Mogelijk virus

[Jade]

Beste pc-helpmedewerker,

Na het verkeerd downloaden van een bestand op internet, heb ik last van opeens verschijnende reclames en dat soort praktijken.

Het gebeurt wel alleen als ik Mozilla Firefox gebruik.

Ik heb een HiJackthisLog gemaakt en hoop dat u me kan helpen. Alvast bedankt.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 1:12:07, on 27-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe

C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll

O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"

O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O4 - Global Startup: vpngui.exe.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--

End of file - 14987 bytes

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

In je logjes zitten ook nog twee antivirusprogramma's (McAfee en GData). Die zullen elkaar eerder tegenwerken dan de veiligheid verhogen. Blijkbaar is GData de "actieve" scanner. Wil je even melden of dit zo is, dan nemen we - bij het verwijderen - ineens McAfee mee. Of omgekeerd, mocht je McAfee verkiezen boven GData.

[Jade]

Bedankt voor de snelle reactie. Ik heb inderdaad twee scanners. Alleen beide scanners zijn verlopen en niet meer actief. Na dit opgelost te hebben wil ik waarschijnlijk McAfee verlengen. Gdata mag dus wat mij betreft weg.

Hierbij de Log:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Emmy at 2013-10-27 12:29:44

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 262 GB (57%) free of 461 GB

Total RAM: 3948 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:29:55, on 27-10-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe

C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\trend micro\Emmy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"

O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O4 - Global Startup: vpngui.exe.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--

End of file - 14603 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

"C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe"

winlogon.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 37713520

C:\ProgramData\eSafe\eGdpSvc.exe

\??\C:\Windows\system32\conhost.exe "-1757915117-705199051478481944192383376227072009683521270916130325732115442648

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe"

"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"

"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"

"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"

"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"

"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE

"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"

"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\WebDrive\wdService.exe"

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

WLIDSvcM.exe 2416

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" -Embedding

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding

"taskhost.exe"

taskeng.exe {4FE8A9AF-28BF-4B5B-A7FE-963287F02CC0}

"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"

"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" -runhelper

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

C:\Windows\system32\igfxsrvc.exe -Embedding

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4

"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

"C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

C:\Windows\system32\igfxext.exe -Embedding

"C:\Program Files\WebDrive\WebDrive.exe" /trayicon

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

"C:\Program Files (x86)\Launch Manager\LManager.exe"

"C:\DOLBY PCEE4\pcee4.exe" -autostart

"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe"

"C:\Program Files (x86)\Launch Manager\LMworker.exe"

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"

"C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

C:\Windows\system32\sppsvc.exe

C:\Windows\servicing\TrustedInstaller.exe

"C:\Users\Emmy\Downloads\RSITx64.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897

prefs.js - "browser.search.useDBForOrder" - "false"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Users\Emmy\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]

"Description"=

"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]

"Description"=McAfee Mss Plugin

"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]

"Description"=

"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\

{906305f7-aafc-45e9-8bbd-941950a84dad}

{9AA46F4F-4DC7-4c06-97AF-5035170633FE}

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

np-mswmp.dll

NPOFF12.DLL

nppdf32.dll

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\

{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\

firefox-add-ons.xml

Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]

G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-04 351008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-04 53536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]

G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-20 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]

G Data BankGuard - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376]

{ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 168216]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 416024]

"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-10 11785832]

"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-09 2189416]

"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"=C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-11 1140736]

"WebDriveTray"=C:\Program Files\WebDrive\webdrive.exe [2010-05-25 2442328]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-09-14 283160]

"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]

"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-17 407920]

"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-17 201584]

"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]

"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-03-09 297280]

"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]

"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]

"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-02-18 177448]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-18 421736]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

"G Data AntiVirus Tray Application"=C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [2011-09-22 1012232]

"GDFirewallTray"=C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2011-09-22 1619976]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"tuto4pc_pt_28"=C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe [2013-10-11 3989488]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]

"upt4pc_pt_28.exe"=C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe [2013-10-11 3154416]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

vpngui.exe.lnk - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-20 247296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-27 12:29:45 ----D---- C:\Program Files\trend micro

2013-10-27 12:29:44 ----D---- C:\rsit

2013-10-26 23:30:00 ----D---- C:\ProgramData\eSafe

2013-10-26 23:29:52 ----D---- C:\Program Files (x86)\tuto4pc_pt_28

2013-10-18 16:26:34 ----D---- C:\Program Files\McAfee Security Scan

2013-10-11 13:19:37 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-11 13:19:36 ----A---- C:\Windows\system32\ieui.dll

