:59:41 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-11-03 17:59:41 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-11-03 17:59:41 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-11-03 17:59:40 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-11-03 17:59:39 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-11-03 17:59:39 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-11-03 17:59:39 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-11-03 17:59:39 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-11-03 17:59:38 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-11-03 17:59:38 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-11-03 17:59:38 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-11-03 17:59:37 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-11-03 17:59:37 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-11-03 17:59:37 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-11-03 17:59:36 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-11-03 17:59:36 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-11-03 17:59:35 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-11-03 17:59:07 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll

2014-11-03 17:59:07 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll

2014-11-03 17:59:07 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll

2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\Sysnative\locale.nls

2014-11-03 17:59:02 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL

2014-11-03 17:59:02 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL

2014-11-03 17:59:02 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL

2014-11-03 17:59:02 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL

2014-11-03 17:59:02 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL

2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys

2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-11-03 17:58:45 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll

2014-11-03 17:58:45 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-11-03 17:58:44 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll

2014-11-03 17:58:44 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-11-03 17:58:44 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-11-03 17:58:44 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll

2014-11-03 17:58:28 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll

2014-11-03 17:57:18 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll

2014-11-03 17:57:13 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll

====== C:\Windows\Sysnative\drivers =====

2014-11-10 17:01:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys

2014-11-10 17:00:31 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys

2014-11-10 17:00:31 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys

2014-11-10 17:00:31 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys

2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2014-11-06 20:05:24 -------- d-----w- C:\PROGRA~2\Java

======= C: =====

====== C:\Users\Hans\AppData\Roaming ======

2014-11-10 19:13:25 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieUserList

2014-11-10 19:13:19 -------- d-sh--w- C:\Users\Hans\AppData\Local\EmieUserList

2014-11-10 19:13:19 -------- d-sh--w- C:\Users\Hans\AppData\Local\EmieSiteList

2014-11-08 17:52:18 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-11-08 17:52:18 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-11-08 17:52:18 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp

2014-11-08 17:52:18 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-11-08 17:52:18 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-11-08 17:52:17 -------- d-----w- C:\Users\Hans\AppData\Local\Temp

2014-11-03 18:27:15 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieSiteList

2014-10-21 17:04:08 -------- d-----w- C:\Users\Hans\AppData\Roaming\Oracle

====== C:\Users\Hans ======

2014-11-10 16:59:10 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Hans\Downloads\mbam-setup-2.0.3.1025.exe

2014-11-09 07:47:49 92B980C37F4C56498C65265BE033E42D 2145792 ----a-w- C:\Users\Hans\Downloads\adwcleaner_4.100.exe

2014-11-06 20:05:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe

2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe

2014-10-29 21:23:45 7F8A0E628D3561287725FD1C77D1D773 2603176 ----a-w- C:\Users\Hans\Downloads\AdobeDownloadAssistant.exe

====== C: exe-files ==

2014-11-10 16:59:10 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Hans\Downloads\mbam-setup-2.0.3.1025.exe

2014-11-09 07:47:49 92B980C37F4C56498C65265BE033E42D 2145792 ----a-w- C:\Users\Hans\Downloads\adwcleaner_4.100.exe

2014-11-06 20:05:53 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe

2014-11-06 20:05:53 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe

2014-11-06 20:05:53 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe

2014-11-06 20:05:30 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe

2014-11-06 20:05:30 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe

2014-11-06 20:05:30 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe

2014-11-06 20:05:30 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe

2014-11-06 20:05:30 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe

2014-11-06 20:05:30 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe

2014-11-06 20:05:30 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe

2014-11-06 20:05:30 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe

2014-11-06 20:05:30 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe

2014-11-06 20:05:30 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe

2014-11-06 20:05:30 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe

2014-11-06 20:05:30 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe

2014-11-06 20:05:30 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe

2014-11-06 20:05:30 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe

2014-11-06 20:05:29 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe

2014-11-06 20:05:29 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe

2014-11-06 20:05:29 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe

2014-11-06 20:05:29 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe

2014-11-06 20:05:29 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe

2014-11-06 20:05:29 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe

2014-11-06 20:05:29 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe

2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe

2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe

=== C: other files ==

2014-11-10 19:16:04 EAEEA223DD0C5672DDDF88D14506E098 456886 ----a-w- C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YXHPT8ND\silverlightmediaelement[1].zip

2014-11-10 19:15:27 81092F7AF3400291C02CAB6E54D61B71 172220 ----a-w- C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9TTCWC43\RegisterDevice[1].zip

2014-11-10 17:01:04 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-11-10 17:00:31 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-11-10 17:00:31 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-11-10 17:00:31 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-11-06 20:05:30 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"

"Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"

"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"

"QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe"

