yieldmanager

pieter63 · 2 oktober 2013

Hallo allemaal,ik heb mij zo juist ingelogt en heb direct gevonden wat ik moest doen om dat yieldmanager ding,ben niet zo een goede pc kenner)waar ik al een maand problemen mee had is op een paar mintn opgelost.ik hoop dat het zo blijft.report adwcleaner.# AdwCleaner v3.006 - Report created 02/10/2013 at 20:10:48

# Updated 01/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

# Username : pierre - PC-PETER

# Running from : C:\Users\pierre\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\BrowserDefender

Folder Deleted : C:\ProgramData\DSearchLink

Folder Deleted : C:\ProgramData\ParetoLogic

Folder Deleted : C:\ProgramData\StarApp

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\Conduit

Folder Deleted : C:\Program Files\DefaultTab

Folder Deleted : C:\Program Files\Desk 365

Folder Deleted : C:\Program Files\LyricsSay-1

Folder Deleted : C:\Program Files\MyPC Backup

Folder Deleted : C:\Program Files\WinZipper

Folder Deleted : C:\Program Files\Common Files\337

Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\Users\pierre\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\pierre\AppData\Local\Conduit

Folder Deleted : C:\Users\pierre\AppData\Local\cool_mirage

Folder Deleted : C:\Users\pierre\AppData\Local\iac

Folder Deleted : C:\Users\pierre\AppData\Local\lollipop

Folder Deleted : C:\Users\pierre\AppData\Local\PutLockerDownloader

Folder Deleted : C:\Users\pierre\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\pierre\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\pierre\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\pierre\AppData\LocalLow\Delta

Folder Deleted : C:\Users\pierre\AppData\LocalLow\iac

Folder Deleted : C:\Users\pierre\AppData\LocalLow\searchresultstb

Folder Deleted : C:\Users\pierre\AppData\Roaming\337

Folder Deleted : C:\Users\pierre\AppData\Roaming\Babylon

Folder Deleted : C:\Users\pierre\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\pierre\AppData\Roaming\Desk 365

Folder Deleted : C:\Users\pierre\AppData\Roaming\DriverCure

Folder Deleted : C:\Users\pierre\AppData\Roaming\Media Finder

Folder Deleted : C:\Users\pierre\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

Folder Deleted : C:\Users\pierre\AppData\Roaming\Omiga Plus

Folder Deleted : C:\Users\pierre\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\pierre\AppData\Roaming\ParetoLogic

Folder Deleted : C:\Users\pierre\AppData\Roaming\Systweak

Folder Deleted : C:\Users\pierre\AppData\Roaming\WinZipper

File Deleted : C:\Windows\system32\roboot.exe

File Deleted : C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

File Deleted : C:\Windows\Tasks\LyricsSay-1-codedownloader.job

File Deleted : C:\Windows\System32\Tasks\LyricsSay-1-codedownloader

File Deleted : C:\Windows\Tasks\LyricsSay-1-enabler.job

File Deleted : C:\Windows\System32\Tasks\LyricsSay-1-enabler

File Deleted : C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job

File Deleted : C:\Windows\System32\Tasks\LyricsSay-1-firefoxinstaller

File Deleted : C:\Windows\Tasks\LyricsSay-1-updater.job

File Deleted : C:\Windows\System32\Tasks\LyricsSay-1-updater

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LyricsSay-1-codedownloader

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06CC8F22-0F16-46D7-9DA9-17A652C14667}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{06CC8F22-0F16-46D7-9DA9-17A652C14667}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LyricsSay-1-enabler

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E50BD9E-7652-40C3-AD0D-837A8E9CCB35}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E50BD9E-7652-40C3-AD0D-837A8E9CCB35}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LyricsSay-1-firefoxinstaller

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC599824-ADAD-4393-A3B8-1B8F544398EE}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC599824-ADAD-4393-A3B8-1B8F544398EE}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LyricsSay-1-updater

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7367960-73BA-4568-BA61-4C036D9F4FC0}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7367960-73BA-4568-BA61-4C036D9F4FC0}

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041552.BHO

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041552.BHO.1

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041552.Sandbox

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041552.Sandbox.1

Key Deleted : HKCU\Software\e2d88ab439b944

Key Deleted : HKLM\SOFTWARE\e2d88ab439b944

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_internet-explorer-10_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_internet-explorer-10_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411151152}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151152}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411151152}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411151152}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F22A84-2A84-49EB-91E6-5DADAAF0165D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D3F22A84-2A84-49EB-91E6-5DADAAF0165D}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Default Tab

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\installedbrowserextensions

Key Deleted : HKCU\Software\InstalledThirdPartyPrograms

Key Deleted : HKCU\Software\lollipop

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\LyricsSay-1

Key Deleted : HKCU\Software\AppDataLow\Software\smartbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\Software\InstalledThirdPartyPrograms

Key Deleted : HKLM\Software\LyricsSay-1

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\Software\Tarma Installer

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LyricsSay-1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Mozilla Firefox v

[ File : C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

*************************

AdwCleaner[R0].txt - [12868 octets] - [02/10/2013 20:09:19]

AdwCleaner[s0].txt - [13185 octets] - [02/10/2013 20:10:48]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [13246 octets] ##########Hartelijke dank aan de meester en leden.