2013-10-11 13:19:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-10-11 13:19:34 ----A---- C:\Windows\system32\iesetup.dll

2013-10-11 13:19:34 ----A---- C:\Windows\system32\iernonce.dll

2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-11 13:19:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-11 13:19:32 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-11 13:19:32 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-11 13:19:31 ----A---- C:\Windows\system32\iertutil.dll

2013-10-11 13:19:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-11 13:19:29 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-11 13:19:28 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-11 13:19:28 ----A---- C:\Windows\system32\jscript.dll

2013-10-11 13:19:27 ----A---- C:\Windows\system32\jscript9.dll

2013-10-11 13:19:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-11 13:19:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-11 13:19:24 ----A---- C:\Windows\system32\urlmon.dll

2013-10-11 13:19:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-11 13:19:22 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-11 13:19:21 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-11 13:19:20 ----A---- C:\Windows\system32\wininet.dll

2013-10-11 13:19:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-11 13:19:18 ----A---- C:\Windows\system32\ieframe.dll

2013-10-11 13:19:15 ----A---- C:\Windows\system32\mshtml.dll

2013-10-11 13:19:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-09 23:26:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-09 23:26:31 ----A---- C:\Windows\system32\comctl32.dll

2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-09 23:13:47 ----A---- C:\Windows\system32\lpk.dll

2013-10-09 23:13:47 ----A---- C:\Windows\system32\fontsub.dll

2013-10-09 23:13:47 ----A---- C:\Windows\system32\dciman32.dll

2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmlib.dll

2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmfd.dll

2013-10-09 23:08:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys

2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-09 22:47:38 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-09 22:47:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-09 22:47:38 ----A---- C:\Windows\system32\davclnt.dll

2013-10-09 22:47:28 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-09 22:47:28 ----A---- C:\Windows\system32\mswsock.dll

2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-09 22:47:10 ----A---- C:\Windows\system32\win32k.sys

2013-10-09 22:47:06 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-09 22:47:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-09 22:47:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-09 22:47:04 ----A---- C:\Windows\system32\advapi32.dll

2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-09 22:47:03 ----A---- C:\Windows\system32\wow64.dll

2013-10-09 22:47:03 ----A---- C:\Windows\system32\tdh.dll

2013-10-09 22:47:03 ----A---- C:\Windows\system32\ntdll.dll

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-09 22:44:41 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:44:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:44:26 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-09 22:44:19 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 month======

2013-10-27 12:29:56 ----D---- C:\Windows\Prefetch

2013-10-27 12:29:51 ----D---- C:\Windows\Temp

2013-10-27 12:29:45 ----RD---- C:\Program Files

2013-10-27 12:29:43 ----D---- C:\Users\Emmy\AppData\Roaming\Dropbox

2013-10-27 12:28:53 ----D---- C:\Windows\system32\config

2013-10-27 12:01:35 ----D---- C:\Windows\System32

2013-10-27 12:01:34 ----D---- C:\Windows\inf

2013-10-27 12:01:34 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-27 11:58:27 ----A---- C:\Windows\SYSWOW64\log.txt

2013-10-27 11:56:27 ----D---- C:\ProgramData\clear.fi

2013-10-27 01:05:08 ----D---- C:\Users\Emmy\AppData\Roaming\Skype

2013-10-26 23:30:00 ----D---- C:\ProgramData

2013-10-26 23:29:52 ----RD---- C:\Program Files (x86)

2013-10-26 22:35:31 ----SHD---- C:\System Volume Information

2013-10-18 21:15:38 ----SHD---- C:\Windows\Installer

2013-10-18 21:15:37 ----D---- C:\ProgramData\Skype

2013-10-18 21:15:34 ----RD---- C:\Program Files (x86)\Skype

2013-10-18 16:15:38 ----D---- C:\Windows\Microsoft.NET

2013-10-18 16:15:00 ----RSD---- C:\Windows\assembly

2013-10-14 21:07:48 ----D---- C:\Windows\winsxs

2013-10-14 21:06:45 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-14 21:06:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-13 23:57:09 ----D---- C:\Windows\system32\catroot2

2013-10-13 23:55:58 ----D---- C:\Windows\SysWOW64

2013-10-13 23:55:53 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-13 23:55:48 ----D---- C:\Program Files\Internet Explorer