"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

"NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"Ashampoo WinOptimizer Live-Tuner2"="C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe -TRAY"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeAAMUpdater-1.0"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeCS6ServiceManager"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCSSync"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CanonQuickMenu"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dell DataSafe Online"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Dell\\Dell Datasafe Online\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell Webcam Central]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dell Webcam Central"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell Webcam\\Dell Webcam Central\\WebcamDell2.exe\" /mode2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellStage"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Desktop Disc Tool"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Roxio\\OEM\\Roxio Burn\\RoxioBurnLauncher.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroLauncher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroLauncher"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Nero\\SyncUP\\NeroLauncher.exe 900"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="OfficeSyncProcess"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stage Remote]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Stage Remote"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Dell\\Stage Remote\\StageRemote.exe -Quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SwitchBoard"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/11/2014 20:20]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Hans-PC-Hans" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"]

"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"]

"C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

- Undetermined - %ProfilePath%\extensions\trash

ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default

- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash

D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin

FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin

==== Chromium Look ======================

Google Docs - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SiteAdvisor - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Chrome In-App Payments service - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Preferences

"urls_to_restore_on_startup": [ "http://www.google.com" ]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.nieuwsblad.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.nieuwsblad.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Hans\AppData\Local\Mozilla\Firefox\Profiles\h4jta6h1.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=133 folders=62 135988638 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Hans\AppData\Local\Temp will be emptied at reboot

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Hans\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 11/11/2014 at 9:20:16,82 ======================

Ik heb zojuist IE geprobeerd en daar doet het probleem zich niet voor. Het lijkt dus enkel een probleem te zijn met mozilla firefox.

Helpt dit?

Mvg,

Hans

Ik heb na de malware scan de laptop opnieuw opgestart, maar het probleem is nog niet opgelost.

Mvg,

Hans

- - - Updated - - -

Het probleem is begonnen nadat mijn dochter, op mijn laptop, op instagram en facebook foto's gedownload heeft.

Ikzelf gebruik nooit instagram en fb.

Misschien ligt daar ergens de oorzaak?

Mvg,

Hans

Dit is het log bestandje na de malware scan :

Malwarebytes Anti-Malware

Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 10/11/2014

Scan Time: 18:01:45

Logfile: MBAM scanlog.txt

Administrator: Yes

Version: 2.00.3.1025

Malware Database: v2014.11.10.07

Rootkit Database: v2014.11.10.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Hans

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 371732

Time Elapsed: 14 min, 33 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 2

PUP.Optional.Melondrea.A, HKLM\SOFTWARE\WOW6432NODE\melondrea, Quarantined, [839c8cae522a57dff2ade38218ebaa56],

PUP.Optional.Melondrea.A, HKU\S-1-5-21-3875126257-2785778885-3603230970-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\melondrea, Quarantined, [52cd2614dd9f5fd7217d194c867dc63a],

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 1

PUP.Optional.MindSpark.A, C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\MapsGalaxy_39, Quarantined, [a57a3901b5c7dc5ac8bad039a063669a],

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

Mvg

Hans

Wat raad jij aan als anti-virus en malware bestrijding?

Mvg

Hans

Jammer genoeg is er nog geen verbetering merkbaar. Als ik een videobeeld wil afspelen, verdwijnt het van het ogenblik dat ik erop ga met de cursor.

Ik kan het dan wel afspelen, maar het blijft zwart en nu en dan zie ik het beeld in een flits opflakkeren. Ook het typen blijft met vertraging. Het lijkt mij hetzelfde fenomeen als met de flikkerende beelden.

Mvg

Hans

Onderstaand logje is het resultaat van de adwcleaner. Ik kreeg wel een waarschuwing van AVG dat het om malware zou gaan.

# AdwCleaner v4.100 - Rapport aangemaakt 09/11/2014 op 08:55:43

# DB v2014-11-07.1

# Laatste Update 08/11/2014 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : Hans - HANS-PC

# Gestart vanuit : C:\Users\Hans\Downloads\adwcleaner_4.100.exe

# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\Extensions\Avg@toolbar

***** [ Taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\Superfish

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v33.0.3 (x86 nl)

-\\ Google Chrome v

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : hphibigbodkkohoglgfkddblldpfohjl

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kincjchfokkeneeofpeefomkikfkiedl

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc

[C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [1566 octets] - [06/03/2014 18:29:09]

AdwCleaner[R1].txt - [1759 octets] - [11/03/2014 21:12:32]

AdwCleaner[R2].txt - [5965 octets] - [09/11/2014 08:49:03]

AdwCleaner[s0].txt - [1606 octets] - [06/03/2014 18:37:30]

AdwCleaner[s1].txt - [1791 octets] - [11/03/2014 21:13:39]

AdwCleaner[s2].txt - [5956 octets] - [09/11/2014 08:55:43]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [6016 octets] ##########

Sorry, ik was blijkbaar te snel tevreden.