2 oktober 2013 aangepast door pieter63

kape · 3 oktober 2013

Doe nog even onderstaande (want er zat wel heel veel rotzooi op deze PC) ter controle:

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
Plaats de inhoud hiervan in het volgende bericht.

pieter63 · 3 oktober 2013

Beste Kap ik heb gedaan wat u mij voorstelde,hier het resultaat.hartelijk dank voor de uitleg pieter63.ik zal zeker een donatie geven. Logfile of random's system information tool 1.09 (written by random/random)

Run by pierre at 2013-10-03 10:47:44

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 137 GB (60%) free of 228 GB

Total RAM: 2430 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:48:29, on 3/10/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16686)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Acer Bio Protection\PdtWzd.exe

C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe

C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe

C:\Users\pierre\Downloads\RSIT.exe

C:\Program Files\trend micro\pierre.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [OWS Setup CmdLine] "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" /pkg "Office 2000 Server Extensions"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe"

O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe

O4 - HKLM\..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12

O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe

O4 - HKLM\..\Run: [EmbassySecurityCheck] "C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O9 - Extra button: (no name) - AutorunsDisabled - (no file)

O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe

O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

O23 - Service: Office Server Extensions Notification Service (OWSTimer) - Unknown owner - C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE

O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe

O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (file missing)

--

End of file - 9472 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-24 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-24 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""= []

"OWS Setup CmdLine"=C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe [1999-03-19 188480]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1537320]

"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-08-07 225280]

"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1200136]

"PLFSetI"=C:\Windows\PLFSetI.exe [2008-06-30 200704]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-04 7731744]

"VitaKeyPdtWzd"=C:\Program Files\Acer Bio Protection\PdtWzd.exe [2009-09-05 3570176]

"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-09-04 186912]

"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-19 487424]

"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-06-03 184320]

"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2009-07-27 134656]

"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-07-27 95544]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-09-15 4851760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-11-18 39408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"authentication packages"=msv1_0

wvauth

"notification packages"=C:\Program Files\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpwucli.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]

"Debugger="C:\Program Files\AVG\AVG PC TuneUp\PMLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-03 10:47:45 ----D---- C:\Program Files\trend micro