2013-10-13 23:55:46 ----D---- C:\Windows\system32\drivers

2013-10-13 23:55:36 ----D---- C:\Windows\AppPatch

2013-10-13 23:55:06 ----D---- C:\Windows\system32\DriverStore

2013-10-11 20:44:49 ----D---- C:\Users\Emmy\AppData\Roaming\Spotify

2013-10-11 14:07:18 ----D---- C:\Windows\rescache

2013-10-11 13:24:02 ----D---- C:\ProgramData\Microsoft Help

2013-10-11 13:20:11 ----D---- C:\Windows\system32\catroot

2013-10-11 13:08:51 ----D---- C:\Windows\system32\MRT

2013-10-11 13:03:28 ----A---- C:\Windows\system32\MRT.exe

2013-10-11 12:56:48 ----D---- C:\Windows\system32\nl-NL

2013-10-09 20:34:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-10-27 50552]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-23 59728]

R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-10-27 110968]

R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [2011-10-27 65912]

R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-10-07 106488]

R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-10-27 51576]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-06-08 22912]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-06-08 20328]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-06-08 62584]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

R2 WebDriveFSD;WebDrive Filesystem Driver; \??\C:\Program Files\WebDrive\wdfsd.sys [2010-05-25 118872]

R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\drivers\b57xdbd.sys [2011-01-21 67624]

R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\drivers\b57xdmp.sys [2011-01-21 19496]

R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-01 4720704]

R3 bScsiMSa;bScsiMSa; C:\Windows\system32\drivers\bScsiMSa.sys [2011-01-20 52264]

R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]

R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]

R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]

R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-10-27 59256]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-15 2814952]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]

S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon64.sys [2011-09-21 31448]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]

R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-09-22 1500680]

R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2011-09-22 464392]

R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-05-26 1929104]

R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]

R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

R2 WebDriveService;WebDrive Service; C:\Program Files\WebDrive\wdService.exe [2010-05-25 2156120]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-10-26 1706064]

R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-08-10 1556816]

R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2011-09-22 448008]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-18 934760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 655624]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-17 118680]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[kape]

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand jxpiinstall.exe wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op jxpiinstall.exe om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
emptyfolderscheck;delete
 {0124123D-61B4-456f-AF86-78C53A0790C5};c
 C:\Program Files (x86)\G Data;fs
 {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC};c
 C:\Program Files (x86)\Common Files\G Data;fs
 G Data AntiVirus Tray Application;s
 GDFirewallTray;s
 AVKService;s
 AVKProxy;s
 AVKWCtl;s
 GDFwSvc;s
 GDScan;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}];r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "G Data AntiVirus Tray Application"=-;r64
 "GDFirewallTray"=-;r64
 startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Jade]

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Emmy on ma 28-10-2013 at 15:26:25,54.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Emmy\Desktop\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-10-28-151039.log 4685 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Emmy\AppData\Roaming\Publish Providers deleted successfully

C:\Users\Emmy\AppData\Local\PackageAware deleted successfully

==== Creating Sample_28-10-2013_1539.zip ======================

Copied file C:\ProgramData\MxlfprbVJsBCd.exe to sample\MxlfprbVJsBCd.exe

Copied file C:\ProgramData\YTYuWibiySyhLX.exe to sample\YTYuWibiySyhLX.exe

sample\MxlfprbVJsBCd.exe renamed to D41D8CD98F00B204E9800998ECF8427E

sample\YTYuWibiySyhLX.exe renamed to D41D8CD98F00B204E9800998ECF8427E

C:\Users\Public\Desktop\sample_28-10-2013_1539.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKProxy deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKProxy deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKProxy deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKProxy deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKWCtl deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKWCtl deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDFwSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDFwSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDScan deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GDScan deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDScan deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\GDScan deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js:

user_pref("browser.search.useDBForOrder", "false");

Added to C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js:

ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_28-10-2013_1540_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"G Data AntiVirus Tray Application"=-

"GDFirewallTray"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\eSafe deleted

C:\ProgramData\IBUpdaterService deleted

C:\Users\Emmy\Downloads\SoftonicDownloader_voor_inkscape.exe deleted

C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin(1).exe deleted

C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin.exe deleted

C:\Users\Emmy\AppData\LocalLow\Softonic deleted

C:\Users\Emmy\AppData\LocalLow\Smartbar deleted

C:\Windows\wininit.ini deleted

C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\Web Search.xml deleted

C:\ProgramData\MxlfprbVJsBCd.exe deleted

C:\ProgramData\YTYuWibiySyhLX.exe deleted

"C:\Program Files (x86)\Common Files\G Data\ObjBrwse.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" not deleted