Hieronder het logje :

Zoek.exe v5.0.0.0 Updated 06-November-2014

Tool run by Hans on za 08/11/2014 at 18:29:32,64.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Hans\Downloads\zoek(2).exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-11-06-201958.log 431 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util melondrea deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater3.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater3.2.0 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

user.js not found

---- Lines mindspark removed from prefs.js ----

user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");

---- FireFox user.js and prefs.js backups ----

prefs_20140811_1844_.backup

ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20140811_1844_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG-Secure-Search-Update_0214c"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\melondrea not found

"C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe" not found

C:\ProgramData\AVG Security Toolbar deleted

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted

C:\PROGRA~3\AVG Secure Search deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\Hans\Downloads\avg_free_stb_all_2015_5315_cnet.exe deleted

C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\searchplugins\avg-secure-search.xml deleted

C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\extensions\trash\39ffxtbr@MapsGalaxy_39.com deleted

"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted

"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\3.2.0" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Hans\AppData\Local\Temp ====

====== Java Cache =====

2014-11-06 20:08:04 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-12420fbf

2014-11-06 20:07:53 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-186a753c

2014-11-06 20:07:53 DF0FFD480B89B5A571EA66201E0E36E6 424 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap

2014-11-06 20:07:52 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-239091d5

2014-11-06 20:07:53 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-591feb33

====== C:\Windows\SysWOW64 =====

2014-11-06 20:06:04 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-11-03 17:59:45 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-11-03 17:59:45 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2014-11-03 17:59:45 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-11-03 17:59:45 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-11-03 17:59:45 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2014-11-03 17:59:45 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-03 17:59:45 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-11-03 17:59:45 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-11-03 17:59:45 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2014-11-03 17:59:44 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-11-03 17:59:43 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-11-03 17:59:43 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-11-03 17:59:43 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-11-03 17:59:43 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-11-03 17:59:42 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-11-03 17:59:41 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-11-03 17:59:41 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2014-11-03 17:59:41 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-11-03 17:59:40 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-11-03 17:59:40 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-11-03 17:59:40 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-11-03 17:59:40 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2014-11-03 17:59:40 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-11-03 17:59:40 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2014-11-03 17:59:40 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-11-03 17:59:07 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll

2014-11-03 17:59:07 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll

2014-11-03 17:59:07 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll

2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\SysWOW64\locale.nls

2014-11-03 17:59:02 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL

2014-11-03 17:59:02 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL

2014-11-03 17:59:02 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL

2014-11-03 17:59:02 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL

2014-11-03 17:59:02 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL

2014-11-03 17:58:45 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll

2014-11-03 17:58:44 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll

2014-11-03 17:58:44 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2014-11-03 17:58:44 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll

2014-11-03 17:58:44 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

2014-11-03 17:58:28 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll

2014-11-03 17:57:18 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll

2014-11-03 17:57:13 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-11-03 17:59:45 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-11-03 17:59:45 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-11-03 17:59:45 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-11-03 17:59:45 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-11-03 17:59:43 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2014-11-03 17:59:43 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-11-03 17:59:42 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-11-03 17:59:41 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2014-11-03 17:59:41 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-11-03 17:59:41 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-11-03 17:59:41 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-11-03 17:59:41 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-11-03 17:59:40 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-11-03 17:59:39 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2014-11-03 17:59:39 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2014-11-03 17:59:39 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-11-03 17:59:39 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-11-03 17:59:38 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-11-03 17:59:38 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-11-03 17:59:38 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2014-11-03 17:59:37 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-11-03 17:59:37 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-11-03 17:59:37 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-11-03 17:59:36 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-11-03 17:59:36 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2014-11-03 17:59:35 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2014-11-03 17:59:07 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll

2014-11-03 17:59:07 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll

2014-11-03 17:59:07 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll

2014-11-03 17:59:04 06FC8A93A4FA1F42A3D1D06694F2B339 419992 ----a-w- C:\Windows\Sysnative\locale.nls

2014-11-03 17:59:02 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL

2014-11-03 17:59:02 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL

2014-11-03 17:59:02 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL

2014-11-03 17:59:02 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL

2014-11-03 17:59:02 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL

2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys

2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe

2014-11-03 17:58:45 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll

2014-11-03 17:58:45 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll

2014-11-03 17:58:44 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll

2014-11-03 17:58:44 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2014-11-03 17:58:44 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2014-11-03 17:58:44 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll

2014-11-03 17:58:28 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll

2014-11-03 17:57:18 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll

2014-11-03 17:57:13 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll

====== C:\Windows\Sysnative\drivers =====

2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys

2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2014-10-11 16:00:07 68430AD3FB0FADBFA5D1677617D1E1F5 50976 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2014-11-06 20:05:24 -------- d-----w- C:\PROGRA~2\Java

2014-10-11 16:00:02 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp

2014-10-11 15:48:32 -------- d-----w- C:\PROGRA~2\AVG

======= C: =====

====== C:\Users\Hans\AppData\Roaming ======

2014-11-03 18:27:15 -------- d-sh--w- C:\Users\Hans\AppData\Locallow\EmieSiteList