2013-10-03 10:47:44 ----D---- C:\rsit

2013-10-02 20:09:10 ----D---- C:\AdwCleaner

2013-09-25 21:00:29 ----D---- C:\Program Files\Common Files\DESIGNER

2013-09-25 20:57:14 ----D---- C:\Program Files\Microsoft Analysis Services

2013-09-22 21:14:27 ----D---- C:\Users\pierre\AppData\Roaming\AVG2014

2013-09-22 21:13:17 ----HD---- C:\$AVG

2013-09-22 21:13:17 ----D---- C:\ProgramData\AVG2014

2013-09-22 19:47:46 ----D---- C:\Windows\system32\BioAPIFFDB

2013-09-22 19:47:46 ----A---- C:\Windows\system32\bioapi100.dll.bak

2013-09-22 19:47:46 ----A---- C:\Windows\system32\bioapi100.dll

2013-09-22 19:47:46 ----A---- C:\Windows\system32\bioapi_mds300.dll.bak

2013-09-22 19:47:46 ----A---- C:\Windows\system32\bioapi_mds300.dll

2013-09-22 19:47:23 ----D---- C:\Users\pierre\AppData\Roaming\Wave Systems Corp

2013-09-22 19:47:17 ----D---- C:\Program Files\Wave Systems Corp

2013-09-22 19:47:06 ----D---- C:\Windows\system32\Test

2013-09-22 19:46:41 ----D---- C:\ProgramData\NTRU Cryptosystems

2013-09-22 19:46:41 ----D---- C:\Program Files\NTRU Cryptosystems

2013-09-22 19:45:48 ----D---- C:\Windows\Downloaded Installations

2013-09-22 19:45:48 ----D---- C:\ProgramData\Wave Systems Corp

2013-09-22 19:34:29 ----D---- C:\ProgramData\QUALCOMM

2013-09-22 19:20:28 ----D---- C:\AuthLog

2013-09-22 19:19:15 ----D---- C:\Program Files\Acer Bio Protection

2013-09-22 19:12:20 ----D---- C:\Program Files\Fingerprint Sensor

2013-09-22 19:11:12 ----D---- C:\Windows\system32\RTCOM

2013-09-22 19:10:46 ----A---- C:\Windows\system32\WavesLib.dll

2013-09-22 19:10:44 ----A---- C:\Windows\system32\SRSWOW.dll

2013-09-22 19:10:43 ----A---- C:\Windows\system32\SRSTSXT.dll

2013-09-22 19:10:43 ----A---- C:\Windows\system32\SRSTSHD.dll

2013-09-22 19:10:43 ----A---- C:\Windows\system32\SRSHP360.dll

2013-09-22 19:10:41 ----A---- C:\Windows\system32\RtkPgExt.dll

2013-09-22 19:10:41 ----A---- C:\Windows\system32\RtkCoInst.dll

2013-09-22 19:10:41 ----A---- C:\Windows\system32\RtkApoApi.dll

2013-09-22 19:10:39 ----A---- C:\Windows\system32\RtkAPO.dll

2013-09-22 19:10:32 ----A---- C:\Windows\system32\RTEEP32A.dll

2013-09-22 19:10:32 ----A---- C:\Windows\system32\RTEEL32A.dll

2013-09-22 19:10:32 ----A---- C:\Windows\system32\RTEEG32A.dll

2013-09-22 19:10:32 ----A---- C:\Windows\system32\RTEED32A.dll

2013-09-22 19:10:32 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys

2013-09-22 19:10:30 ----A---- C:\Windows\system32\RP3DHT32.dll

2013-09-22 19:10:30 ----A---- C:\Windows\system32\RP3DAA32.dll

2013-09-22 19:10:30 ----A---- C:\Windows\system32\MaxxAudioEQ.dll

2013-09-22 19:10:28 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll

2013-09-22 19:10:28 ----A---- C:\Windows\system32\MaxxAudioAPO.dll

2013-09-22 19:10:26 ----A---- C:\Windows\system32\FMAPO.dll

2013-09-22 19:10:24 ----A---- C:\Windows\system32\AERTARen.dll

2013-09-22 19:10:24 ----A---- C:\Windows\system32\AERTACap.dll

2013-09-22 19:10:18 ----R---- C:\Windows\RtlExUpd.dll

2013-09-22 19:06:35 ----D---- C:\Windows\system32\SDA

2013-09-22 19:06:34 ----D---- C:\Program Files\JMicron

2013-09-22 19:06:11 ----A---- C:\Windows\usbvideo_reg.exe

2013-09-22 19:06:11 ----A---- C:\Windows\PLFSetI.exe

2013-09-22 19:05:31 ----A---- C:\Windows\PidList.ini

2013-09-22 19:05:31 ----A---- C:\Windows\Image.dll

2013-09-22 19:05:31 ----A---- C:\Windows\Acer Crystal Eye webcam.EXE

2013-09-22 18:59:42 ----RA---- C:\Windows\system32\CSVer.dll

2013-09-22 18:57:31 ----D---- C:\Program Files\Intel

2013-09-22 18:48:01 ----D---- C:\Program Files\LSI SoftModem

2013-09-22 18:33:37 ----A---- C:\Windows\hbcikrnl.ini

2013-09-22 18:33:34 ----D---- C:\Program Files\O2Micro OZ711 SCR Driver

2013-09-22 18:32:08 ----D---- C:\Program Files\Apoint2K

2013-09-22 18:32:00 ----A---- C:\Windows\system32\Vxdif.dll

2013-09-22 18:31:59 ----A---- C:\Windows\system32\drivers\Apfiltr.sys

2013-09-22 18:31:58 ----A---- C:\Windows\system32\WdfCoInstaller01005.dll

2013-09-22 18:25:46 ----D---- C:\Program Files\Synaptics

2013-09-22 18:25:35 ----A---- C:\Windows\system32\drivers\SynTP.sys

2013-09-22 18:25:34 ----A---- C:\Windows\system32\SynTPAPI.dll

2013-09-22 18:25:33 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll

2013-09-22 18:25:33 ----A---- C:\Windows\system32\SynTPCo4.dll

2013-09-22 18:25:33 ----A---- C:\Windows\system32\SynCtrl.dll

2013-09-22 18:17:10 ----D---- C:\Windows\Driver Cache

2013-09-22 18:17:07 ----D---- C:\Program Files\AVerMedia

2013-09-22 17:45:50 ----D---- C:\Program Files\Atheros

2013-09-22 17:45:50 ----A---- C:\Windows\system32\athr.sys

2013-09-21 22:08:50 ----D---- C:\Users\pierre\AppData\Roaming\Malwarebytes

2013-09-21 22:08:38 ----D---- C:\ProgramData\Malwarebytes

2013-09-21 11:38:17 ----D---- C:\Windows\Minidump

2013-09-20 20:49:52 ----D---- C:\Windows\system32\nn-NO

2013-09-20 20:49:52 ----A---- C:\Windows\system32\athihvui.dll

2013-09-20 20:49:52 ----A---- C:\Windows\system32\athihvs.dll

2013-09-20 20:47:06 ----D---- C:\temp

2013-09-20 20:47:02 ----A---- C:\Windows\system32\RaCoInst.dll

2013-09-20 20:47:02 ----A---- C:\Windows\system32\RaCoInst.dat

2013-09-20 20:47:02 ----A---- C:\Windows\system32\netr28.sys

2013-09-20 20:46:35 ----D---- C:\ProgramData\Ralink

2013-09-20 20:43:25 ----D---- C:\Program Files\Broadcom

2013-09-19 20:43:25 ----D---- C:\Program Files\Option

2013-09-19 20:29:55 ----D---- C:\Intel

2013-09-18 21:29:38 ----R---- C:\Windows\system32\RTSUSTORicon.dll

2013-09-18 21:21:08 ----A---- C:\Windows\system32\NVUNINST.EXE

2013-09-14 18:18:53 ----D---- C:\Program Files\Windows Live

2013-09-13 11:07:27 ----A---- C:\Windows\system32\jscript.dll

2013-09-13 11:07:26 ----A---- C:\Windows\system32\jscript9.dll

2013-09-13 11:07:25 ----A---- C:\Windows\system32\jsproxy.dll

2013-09-13 11:07:25 ----A---- C:\Windows\system32\iesetup.dll

2013-09-13 11:07:24 ----A---- C:\Windows\system32\ieui.dll

2013-09-13 11:07:23 ----A---- C:\Windows\system32\urlmon.dll

2013-09-13 11:07:23 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-13 11:07:23 ----A---- C:\Windows\system32\msfeeds.dll

2013-09-13 11:07:23 ----A---- C:\Windows\system32\iesysprep.dll

2013-09-13 11:07:23 ----A---- C:\Windows\system32\iernonce.dll

2013-09-13 11:07:23 ----A---- C:\Windows\system32\ie4uinit.exe

2013-09-13 11:07:22 ----A---- C:\Windows\system32\iertutil.dll

2013-09-13 11:07:20 ----A---- C:\Windows\system32\wininet.dll

2013-09-13 11:07:19 ----A---- C:\Windows\system32\ieframe.dll

2013-09-13 11:07:16 ----A---- C:\Windows\system32\mshtml.dll

2013-09-12 20:25:35 ----A---- C:\Windows\system32\win32k.sys

2013-09-12 20:25:27 ----A---- C:\Windows\system32\shell32.dll

2013-09-12 20:25:25 ----A---- C:\Windows\system32\shdocvw.dll

2013-09-12 20:25:24 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-12 20:25:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-12 20:25:16 ----A---- C:\Windows\system32\winsrv.dll