"C:\PROGRA~2\tuto4pc_pt_28\tuto4pc_pt_28.exe" deleted

"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\ASK\GDASpam.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwsc64.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\MiniIcpt2X64.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK\SysIcptx64.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Common\AVKRes.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap32.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKIM.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\avksmtp.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourService64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourServiceResources64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdDeepAnalyse64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\gdwfpcd.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\SecSrv.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\AVKScanP.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\AvkScanPx64.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\GDScan\AVKScanPS.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\aswEngLdrOem.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\avxdisk.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\bdcore.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" not deleted

"C:\Program Files (x86)\G Data" not deleted

"C:\Program Files (x86)\Common Files\G Data" not deleted

"C:\PROGRA~2\tuto4pc_pt_28" deleted

"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28" deleted

"C:\Program Files (x86)\G Data\InternetSecurity" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\ASK" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVK" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Common" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall" not deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Shredder" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKProxy" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP" not deleted

"C:\Program Files (x86)\Common Files\G Data\GDScan" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs" not deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Emmy\AppData\Local\Temp ====

2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe

2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe

2013-10-17 19:06:40 3C9C391E565D6A7418964C9E9D146CD9 457296 ------w- C:\Users\Emmy\AppData\Local\Temp\is2095933935\199609084_stp\cor_ar_qone8.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2013-10-28 14:56:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2013-10-28 14:56:46 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2013-10-28 14:56:46 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-28 14:56:46 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-10-09 23:08:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-09 23:07:38 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-09 23:07:38 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys

2013-10-09 23:07:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-09 23:07:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-09 22:47:38 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-09 22:47:28 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-09 22:47:28 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-09 22:44:26 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

2013-10-28 15:26:46 B4B4661FCD9823E9F902E60EA9A0F8C5 3100 ----a-w- C:\Windows\Sysnative\Tasks\{7C7B3737-5FC7-412B-B209-0C26306896C2}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-27 12:29:45 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2013-10-28 14:58:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2013-10-28 14:56:30 -------- d-----w- C:\PROGRA~2\Java

======= C: =====

====== C:\Users\Emmy\AppData\Roaming ======

2013-10-28 14:38:09 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun

2013-10-26 23:29:49 -------- d-----w- C:\Users\Emmy\AppData\Local\Programs

====== C:\Users\Emmy ======

2013-10-28 14:56:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-28 14:30:30 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\Users\Emmy\Downloads\jxpiinstall.exe

2013-10-27 12:28:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Emmy\Downloads\RSITx64.exe

2013-10-26 23:29:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUTO4PC

2013-10-26 23:28:47 1C48841E422DF02EE4A9F785FE00FCD6 611648 ----a-w- C:\Users\Emmy\Downloads\le-fabuleux-destin-damelie-poulain-eng-4781112.exe

2013-10-09 20:56:23 -------- d-----w- C:\Users\Emmy\5-10 km

====== C: exe-files ==

2013-10-28 15:24:23 464692C94730F7234BE3C24A72141B00 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$ID9R3F2.exe

2013-10-28 15:23:47 AE2A651D96799156164C61C8189ACB5F 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RD9R3F2.exe

2013-10-28 15:21:09 03E88119CEA4BAB37ABCF6BA2BB6B0D1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IA7WYPN.exe

2013-10-28 15:07:57 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RWCN002\Z-Analyse.exe

2013-10-28 15:06:17 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RA7WYPN.exe

2013-10-28 14:56:34 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe

2013-10-28 14:56:34 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe

2013-10-28 14:56:34 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe

2013-10-28 14:56:34 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe

2013-10-28 14:56:34 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe

2013-10-28 14:56:34 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe

2013-10-28 14:56:34 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe

2013-10-28 14:56:34 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe

2013-10-28 14:56:34 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe

2013-10-28 14:56:34 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe

2013-10-28 14:56:34 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe

2013-10-28 14:56:34 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe

2013-10-28 14:56:34 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe

2013-10-28 14:56:34 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe

2013-10-28 14:56:34 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe

2013-10-28 14:56:33 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe

2013-10-28 14:56:33 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe

2013-10-28 14:56:33 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe

2013-10-28 14:56:33 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

2013-10-28 14:56:33 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe

2013-10-28 14:56:33 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe

2013-10-28 14:40:31 D6B709CB3C1FBE805DE8961F572A971C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I4KK3C8.exe