2014-10-21 17:04:08 -------- d-----w- C:\Users\Hans\AppData\Roaming\Oracle

2014-10-11 16:00:13 -------- d-----w- C:\Users\Hans\AppData\Local\AVG Web TuneUp

2014-10-11 16:00:10 -------- d-----w- C:\Users\Hans\AppData\Locallow\AVG Web TuneUp

2014-10-11 16:00:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp

2014-10-11 15:51:18 -------- d-----w- C:\Users\Hans\AppData\Roaming\AVG2015

2014-10-11 15:50:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015

2014-10-11 15:50:26 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015

2014-10-11 15:48:33 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015

2014-10-11 15:44:26 -------- d-----w- C:\Users\Hans\AppData\Local\Avg2015

====== C:\Users\Hans ======

2014-11-06 20:05:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe

2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe

2014-10-29 21:23:45 7F8A0E628D3561287725FD1C77D1D773 2603176 ----a-w- C:\Users\Hans\Downloads\AdobeDownloadAssistant.exe

2014-10-11 16:00:02 -------- d-----w- C:\ProgramData\AVG Web TuneUp

2014-10-11 15:50:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-10-11 15:49:37 -------- d-----w- C:\ProgramData\AVG2015

====== C: exe-files ==

2014-11-06 20:05:53 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe

2014-11-06 20:05:53 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe

2014-11-06 20:05:53 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe

2014-11-06 20:05:30 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe

2014-11-06 20:05:30 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe

2014-11-06 20:05:30 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe

2014-11-06 20:05:30 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe

2014-11-06 20:05:30 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe

2014-11-06 20:05:30 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe

2014-11-06 20:05:30 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe

2014-11-06 20:05:30 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe

2014-11-06 20:05:30 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe

2014-11-06 20:05:30 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe

2014-11-06 20:05:30 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe

2014-11-06 20:05:30 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe

2014-11-06 20:05:30 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe

2014-11-06 20:05:30 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe

2014-11-06 20:05:29 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe

2014-11-06 20:05:29 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe

2014-11-06 20:05:29 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe

2014-11-06 20:05:29 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe

2014-11-06 20:05:29 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe

2014-11-06 20:05:29 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe

2014-11-06 20:05:29 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe

2014-11-06 19:52:51 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\Hans\Downloads\jxpiinstall(3).exe

2014-11-05 16:43:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans\Downloads\RSITx64(1).exe

2014-11-03 17:59:45 6B9FDB34A5A490FF6A7EDE280062626A 810680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-11-03 17:59:45 54C9747BB0A64F4D9D401E4648363386 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2014-11-03 17:59:45 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-11-03 17:59:43 F9F310F9FB7F294F00ABDD03453D8CEE 812736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-11-03 17:59:43 649E8F572EC0D929F4EED13A53AC0475 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-11-03 17:59:43 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-11-03 17:59:42 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-11-03 17:59:41 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-11-03 17:59:40 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-11-03 17:59:38 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-11-03 17:59:35 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-11-03 17:58:45 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\System32\mstsc.exe

2014-11-03 17:58:44 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe

=== C: other files ==

2014-11-06 20:05:30 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip

2014-11-03 17:58:53 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\System32\win32k.sys

2014-11-03 17:58:44 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-11-03 17:58:44 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"

"Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"

"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"

"QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe"

"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

"NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"Ashampoo WinOptimizer Live-Tuner2"="C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe -TRAY"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeAAMUpdater-1.0"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeCS6ServiceManager"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCSSync"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CanonQuickMenu"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell DataSafe Online]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dell DataSafe Online"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Dell\\Dell Datasafe Online\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dell Webcam Central]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Dell Webcam Central"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell Webcam\\Dell Webcam Central\\WebcamDell2.exe\" /mode2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellStage]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellStage"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\stage_primary.exe\" \"C:\\Program Files (x86)\\Dell Stage\\Dell Stage\\start.umj\" --startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Disc Tool]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Desktop Disc Tool"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Roxio\\OEM\\Roxio Burn\\RoxioBurnLauncher.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroLauncher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroLauncher"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Nero\\SyncUP\\NeroLauncher.exe 900"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="OfficeSyncProcess"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Stage Remote]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Stage Remote"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Dell\\Stage Remote\\StageRemote.exe -Quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SwitchBoard"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04/11/2014 20:20]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Hans-PC-Hans" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"]

"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"]

"C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

- AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar

- Undetermined - %ProfilePath%\extensions\trash

ProfilePath: C:\Users\Hans\AppData\Roaming\TomTom\HOME\Profiles\9juq3wf8.default

- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com

- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash

D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin

FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Hans\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin

==== Chromium Look ======================

Google Docs - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SiteAdvisor - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Chrome In-App Payments service - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Preferences

"urls_to_restore_on_startup": [ "http://www.google.com" ]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{520BA545-8C7B-440A-B42C-0B4285CC150E} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3875126257-2785778885-3603230970-1001\Software\Microsoft\Internet Explorer\SearchScopes\{520BA545-8C7B-440A-B42C-0B4285CC150E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GNSEQLC will be deleted at reboot