2013-09-12 20:25:16 ----A---- C:\Windows\system32\KernelBase.dll

2013-09-12 20:25:16 ----A---- C:\Windows\system32\kernel32.dll

2013-09-12 20:25:16 ----A---- C:\Windows\system32\conhost.exe

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-12 20:25:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-12 20:25:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-12 20:25:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-11 22:11:08 ----D---- C:\Users\pierre\AppData\Roaming\Skype

2013-09-10 22:11:44 ----A---- C:\Windows\system32\drivers\avgidsshimx.sys

2013-09-09 19:58:12 ----D---- C:\Windows\system32\siscardplugins

2013-09-09 19:58:12 ----D---- C:\Windows\system32\beidpp

2013-09-09 19:58:12 ----D---- C:\Program Files\BeID Minidriver

2013-09-09 19:58:11 ----D---- C:\Program Files\Belgium Identity Card

2013-09-08 22:12:16 ----A---- C:\Windows\system32\drivers\avgrkx86.sys

======List of files/folders modified in the last 1 month======

2013-10-03 10:47:57 ----D---- C:\Windows\Temp

2013-10-03 10:47:45 ----RD---- C:\Program Files

2013-10-03 10:42:49 ----D---- C:\ProgramData\MFAData

2013-10-03 10:39:43 ----D---- C:\Windows\system32\config

2013-10-02 20:11:00 ----D---- C:\Windows\Tasks

2013-10-02 20:11:00 ----D---- C:\Windows\system32\Tasks

2013-10-02 20:11:00 ----D---- C:\Windows\System32

2013-10-02 20:10:54 ----D---- C:\Program Files\Common Files

2013-10-02 20:10:49 ----HD---- C:\ProgramData

2013-10-01 23:23:04 ----D---- C:\Windows\Microsoft.NET

2013-10-01 23:23:03 ----RSD---- C:\Windows\assembly

2013-10-01 22:12:46 ----D---- C:\Windows\system32\catroot2

2013-10-01 20:59:51 ----HD---- C:\Config.Msi

2013-10-01 20:56:45 ----SHD---- C:\Windows\Installer

2013-10-01 20:56:28 ----D---- C:\ProgramData\Microsoft Help

2013-10-01 20:47:44 ----SHD---- C:\System Volume Information

2013-09-28 19:55:02 ----D---- C:\Windows\system32\drivers

2013-09-26 17:13:51 ----D---- C:\Windows\Prefetch

2013-09-25 22:15:33 ----SD---- C:\Users\pierre\AppData\Roaming\Microsoft

2013-09-25 21:41:36 ----D---- C:\Windows\ShellNew

2013-09-25 21:41:34 ----D---- C:\Program Files\Common Files\microsoft shared

2013-09-25 21:41:12 ----RSD---- C:\Windows\Fonts

2013-09-25 21:40:58 ----D---- C:\Program Files\Microsoft Office

2013-09-25 21:04:28 ----D---- C:\Windows\winsxs

2013-09-25 21:00:14 ----SD---- C:\ProgramData\Microsoft

2013-09-25 21:00:14 ----D---- C:\Program Files\Microsoft.NET

2013-09-25 09:07:54 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-09-25 09:07:53 ----D---- C:\Windows\inf

2013-09-24 21:40:58 ----D---- C:\Windows

2013-09-23 11:22:18 ----D---- C:\Windows\system32\catroot

2013-09-23 11:14:31 ----HD---- C:\Program Files\InstallShield Installation Information