2013-10-28 14:31:32 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R4KK3C8.exe

2013-10-27 12:29:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Emmy.exe

2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe

2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe

=== C: other files ==

2013-10-28 15:24:23 C3BA2BD8148F4E13BAF4B35832BBA7FE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I0HHZV1.zip

2013-10-28 15:24:23 358AB50FDB0DB39ABA1E898197363F45 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IZ63PNU.com

2013-10-28 15:23:46 D836D31D211FC1109A40490CE1995516 1393061 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RZ63PNU.com

2013-10-28 15:14:58 1D483F455EB8FEE959A17ED1979416F6 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IIWZIR0.zip

2013-10-28 15:14:26 A299BC2E273DEAF8D7741FE0D3BC38EF 4035542 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R0HHZV1.zip

2013-10-28 15:02:13 88F31293B1362217F718D7786E90A6A7 2521086 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RIWZIR0.zip

2013-10-28 14:56:35 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

2013-10-26 23:29:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DG9T4I63\1.1.6.6[1].crx

2013-10-26 23:29:38 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\newtab.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"

"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart"

"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"tuto4pc_pt_28"="C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"upt4pc_pt_28.exe"="C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"

==== Startup Folders ======================

2011-12-15 21:09:16 1051 ----a-w- C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2013-01-19 12:55:19 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

2013-01-18 13:28:20 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-10-2013 20:34]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]

"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]

"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]

"C:\Windows\SysNative\tasks\{610CF1B8-6945-4F11-81B2-847C255F9A5C}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe]

"C:\Windows\SysNative\tasks\{F035AC8A-7292-42B6-8945-AB9DD91A403F}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897

- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- G Data BankGuard - %AppDir%\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}

- G Data WebFilter - %AppDir%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner +

C548328E9DE5EB73350EF292D7140662 - C:\Users\Emmy\Picasa3\npPicasa3.dll - Picasa

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Emmy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[]

==== Chrome Fix ======================

C:\Users\Emmy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{30C03312-7964-4677-8F81-FC0845ADE690} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O4 - Global Startup: vpngui.exe.lnk = ?

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe (file missing)

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Emmy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Emmy\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Emmy\AppData\Local\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Emmy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" deleted

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not found

"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not found

"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" deleted

"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" deleted

"C:\Program Files (x86)\G Data" not found

"C:\Program Files (x86)\Common Files\G Data" deleted

==== EOF on ma 28-10-2013 at 15:59:19,90 ======================

[kape]

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

[Jade]

# AdwCleaner v3.010 - Report created 28/10/2013 at 16:43:27

# Updated 20/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Emmy - EMMY-PC

# Running from : C:\Users\Emmy\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin(1)_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\smartbar

Key Deleted : HKCU\Software\smartbarbackup

Key Deleted : HKCU\Software\smartbarlog

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\Tutorials

Key Deleted : HKCU\Software\TutoTag

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\Savings Sidekick

Key Deleted : HKLM\Software\eSafeSecControl

Key Deleted : HKLM\Software\qone8Software

Key Deleted : HKLM\Software\Softonic

Key Deleted : HKLM\Software\Tuto4PC

Key Deleted : HKLM\Software\Tutorials

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (nl)

[ File : C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js ]

*************************

AdwCleaner[R0].txt - [8268 octets] - [28/10/2013 16:37:26]

AdwCleaner[s0].txt - [7918 octets] - [28/10/2013 16:43:27]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7978 octets] ##########

[kape]

En krijg je nu nog ongewenste reclameboodschappen ?

[Jade]

Nee volgens mij is het weg! Is daarmee alles opgelost? Echt heel erg bedankt!

Nog één vraagje, als ik een nieuwe virusscanner wil, moet ik dus McAffee verwijderen?

Groetjes

[kape]

Nee volgens mij is het weg! Is daarmee alles opgelost? Echt heel erg bedankt!

Uitstekend ... dan zou het probleem opgelost moeten zijn, ja. Enkel nog de gebruikte tools en wat restjes verwijderen. Dat doe je zo:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Nog één vraagje, als ik een nieuwe virusscanner wil, moet ik dus McAffee verwijderen?

Dat moet je inderdaad het eerste doen (vóór je een nieuwe scanner downloadt en installeert). Verwijderen kan je best met de speciale Removal Tool voor McAfee.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.