C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYQ1POG3 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Hans\AppData\Local\Mozilla\Firefox\Profiles\h4jta6h1.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=132 folders=62 131351001 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Hans\AppData\Local\Temp will be emptied at reboot

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Hans\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GNSEQLC" not found

"C:\Users\Hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HYQ1POG3" not found

==== EOF on za 08/11/2014 at 18:55:22,46 ======================

Zoek.exe v5.0.0.0 Updated 05-November-2014

Tool run by Hans on do 06/11/2014 at 21:11:12,50.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Hans\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 21:19:34,20 =====

--- Create Environment Variables 21:19:35,48

--- Create System Restore Point 21:19:43,25

--- Checking Input 21:20:00,97

--- AU AppData Check 21:20:16,06

--- Remove From Windows Installer 21:20:21,15

--- IE Startpage Check 21:22:01,97

--- Program Files DB Check 21:22:36,32

--- C:\Users\Default\AppData\Roaming DB Check 21:23:17,47

--- C:\Users\Default User\AppData\Roaming DB Check 21:23:17,47

--- C:\Users\Hans\AppData\Roaming DB Check 21:23:17,47

--- C:\Users\UpdatusUser\AppData\Roaming DB Check 21:23:17,47

--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 21:23:17,47

--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 21:23:17,47

--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 21:23:17,47

--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 21:23:17,47

--- C:\Users\Hans DB Check 21:25:33,59

Dit is het logbestandje verkregen na uitvoeren van zoek.exe

Mvg

Hans

Bedankt voor de snelle reactie.

Hieronder plak ik het logbestand :

Logfile of random's system information tool 1.10 (written by random/random)

Run by Hans at 2014-11-05 17:43:20

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 374 GB (75%) free of 496 GB

Total RAM: 8086 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:43:26, on 5/11/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17344)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\AVG\AVG2015\avgui.exe

C:\Program Files (x86)\AVG Web TuneUp\vprot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe

C:\Program Files\trend micro\Hans.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/4

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: melondrea - {16f059cb-3d3f-4ecc-b426-bafa47233676} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE

O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=8d6bf4b7419e47d091b98db09ba750c9-a29479a5f9abbaa4510fc7eb5da3625d49050837 /CMPID=0214c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3875126257-2785778885-3603230970-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3875126257-2785778885-3603230970-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Hans\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{50386D0B-B314-4371-8BD4-C30125981BBB}: NameServer = 0.0.0.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Update melondrea - Unknown owner - C:\Program Files (x86)\melondrea\updatemelondrea.exe (file missing)

O23 - Service: Util melondrea - Unknown owner - C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Ashampoo LiveTuner 2 Service (WO_LiveService2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe

--

End of file - 16616 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8be0-c4041c92421b /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

C:\Windows\system32\nvvsvc.exe

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 16950496

\??\C:\Windows\system32\conhost.exe "712278395-693484866988349778-41604475415221640301321670126-920892879346513325

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe"

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"

"C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe" SERVICE

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe"

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray

"C:\Program Files\Dell\QuickSet\quickset.exe"

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe" -TRAY

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Hans

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

\??\C:\Windows\system32\conhost.exe "4838588971797762884-306756941-623362018202614344660503806-114616168-1295995023

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"

"C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe"

"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

WLIDSvcM.exe 4284

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

ctfmon.exe

"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

"C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"

"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\servicing\TrustedInstaller.exe

"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding

taskeng.exe {13CC611C-C68D-41B8-9B0B-B999FB32BB48}

"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"

taskeng.exe {4C6A2DD4-4B65-46AE-B3C9-C811CF528D3B}

"C:\Program Files\My Dell\uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.pc-helpforum.be/f387/traag-opstarten-browser-flikkerende-beelden-73806-new/"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4076.1f3cc8a0.234373683 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4076 "\\.\pipe\gecko-crash-server-pipe.4076" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --proxy-stub-channel=Flash5208.5716AAA0.13705 --host-broker-channel=Flash5208.5716AAA0.20859 --host-pid=5208 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe" --channel=7344.001AF6C4.769024795 --proxy-stub-channel=Flash5208.5716AAA0.13705 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" --host-npapi-version=27 --type=renderer

"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544

"C:\Users\Hans\Downloads\RSITx64(1).exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default

prefs.js - "browser.startup.homepage" - "http://www.nieuwsblad.be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.189 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]

"Description"=Canon My Image Garden

"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 15.0.0.189 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

C:\Program Files (x86)\Mozilla Firefox\plugins\

np-mswmp.dll

nppdf32.DEU

nppdf32.FRA

nppdf32.JPN

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\extensions\

avg@toolbar

trash

C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\h4jta6h1.default\searchplugins\

avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16f059cb-3d3f-4ecc-b426-bafa47233676}]

melondrea

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-02-19 6611048]

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-05 167704]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-05 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-05 416024]

"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-17 686704]

"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-11-01 1935120]

"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2011-01-25 4479648]

"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2011-11-04 540992]

"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]