2013-09-23 11:14:30 ----D---- C:\Windows\system32\DriverStore

2013-09-23 11:11:04 ----D---- C:\ProgramData\CyberLink

2013-09-23 11:11:04 ----D---- C:\Program Files\CyberLink

2013-09-23 10:59:10 ----D---- C:\Program Files\Acer

2013-09-22 21:12:35 ----D---- C:\Program Files\AVG

2013-09-22 20:00:22 ----D---- C:\Windows\system

2013-09-22 19:42:19 ----A---- C:\Windows\system32\msxml3a.dll

2013-09-22 19:42:18 ----A---- C:\Windows\system32\msvcr71.dll

2013-09-22 19:42:18 ----A---- C:\Windows\system32\msvcp71.dll

2013-09-22 19:36:17 ----D---- C:\Program Files\Common Files\InstallShield

2013-09-22 19:11:48 ----HD---- C:\Program Files\Temp

2013-09-22 18:52:52 ----D---- C:\Program Files\Launch Manager

2013-09-21 21:13:16 ----D---- C:\Program Files\Common Files\System

2013-09-21 20:01:46 ----D---- C:\Windows\system32\NDF

2013-09-20 21:04:04 ----D---- C:\Windows\system32\wfp

2013-09-20 21:04:03 ----D---- C:\Windows\system32\wbem

2013-09-20 21:04:03 ----D---- C:\Windows\registration

2013-09-20 20:59:11 ----D---- C:\Windows\system32\LogFiles

2013-09-20 20:49:58 ----D---- C:\Windows\system32\zh-TW

2013-09-20 20:49:58 ----D---- C:\Windows\system32\zh-CN

2013-09-20 20:49:58 ----D---- C:\Windows\system32\tr-TR

2013-09-20 20:49:58 ----D---- C:\Windows\system32\sv-SE

2013-09-20 20:49:58 ----D---- C:\Windows\system32\ru-RU

2013-09-20 20:49:58 ----D---- C:\Windows\system32\pt-PT

2013-09-20 20:49:58 ----D---- C:\Windows\system32\pl-PL

2013-09-20 20:49:58 ----D---- C:\Windows\system32\nl-NL

2013-09-20 20:49:58 ----D---- C:\Windows\system32\ko-KR

2013-09-20 20:49:57 ----D---- C:\Windows\system32\ja-JP

2013-09-20 20:49:57 ----D---- C:\Windows\system32\it-IT

2013-09-20 20:49:57 ----D---- C:\Windows\system32\hu-HU

2013-09-20 20:49:57 ----D---- C:\Windows\system32\fr-FR

2013-09-20 20:49:57 ----D---- C:\Windows\system32\fi-FI

2013-09-20 20:49:57 ----D---- C:\Windows\system32\es-ES

2013-09-20 20:49:57 ----D---- C:\Windows\system32\en-US

2013-09-20 20:49:57 ----D---- C:\Windows\system32\da-DK

2013-09-20 20:49:57 ----D---- C:\Windows\system32\cs-CZ

2013-09-20 20:49:56 ----D---- C:\Windows\system32\el-GR

2013-09-20 20:49:56 ----D---- C:\Windows\system32\de-DE

2013-09-20 18:59:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-09-18 21:29:12 ----D---- C:\Program Files\Realtek

2013-09-14 18:55:26 ----D---- C:\Windows\rescache

2013-09-13 11:14:02 ----D---- C:\Program Files\Internet Explorer

2013-09-13 11:04:44 ----D---- C:\Windows\system32\MRT

2013-09-13 11:01:44 ----A---- C:\Windows\system32\MRT.exe

2013-09-12 21:29:59 ----D---- C:\ProgramData\Skype

2013-09-09 19:58:07 ----D---- C:\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 14392]

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]

R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-10-02 37664]

R1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys [2006-11-02 20112]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-07-27 200192]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-07-30 4994560]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-07-29 106496]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-08-07 212528]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-09-04 2764704]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-03 223232]

R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-06-24 159776]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2012-07-04 10088]

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 27320]

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 103440]

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 4994560]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]

S3 EMVSCARD;EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [2006-12-19 20736]

S3 iaStor;iaStor; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 212400]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 176128]

R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-08-05 1807608]

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2014\avgfws.exe [2013-09-22 1358944]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-09-03 3538480]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-22 301152]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-19 688128]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 IGBASVC;EgisTec Service; C:\Program Files\Acer Bio Protection\BASVC.exe [2009-09-05 3449856]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-09-04 125472]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2013-01-31 1532728]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-18 116648]

S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]

S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-18 116648]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-18 194032]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 OWSTimer;Office Server Extensions Notification Service; C:\Program Files\Microsoft Office\Office\OWSTIMER.EXE [1999-01-12 323641]

S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2009-06-03 1019904]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-18 1343400]

-----------------EOF-----------------

kape · 3 oktober 2013

Download Zoek.zip naar het bureaublad.

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
startupall; 
 {F274614C-63F8-47D5-A4D1-FBDDE494F8D1};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
 ""=-;r
  filesrcm;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
HijackThis Log
Firefox Defaults
Reset Chrome
IE Defaults
Auto Clean
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.

pieter63 · 3 oktober 2013

Beste Kap,ik heb gedaan zoals u vroeg,hier het resultaat.

Zoek.exe Version 4.0.0.4 Updated 27-September-2013

Tool run by pierre on do 03/10/2013 at 20:10:32,54.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\pierre\Documents\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

3/10/2013 20:15:15 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

""=-

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Users\pierre\AppData\Local\WavXMapDrive.bat" not deleted

"C:\user.js" deleted

"C:\Windows\System32\SET5226.tmp" deleted

"C:\Windows\System32\SET8343.tmp" deleted

"C:\Windows\System32\SET9E23.tmp" deleted

"C:\Windows\System32\SETAF26.tmp" deleted

"C:\Windows\System32\SETCB89.tmp" deleted

"C:\Windows\System32\SETDAF4.tmp" deleted

"C:\Windows\System32\SETE12D.tmp" deleted

"C:\Windows\System32\SETF7E8.tmp" deleted

"C:\Windows\System32\SETF8FF.tmp" deleted

"C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftdownloader3@ftdownloader.com.xpi" deleted

"C:\Program Files\GoforFiles" deleted

"C:\extensions" deleted

"C:\Users\pierre\AppData\Roaming\GoforFiles" deleted

"C:\ProgramData\InstallMate" deleted

"C:\Users\pierre\AppData\Local\CRE" deleted

"C:\Users\pierre\AppData\LocalLow\DataMngr" deleted

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-09-22 17:10:18 8E7133E852ACAFC158725D5EFF635415 831488 ------r- C:\Windows\RtlExUpd.dll

2013-09-22 17:06:11 798F20E016232FB3AC3D497AE699295B 200704 ----a-w- C:\Windows\PLFSetI.exe

2013-09-22 17:06:11 15D08BD1CCE6761813377FF501DE482E 9216 ----a-w- C:\Windows\usbvideo_reg.exe

2013-09-22 17:05:31 D1996DD9C2E35E7B943AB684C73C0924 4838 ----a-w- C:\Windows\Suyin.reg

2013-09-22 17:05:31 B0AD95433FBEBE095BE12EEA3F8F3641 626688 ----a-w- C:\Windows\Image.dll

2013-09-22 17:05:31 6E46242BCB8EBBD8B5D119266D73A9D3 222382 ----a-w- C:\Windows\Acer Crystal Eye webcam.ico

2013-09-22 17:05:31 5D44B215D018CEB64A7B0F64C0333240 36 ----a-w- C:\Windows\PidList.ini

2013-09-22 17:05:31 5A92317E6933CE2D90EF221135D1324A 352256 ----a-w- C:\Windows\Acer Crystal Eye webcam.EXE

2013-09-22 16:33:37 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\hbcikrnl.ini

2013-09-21 09:38:01 CBBD5D44EA4A7C217BF9F2255EAF2173 317250568 ----a-w- C:\Windows\MEMORY.DMP

2013-09-14 15:44:21 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagerr.xml

2013-09-14 15:44:21 809111616915009267F11B3A702E6254 2562 ----a-w- C:\Windows\diagwrn.xml

====== C:\Users\pierre\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\system32 =====

2013-09-22 17:47:46 79BBBAF998CD574B25CA75071C68DA6B 143360 ----a-w- C:\Windows\System32\bioapi_mds300.dll.bak

2013-09-22 17:47:46 79BBBAF998CD574B25CA75071C68DA6B 143360 ----a-w- C:\Windows\System32\bioapi_mds300.dll

2013-09-22 17:47:46 316C7D3A5EDF47C602A35CF4AAB606A9 106496 ----a-w- C:\Windows\System32\bioapi100.dll.bak

2013-09-22 17:47:46 316C7D3A5EDF47C602A35CF4AAB606A9 106496 ----a-w- C:\Windows\System32\bioapi100.dll

2013-09-22 17:10:46 DD0D2AADD8A34D70E6F6B936DF2F03BD 1784352 ----a-w- C:\Windows\System32\WavesLib.dll

2013-09-22 17:10:44 E067361E60FCAE24790B88135895F3C8 135168 ----a-w- C:\Windows\System32\SRSWOW.dll

2013-09-22 17:10:43 E5639080A7FFA5F03642F4D4CDB1E9CE 339968 ----a-w- C:\Windows\System32\SRSTSXT.dll

2013-09-22 17:10:43 D175A215DF2ECC0D3B3AFBDFFEAE4087 167936 ----a-w- C:\Windows\System32\SRSHP360.dll

2013-09-22 17:10:43 BA21C4B843B4B1DD787A660E17589F4D 185776 ----a-w- C:\Windows\System32\SRSTSHD.dll

2013-09-22 17:10:41 E62942FEB7FF1CEC6D8FD697F0399DD5 53280 ----a-w- C:\Windows\System32\RtkCoInst.dll

2013-09-22 17:10:41 CEFF4579E8CD3155C87DB67B23897682 1295392 ----a-w- C:\Windows\System32\RtkPgExt.dll

2013-09-22 17:10:41 9EBD95E01360E05522A317C39C6E7E78 338464 ----a-w- C:\Windows\System32\RtkApoApi.dll

2013-09-22 17:10:39 723F1DDCCE187D0227480AD4A546AA82 2964512 ----a-w- C:\Windows\System32\RtkAPO.dll

2013-09-22 17:10:33 F98295A1A7DCCFF6D06FC88BF498C0F6 551456 ----a-w- C:\Windows\System32\RTSndMgr.cpl

2013-09-22 17:10:32 FF8384B9A86595D056CAA218B1F55C90 59392 ----a-w- C:\Windows\System32\RTEEG32A.dll

2013-09-22 17:10:32 D9A42E333EF615EF85FE8F951F2F4A5B 73216 ----a-w- C:\Windows\System32\RTEEL32A.dll

2013-09-22 17:10:32 C70030B1F33DF9EBF2EF78E64095A876 347648 ----a-w- C:\Windows\System32\RTEEP32A.dll

2013-09-22 17:10:32 861560B4E1488DDD7A27EFB1264B68B8 164864 ----a-w- C:\Windows\System32\RTEED32A.dll

2013-09-22 17:10:30 7E2B73200E4169AED13F955A62FC8D47 290304 ----a-w- C:\Windows\System32\RP3DHT32.dll

2013-09-22 17:10:30 7458B8F9AC005CA29BCD6C133B2E4DF4 1933312 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll

2013-09-22 17:10:30 0FE8E6440F9CFD5F32BB0BDDE4347A55 290304 ----a-w- C:\Windows\System32\RP3DAA32.dll

2013-09-22 17:10:28 A9E5D24FB8AC7AE548BACD085CB0D583 159744 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll

2013-09-22 17:10:28 26AE7FE6953D584D349A91A72849A771 126976 ----a-w- C:\Windows\System32\MaxxAudioAPO.dll

2013-09-22 17:10:26 66473EC32364A566EAB113A7DD5D921C 267264 ----a-w- C:\Windows\System32\FMAPO.dll

2013-09-22 17:10:24 C8D30EA2E09EB35B2741CA2F7A93249E 142848 ----a-w- C:\Windows\System32\AERTACap.dll

2013-09-22 17:10:24 6DFB7FB4BF8BC0EFBD2786261E732888 125952 ----a-w- C:\Windows\System32\AERTARen.dll

2013-09-22 16:59:42 E1822DA78C37D5702FFB84B4689E2381 53248 ----a-r- C:\Windows\System32\CSVer.dll

2013-09-22 16:31:58 F9CF2DB8B99DC50EAB538C4D860AC1A4 1419232 ----a-w- C:\Windows\System32\WdfCoInstaller01005.dll

2013-09-22 16:25:34 3AE2CBCEE209C5F78A7B4417C5DB129D 161064 ----a-w- C:\Windows\System32\SynTPAPI.dll

2013-09-22 16:25:33 9747DBB7293AC99E8E8609D0A0F42896 1176312 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll

2013-09-22 16:25:33 5AA4A5769C6D814D82B86B6494A67C42 206120 ----a-w- C:\Windows\System32\SynCtrl.dll

2013-09-22 16:25:33 19B75E0D5DEDA89868E733EA81C637F2 120104 ----a-w- C:\Windows\System32\SynTPCo4.dll

2013-09-22 15:45:50 ECF01C1E13591A1350FCF91D4197D9E2 1172992 ----a-w- C:\Windows\System32\athr.sys