"Ashampoo WinOptimizer Live-Tuner2"=C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe [2014-06-16 3516808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG-Secure-Search-Update_0214c"=C:\Users\Hans\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=8d6bf4b7419e47d091b98db09ba750c9-a29479a5f9abbaa4510fc7eb5da3625d49050837 /CMPID=0214c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]

C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]

C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online]

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [2010-08-26 1117528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2011-04-13 503942]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellStage]

C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2012-02-01 2195824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]

C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [2010-11-17 514544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroLauncher]

C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [2012-08-21 67496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]

C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Stage Remote]

C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2011-06-28 2022976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112]

"AccuWeatherWidget"=C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2012-02-01 968048]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]

"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]

"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-09-05 3593744]

"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-10-14 2662424]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]

C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll [2013-03-14 14232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-07-20 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"NoRun"=0

"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-03 19:08:04 ----D---- C:\ProgramData\Package Cache

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-11-03 18:59:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-11-03 18:59:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-11-03 18:59:45 ----A---- C:\Windows\system32\iernonce.dll

2014-11-03 18:59:45 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-11-03 18:59:45 ----A---- C:\Windows\system32\ie4uinit.exe

2014-11-03 18:59:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-11-03 18:59:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-11-03 18:59:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-11-03 18:59:43 ----A---- C:\Windows\system32\urlmon.dll

2014-11-03 18:59:43 ----A---- C:\Windows\system32\iedkcs32.dll

2014-11-03 18:59:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-11-03 18:59:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-11-03 18:59:42 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-11-03 18:59:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-11-03 18:59:41 ----A---- C:\Windows\system32\msfeeds.dll

2014-11-03 18:59:41 ----A---- C:\Windows\system32\iesetup.dll

2014-11-03 18:59:41 ----A---- C:\Windows\system32\iertutil.dll

2014-11-03 18:59:41 ----A---- C:\Windows\system32\dxtmsft.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-11-03 18:59:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-11-03 18:59:40 ----A---- C:\Windows\system32\jsproxy.dll

2014-11-03 18:59:39 ----A---- C:\Windows\system32\mshtmled.dll

2014-11-03 18:59:39 ----A---- C:\Windows\system32\ieui.dll

2014-11-03 18:59:39 ----A---- C:\Windows\system32\ieframe.dll

2014-11-03 18:59:39 ----A---- C:\Windows\system32\dxtrans.dll

2014-11-03 18:59:38 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-11-03 18:59:38 ----A---- C:\Windows\system32\jscript9diag.dll

2014-11-03 18:59:38 ----A---- C:\Windows\system32\jscript9.dll

2014-11-03 18:59:38 ----A---- C:\Windows\system32\ieUnatt.exe

2014-11-03 18:59:37 ----A---- C:\Windows\system32\wininet.dll

2014-11-03 18:59:37 ----A---- C:\Windows\system32\vbscript.dll

2014-11-03 18:59:37 ----A---- C:\Windows\system32\ieapfltr.dll

2014-11-03 18:59:36 ----A---- C:\Windows\system32\msrating.dll

2014-11-03 18:59:36 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-11-03 18:59:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-11-03 18:59:35 ----A---- C:\Windows\system32\mshtml.dll

2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\mscories.dll

2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\mscorier.dll

2014-11-03 18:59:07 ----A---- C:\Windows\SYSWOW64\dfshim.dll

2014-11-03 18:59:07 ----A---- C:\Windows\system32\mscories.dll

2014-11-03 18:59:07 ----A---- C:\Windows\system32\mscorier.dll

2014-11-03 18:59:07 ----A---- C:\Windows\system32\dfshim.dll

2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDYAK.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDTAT.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDRU1.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDRU.DLL

2014-11-03 18:59:02 ----A---- C:\Windows\system32\KBDBASH.DLL

2014-11-03 18:58:53 ----A---- C:\Windows\system32\win32k.sys

2014-11-03 18:58:45 ----A---- C:\Windows\SYSWOW64\mstscax.dll

2014-11-03 18:58:45 ----A---- C:\Windows\system32\termsrv.dll

2014-11-03 18:58:45 ----A---- C:\Windows\system32\mstscax.dll

2014-11-03 18:58:45 ----A---- C:\Windows\system32\mstsc.exe

2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\winsta.dll

2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\mstsc.exe

2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\credssp.dll

2014-11-03 18:58:44 ----A---- C:\Windows\SYSWOW64\aaclient.dll

2014-11-03 18:58:44 ----A---- C:\Windows\system32\winsta.dll

2014-11-03 18:58:44 ----A---- C:\Windows\system32\winlogon.exe

2014-11-03 18:58:44 ----A---- C:\Windows\system32\TSpkg.dll

2014-11-03 18:58:44 ----A---- C:\Windows\system32\rdpcorekmts.dll

2014-11-03 18:58:44 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2014-11-03 18:58:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-11-03 18:58:44 ----A---- C:\Windows\system32\credssp.dll