2013-09-22 15:45:50 DE95D22EB0DDE4F22A8FFD11080DF8AF 277960 ----a-w- C:\Windows\System32\netathr.inf

2013-09-22 15:45:50 5963FC6EB3DBFEBA5FCC678FFBB19020 47911 ----a-w- C:\Windows\System32\athrext.cat

2013-09-20 18:49:52 D0E58D43569C731D7F8E6423E20BBF7C 53248 ----a-w- C:\Windows\System32\athihvui.dll

2013-09-20 18:49:52 A95103445736BDB4903A4067C257F2C5 393216 ----a-w- C:\Windows\System32\athihvs.dll

2013-09-20 18:47:02 DB304C20F7BB5A21FA77512C1A78BF76 11731 ----a-w- C:\Windows\System32\netr28.cat

2013-09-20 18:47:02 A013222A9A890DDAAC967DEBADE59EAD 388096 ----a-w- C:\Windows\System32\netr28.sys

2013-09-20 18:47:02 657443FFC61E4C7EBC495BB5DBB597FA 14028 ----a-w- C:\Windows\System32\RaCoInst.dat

2013-09-20 18:47:02 44D073602975806DE9E531296A80DB23 17906 ----a-w- C:\Windows\System32\netr28.inf

2013-09-20 18:47:02 0E83548497469A14B98085C1543C2005 217088 ----a-w- C:\Windows\System32\RaCoInst.dll

====== C:\Windows\system32\drivers =====

2013-09-22 17:10:32 82C6CC8EF3494884AED412C127F36EA9 2764704 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2013-09-22 16:32:18 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01005.Wdf

2013-09-22 16:26:03 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

2013-09-22 16:25:35 47183E3520C88FADD5B0C87D57040DA5 212400 ----a-w- C:\Windows\System32\drivers\SynTP.sys

2013-09-12 18:25:24 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys

2013-09-10 20:11:44 C3828E5C49924969799ED8B1E123A267 22840 ----a-w- C:\Windows\System32\drivers\avgidsshimx.sys

2013-09-08 20:12:16 9745AD34365318593909EDDEDAE66B9A 27448 ----a-w- C:\Windows\System32\drivers\avgrkx86.sys

====== C:\Windows\Tasks ======

2013-09-22 18:29:48 45231EC4DB741BB00DAADA2173CE3A90 3644 ----a-w- C:\Windows\system32\Tasks\Secure Upgrade

2013-09-22 16:35:43 E726030C32B6316AA69223C3A5F1B622 3244 ----a-w- C:\Windows\system32\Tasks\{63B9782E-5077-4771-AC39-8BF181DA6B6A}

2013-09-22 16:19:30 66D583135D7E02EE561E0A4BC86056A0 3402 ----a-w- C:\Windows\system32\Tasks\{C24F0CFF-745B-4410-BC34-3A20AD0DE563}

2013-09-22 16:18:25 E867A926CC44A4DF53AC7C17B071DAD1 3404 ----a-w- C:\Windows\system32\Tasks\{A98202B8-F5EA-4415-9308-2FEEA38C5FF5}

2013-09-22 16:17:16 068BCF2BA9A7D3AF7F93C661E53DD73F 3232 ----a-w- C:\Windows\system32\Tasks\{D0438C71-1F7C-40CB-90BA-CB61D72D4D34}

2013-09-20 18:23:16 58039CEED3B5F39E7C3B4A83B282BFD7 3098 ----a-w- C:\Windows\system32\Tasks\{F4231172-B0FD-470B-A157-494ED92FAE11}

2013-09-19 18:30:38 B52302A647BBB24C882FA28E08FB3DA3 3276 ----a-w- C:\Windows\system32\Tasks\{FD401601-572D-48ED-AA5D-89C418EBB16D}

2013-09-19 18:21:55 FC83E2EE84C5305CD69099DBE29ACD48 3280 ----a-w- C:\Windows\system32\Tasks\{8BDD844B-9589-427D-A7C7-060B2C2E2002}

2013-09-18 19:26:01 70BFB26D0627ED8BA0D91FF56F704186 3220 ----a-w- C:\Windows\system32\Tasks\{518DE219-0A4B-48DC-8D02-FA89EEAE5241}

2013-09-18 11:09:15 7AF288FE0349A1045C5BE98508430BB6 2750 ----a-w- C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-03 08:47:45 -------- d-----w- C:\Program Files\trend micro

2013-09-25 19:00:29 -------- d-----w- C:\Program Files\Common Files\DESIGNER

2013-09-25 18:57:14 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2013-09-22 17:47:17 -------- d-----w- C:\Program Files\Wave Systems Corp

2013-09-22 17:46:41 -------- d-----w- C:\Program Files\NTRU Cryptosystems

2013-09-22 17:19:15 -------- d-----w- C:\Program Files\Acer Bio Protection

2013-09-22 17:12:20 -------- d-----w- C:\Program Files\Fingerprint Sensor

2013-09-22 17:06:34 -------- d-----w- C:\Program Files\JMicron

2013-09-22 16:57:31 -------- d-----w- C:\Program Files\Intel

2013-09-22 16:48:01 -------- d-----w- C:\Program Files\LSI SoftModem

2013-09-22 16:25:46 -------- d-----w- C:\Program Files\Synaptics

2013-09-22 16:17:07 -------- d-----w- C:\Program Files\AVerMedia

2013-09-22 15:45:50 -------- d-----w- C:\Program Files\Atheros

2013-09-20 18:43:25 -------- d-----w- C:\Program Files\Broadcom

2013-09-19 18:43:25 -------- d-----w- C:\Program Files\Option

2013-09-14 16:18:53 -------- d-----w- C:\Program Files\Windows Live

2013-09-09 17:58:12 -------- d-----w- C:\Program Files\BeID Minidriver

2013-09-09 17:58:11 -------- d-----w- C:\Program Files\Belgium Identity Card

======= C: =====

====== C:\Users\pierre\AppData\Roaming ======

2013-09-22 19:14:27 -------- d-----w- C:\Users\pierre\AppData\Roaming\AVG2014

2013-09-22 19:14:17 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014

2013-09-22 19:12:36 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014

2013-09-22 19:08:31 -------- d-----w- C:\Users\pierre\AppData\Local\Avg2014

2013-09-22 19:07:47 -------- d-----w- C:\Users\pierre\AppData\Local\Avg2013

2013-09-22 18:51:18 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013

2013-09-22 18:00:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\pierre\AppData\Local\WavXMapDrive.bat

2013-09-22 17:49:42 -------- d-----w- C:\Users\pierre\AppData\Local\Wave Systems Corp

2013-09-22 17:47:23 -------- d-----w- C:\Users\pierre\AppData\Roaming\Wave Systems Corp

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\AppData\Local\Temporary Internet Files

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\AppData\Local\Geschiedenis

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\AppData\Local\Application Data

2013-09-22 17:36:26 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Programs

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-09-20 17:14:59 -------- d-----w- C:\Users\pierre\AppData\Local\DriverTuner

2013-09-19 16:51:29 -------- d-----r- C:\Users\pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-09-11 20:11:08 -------- d-----w- C:\Users\pierre\AppData\Roaming\Skype

====== C:\Users\pierre ======

2013-10-03 08:46:33 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\pierre\Downloads\RSIT.exe

2013-10-02 18:08:48 5611140E8CC5927D371C27EA1F9E71A6 1045226 ----a-w- C:\Users\pierre\Downloads\adwcleaner.exe

2013-09-30 22:06:02 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\pierre\Documents\Z-Analyse.exe

2013-09-25 19:01:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2013-09-22 19:13:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-09-22 19:13:17 -------- d-----w- C:\ProgramData\AVG2014

2013-09-22 17:47:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beveiliging door Wave Systems

2013-09-22 17:46:41 -------- d-----w- C:\ProgramData\NTRU Cryptosystems

2013-09-22 17:45:48 -------- d-----w- C:\ProgramData\Wave Systems Corp

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Sjablonen

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\SendTo

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Recent

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Netwerkprinteromgeving

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\NetHood

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Mijn documenten

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Menu Start

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Local Settings

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Cookies

2013-09-22 17:36:26 -------- d-sh--we C:\Windows\system32\config\systemprofile\Application Data

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Videos

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Saved Games

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Pictures

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Links

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Favorites

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Downloads

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Documents

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Desktop

2013-09-22 17:36:26 -------- d-----r- C:\Windows\system32\config\systemprofile\Contacts

2013-09-22 17:36:25 -------- d-----r- C:\Windows\system32\config\systemprofile\Searches

2013-09-22 17:36:25 -------- d-----r- C:\Windows\system32\config\systemprofile\Music

2013-09-22 17:34:29 -------- d-----w- C:\ProgramData\QUALCOMM

2013-09-22 17:20:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

2013-09-22 17:05:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam

2013-09-21 20:05:34 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\pierre\Downloads\mbam-setup-1.75.0.1300.exe

2013-09-20 18:46:35 -------- d-----w- C:\ProgramData\Ralink

2013-09-09 17:58:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID

====== C: exe-files ==

2013-10-03 08:47:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\pierre.exe

2013-10-03 08:46:33 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\pierre\Downloads\RSIT.exe

2013-10-02 18:08:48 5611140E8CC5927D371C27EA1F9E71A6 1045226 ----a-w- C:\Users\pierre\Downloads\adwcleaner.exe

2013-10-02 16:44:00 E8D77A2855FEDAA1CEDB0D34CFDA4600 4674584 ----a-w- C:\Windows\Temp\{15028A1D-BE4A-4CDA-BD13-E3FEB721E1EA}.exe

2013-09-30 22:06:02 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\pierre\Documents\Z-Analyse.exe

2013-09-28 19:00:22 E0C3E3838633B8FA041710632F63B050 4676632 ----a-w- C:\Windows\Temp\{07B4A70E-DE7E-485E-A0F6-1DAEEDA6398D}.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-239940234-3266287799-346833701-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OWS Setup CmdLine"="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe /pkg Office 2000 Server Extensions"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe "

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe "

"LManager"="C:\Program Files\Launch Manager\LManager.exe"

"PLFSetI"="C:\Windows\PLFSetI.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"VitaKeyPdtWzd"="C:\Program Files\Acer Bio Protection\PdtWzd.exe"

"ODDPwr"="C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"

"Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe"

"WavXMgr"="C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe"

"EmbassySecurityCheck"="C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"ChangeTPMAuth"="C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"swg"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SecureUpgrade"="\"C:\\Program Files\\Wave Systems Corp\\SecureUpgrade.exe\""

==== Startup Folders ======================

2013-09-17 04:55:05 2073 ---ha-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/11/2012 23:08]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/11/2012 23:08]

==== Firefox Extensions ======================

ExtDir: C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- FT Downloader - %ExtDir%\ftd@ftd.com.xpi

==== Firefox Plugins ======================

==== Deleting Files \ Folders ======================

"C:\Users\pierre\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\ftd@ftd.com.xpi" deleted

==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag"

"Search Page"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Start Page"="HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6004C7E6-AAE5-47AA-A93C-4D489CA8E2E9}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6004C7E6-AAE5-47AA-A93C-4D489CA8E2E9} Google Url="{searchTerms} - Google zoeken"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{b0441a0e-a49a-4e16-afc1-74ecced1921f} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-239940234-3266287799-346833701-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== HijackThis Entries ======================