2014-11-03 18:58:28 ----A---- C:\Windows\SYSWOW64\msi.dll

2014-11-03 18:58:28 ----A---- C:\Windows\system32\msi.dll

2014-11-03 18:57:18 ----A---- C:\Windows\SYSWOW64\rastls.dll

2014-11-03 18:57:18 ----A---- C:\Windows\system32\rastls.dll

2014-11-03 18:57:13 ----A---- C:\Windows\SYSWOW64\packager.dll

2014-11-03 18:57:13 ----A---- C:\Windows\system32\packager.dll

2014-10-30 21:08:40 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-10-21 18:04:08 ----D---- C:\Users\Hans\AppData\Roaming\Oracle

2014-10-21 18:02:52 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-10-21 18:02:47 ----A---- C:\Windows\SYSWOW64\java.exe

2014-10-21 18:02:42 ----D---- C:\Program Files (x86)\Java

2014-10-11 17:00:10 ----D---- C:\ProgramData\AVG Security Toolbar

2014-10-11 17:00:07 ----A---- C:\Windows\system32\drivers\avgtpx64.sys

2014-10-11 17:00:05 ----D---- C:\ProgramData\AVG Secure Search

2014-10-11 17:00:02 ----D---- C:\ProgramData\AVG Web TuneUp

2014-10-11 17:00:02 ----D---- C:\Program Files (x86)\AVG Web TuneUp

2014-10-11 16:51:18 ----D---- C:\Users\Hans\AppData\Roaming\AVG2015

2014-10-11 16:49:37 ----HD---- C:\$AVG

2014-10-11 16:49:37 ----D---- C:\ProgramData\AVG2015

2014-10-11 16:48:32 ----D---- C:\Program Files (x86)\AVG

2014-10-06 20:11:36 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll

2014-10-06 20:11:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2014-10-06 20:09:52 ----A---- C:\Windows\SYSWOW64\infocardapi.dll

2014-10-06 20:09:51 ----A---- C:\Windows\SYSWOW64\icardagt.exe

2014-10-06 20:09:51 ----A---- C:\Windows\system32\infocardapi.dll

2014-10-06 20:09:51 ----A---- C:\Windows\system32\icardagt.exe

2014-10-06 20:09:49 ----A---- C:\Windows\SYSWOW64\icardres.dll

2014-10-06 20:09:49 ----A---- C:\Windows\system32\icardres.dll

2014-10-06 20:09:39 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe

2014-10-06 20:09:39 ----A---- C:\Windows\system32\TsWpfWrp.exe

2014-10-06 20:07:09 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll

2014-10-06 20:07:09 ----A---- C:\Windows\system32\TSWorkspace.dll

2014-10-06 20:07:05 ----A---- C:\Windows\SYSWOW64\tzres.dll

2014-10-06 20:07:05 ----A---- C:\Windows\system32\tzres.dll

2014-10-06 20:06:56 ----A---- C:\Windows\SYSWOW64\msihnd.dll

2014-10-06 20:06:56 ----A---- C:\Windows\SYSWOW64\authui.dll

2014-10-06 20:06:56 ----A---- C:\Windows\system32\msihnd.dll

2014-10-06 20:06:56 ----A---- C:\Windows\system32\consent.exe

2014-10-06 20:06:56 ----A---- C:\Windows\system32\authui.dll

2014-10-06 20:06:45 ----A---- C:\Windows\system32\qdvd.dll

2014-10-06 20:06:44 ----A---- C:\Windows\SYSWOW64\shell32.dll

2014-10-06 20:06:44 ----A---- C:\Windows\SYSWOW64\qdvd.dll

2014-10-06 20:06:44 ----A---- C:\Windows\system32\shell32.dll

2014-10-06 20:06:43 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-10-06 20:06:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-10-06 20:06:43 ----A---- C:\Windows\system32\d3d10warp.dll

2014-10-06 20:06:42 ----A---- C:\Windows\SYSWOW64\gdi32.dll

2014-10-06 20:06:42 ----A---- C:\Windows\system32\gdi32.dll

2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\secur32.dll

2014-10-06 20:06:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2014-10-06 20:06:40 ----A---- C:\Windows\system32\lsasrv.dll

2014-10-06 20:06:40 ----A---- C:\Windows\system32\kerberos.dll

2014-10-06 20:04:54 ----A---- C:\Windows\system32\rpcrt4.dll

2014-10-06 20:04:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

======List of files/folders modified in the last 1 month======

2014-11-05 17:43:23 ----D---- C:\Program Files\trend micro

2014-11-05 17:41:46 ----D---- C:\Windows\Temp

2014-11-05 17:38:12 ----D---- C:\ProgramData\MFAData

2014-11-05 17:35:40 ----D---- C:\Windows\system32\config

2014-11-05 17:34:29 ----A---- C:\Windows\SYSWOW64\log.txt

2014-11-05 17:32:25 ----D---- C:\Windows\inf

2014-11-05 17:31:55 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup

2014-11-05 17:31:14 ----D---- C:\Windows

2014-11-05 17:31:13 ----D---- C:\ProgramData\NVIDIA

2014-11-04 20:20:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-11-04 19:35:24 ----SHD---- C:\Config.Msi

2014-11-04 19:30:43 ----SHD---- C:\System Volume Information

2014-11-04 19:19:27 ----SHD---- C:\Windows\Installer

2014-11-04 19:19:27 ----D---- C:\Program Files (x86)\Adobe

2014-11-04 19:18:52 ----RD---- C:\Program Files (x86)

2014-11-04 19:18:06 ----D---- C:\Users\Hans\AppData\Roaming\Adobe

2014-11-03 20:59:29 ----D---- C:\Windows\Microsoft.NET

2014-11-03 20:58:55 ----RSD---- C:\Windows\assembly

2014-11-03 19:56:31 ----D---- C:\ProgramData\CanonIJPLM

2014-11-03 19:51:42 ----D---- C:\Windows\winsxs

2014-11-03 19:41:14 ----RSD---- C:\Windows\Fonts

2014-11-03 19:41:05 ----D---- C:\Windows\System32

2014-11-03 19:40:10 ----D---- C:\Windows\SysWOW64

2014-11-03 19:32:43 ----D---- C:\Windows\debug

2014-11-03 19:17:07 ----D---- C:\Program Files\Internet Explorer

2014-11-03 19:17:06 ----D---- C:\Windows\SYSWOW64\en-US

2014-11-03 19:17:06 ----D---- C:\Windows\system32\en-US

2014-11-03 19:17:06 ----D---- C:\Program Files (x86)\Internet Explorer

2014-11-03 19:17:05 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-11-03 19:17:05 ----D---- C:\Windows\system32\nl-NL

2014-11-03 19:17:05 ----D---- C:\Windows\system32\drivers

2014-11-03 19:10:54 ----D---- C:\ProgramData\Microsoft Help

2014-11-03 19:09:18 ----D---- C:\ProgramData\Adobe

2014-11-03 19:08:04 ----HD---- C:\ProgramData

2014-11-03 19:05:35 ----D---- C:\Windows\system32\MRT

2014-11-03 19:00:21 ----A---- C:\Windows\system32\MRT.exe

2014-11-03 18:58:56 ----D---- C:\Windows\system32\catroot

2014-11-03 18:58:02 ----D---- C:\Windows\system32\catroot2

2014-11-02 09:07:51 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-10-31 16:23:02 ----SD---- C:\Users\Hans\AppData\Roaming\Microsoft

2014-10-31 16:16:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-29 22:51:49 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2014-10-29 22:51:38 ----D---- C:\Windows\system32\DriverStore

2014-10-21 18:03:11 ----D---- C:\ProgramData\Oracle

2014-10-14 19:01:38 ----D---- C:\ProgramData\Sonic

2014-10-11 17:01:09 ----D---- C:\Windows\system32\Tasks

2014-10-11 17:01:08 ----D---- C:\Windows\Tasks

2014-10-11 17:00:04 ----D---- C:\Program Files (x86)\Common Files

2014-10-11 16:43:10 ----D---- C:\ProgramData\McAfee

2014-10-11 16:43:10 ----D---- C:\Program Files\Common Files

2014-10-11 16:43:05 ----D---- C:\Program Files\McAfee

2014-10-11 16:43:05 ----D---- C:\Program Files

2014-10-11 16:36:50 ----DC---- C:\Windows\system32\DRVSTORE

2014-10-06 21:47:19 ----D---- C:\Windows\ehome

2014-10-06 21:47:11 ----D---- C:\Windows\PolicyDefinitions

2014-10-06 20:22:08 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-01-13 439320]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-24 247576]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-20 243480]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-07-02 270616]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-10-11 50976]

R1 NEOFLTR_803_30619;Juniper Networks TDI Filter Driver (NEOFLTR_803_30619); \??\C:\Windows\system32\Drivers\NEOFLTR_803_30619.SYS [2014-04-09 108344]

R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 LiveTuner2PM;Ashampoo LiveTuner 2 Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner64.sys [2014-03-20 14320]

R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtuele adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-20 12287456]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-19 2748520]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 8615936]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-09-14 95744]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-09-14 212992]

R3 qicflt;upper Device Filter Driver; C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2013-01-30 46720]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]

S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 158976]

S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288]

S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-16 291648]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]

S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-09-05 1459872]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-09-05 3364368]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-09-05 293448]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-21 135440]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe [2009-08-24 544768]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-11-01 1518352]

R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-12-21 325656]

R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NOBU;Dell DataSafe Online; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-08-26 2823000]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-11-04 1640768]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-11-01 844560]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2012-02-16 1695040]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-10-11 1843736]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-11-01 340240]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-04-10 166912]

S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S2 Update melondrea;Update melondrea; C:\Program Files (x86)\melondrea\updatemelondrea.exe []

S2 Util melondrea;Util melondrea; C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-04 267440]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 GoToAssist;GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe [2013-03-14 13720]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-30 114288]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]

S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-20 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Mvg

Hans