Qone8

[divermickey]

Hallo,

sinds enkele dagen heb ik als opstart pagina qone8.

Weet er iemand hoe ik deze kan verwijderen ?

Alvast bedankt.

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[divermickey]

Hieronder dan het logbestandje.

Bedankt alvast.

Logfile of random's system information tool 1.09 (written by random/random)

Run by Michel at 2013-11-07 13:29:50

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 218 GB (49%) free of 450 GB

Total RAM: 16350 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:29:59, on 7/11/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\Michel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Start.qone8.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Start.qone8.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Start.qone8.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [TrayServer] C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SAS Core Service (SASCORE) - Unknown owner - C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 16112 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=07bc1637-6bea-4636-b39c-5f47f167bf0d /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\12e26b14-bf8b-437d-96d6-7e58a84e8d1a-278-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Windows\system32\nvvsvc.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"

"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

"C:\Program Files\Intel\iCLS Client\HeciServer.exe"

C:\Windows\system32\IProsetMonitor.exe

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"

"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

C:\Windows\System32\svchost.exe -k HPZ12

"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\locator.exe

"C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe"

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"

"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"

"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Windows\WindowsMobile\wmdc.exe"

"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

"C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"

"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"

"C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe" View=show_in_tray

"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=f9445731-d736-487f-9f92-8c249e89d808 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\fb4ca56c-61a0-450b-b04f-48670f29d302-b40-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"

"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b5f3a786-4712-4165-81d4-7afe8fb8dafe -SystemEventPortName:HostProcess-5a4515bf-cb8a-4fd4-b14a-28e44334c2e8 -IoCancelEventPortName:HostProcess-fbb835cb-8d7c-4bd9-88a0-a00eda57a513 -NonStateChangingEventPortName:HostProcess-66da9b60-3ac9-4400-9051-3c17f75286c2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:54c69d9d-8ed7-4419-a02a-bab005116ef0 -DeviceGroupId:WpdFsGroup

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

"C:\Program Files\Internet Explorer\iexplore.exe" Start.qone8.com

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5188 CREDAT:4134288 /prefetch:2

"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding

C:\Windows\system32\msiexec.exe /V

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540

"C:\Users\Michel\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\HP Photo Creations Communicator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/MycameraPlugin]

"Description"=Canon MycameraPlugin

"Path"=C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]

"Description"=Intel IPT WebApi plugin

"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]

"Description"=This plugin updates Intel WebAPI component

"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]

"Description"=Microsoft Lync Plug-in for Firefox

"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]

"Description"=NitroPDF Web Browser Plugin

"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]

"Description"=Photodex Presenter Plugin

"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]

"Description"=A component of your photo software powered by RocketLife

"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.10.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

C:\Program Files (x86)\Mozilla Firefox\plugins\

npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2012-10-15 1968248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-19 551400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-06 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-09-13 2328264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-19 209384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-10-15 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-09-13 1724616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-10-06 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-06 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-13 13374568]

"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]

"uTorrent"=C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe [2013-10-24 902736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]

C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-12-09 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]

"TrayServer"=C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [2008-09-10 90112]

"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-26 291608]

"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]

""= []

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2013-11-07 13:29:50 ----D---- C:\rsit

2013-11-07 13:29:50 ----D---- C:\Program Files\trend micro

2013-11-05 16:51:27 ----D---- C:\ProgramData\Mozilla

2013-11-05 16:51:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2013-11-05 10:38:14 ----D---- C:\ProgramData\eSafe

2013-11-05 10:37:10 ----D---- C:\Users\Michel\AppData\Roaming\ExpressFiles

2013-10-29 09:44:22 ----D---- C:\ProgramData\Oracle

2013-10-29 09:42:02 ----A---- C:\Windows\SYSWOW64\javaws.exe

2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\javaw.exe

2013-10-29 09:41:59 ----A---- C:\Windows\SYSWOW64\java.exe

2013-10-13 22:45:44 ----D---- C:\Program Files\Microsoft.NET

2013-10-13 13:50:34 ----D---- C:\Users\Michel\AppData\Roaming\vlc

2013-10-13 13:48:42 ----D---- C:\Program Files (x86)\VideoLAN

2013-10-13 10:26:47 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll

2013-10-13 10:26:32 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll

2013-10-13 10:26:14 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll

2013-10-13 10:25:58 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll

2013-10-13 10:25:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll

2013-10-13 09:15:33 ----D---- C:\ProgramData\TEMP

2013-10-13 09:10:25 ----D---- C:\Program Files (x86)\Whilokii

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-10-11 22:28:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-10-11 22:28:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-11 22:28:09 ----A---- C:\Windows\system32\ieui.dll

2013-10-11 22:28:09 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-11 22:28:09 ----A---- C:\Windows\system32\iesetup.dll

2013-10-11 22:28:09 ----A---- C:\Windows\system32\iernonce.dll

2013-10-11 22:28:09 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-11 22:28:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-10-11 22:28:08 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-10-11 22:28:08 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-11 22:28:08 ----A---- C:\Windows\system32\jscript.dll

2013-10-11 22:28:08 ----A---- C:\Windows\system32\iertutil.dll

2013-10-11 22:28:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-10-11 22:28:07 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-10-11 22:28:07 ----A---- C:\Windows\system32\urlmon.dll

2013-10-11 22:28:07 ----A---- C:\Windows\system32\jscript9.dll

2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-10-11 22:28:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-10-11 22:28:06 ----A---- C:\Windows\system32\wininet.dll

2013-10-11 22:28:06 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-11 22:28:05 ----A---- C:\Windows\system32\ieframe.dll

2013-10-11 22:28:04 ----A---- C:\Windows\system32\mshtml.dll

2013-10-11 22:28:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-10-11 17:45:55 ----A---- C:\Windows\system32\comctl32.dll

2013-10-11 17:45:54 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\lpk.dll

2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\fontsub.dll

2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\dciman32.dll

2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll

2013-10-11 17:45:49 ----A---- C:\Windows\SYSWOW64\atmfd.dll

2013-10-11 17:45:49 ----A---- C:\Windows\system32\lpk.dll

2013-10-11 17:45:49 ----A---- C:\Windows\system32\fontsub.dll

2013-10-11 17:45:49 ----A---- C:\Windows\system32\dciman32.dll

2013-10-11 17:45:49 ----A---- C:\Windows\system32\atmlib.dll

2013-10-11 17:45:49 ----A---- C:\Windows\system32\atmfd.dll

2013-10-11 17:45:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-11 17:45:47 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-11 17:45:46 ----A---- C:\Windows\SYSWOW64\WebClnt.dll

2013-10-11 17:45:46 ----A---- C:\Windows\SYSWOW64\davclnt.dll

2013-10-11 17:45:46 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\usbscan.sys

2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-11 17:45:46 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-11 17:45:46 ----A---- C:\Windows\system32\davclnt.dll

2013-10-11 17:45:45 ----A---- C:\Windows\SYSWOW64\mswsock.dll

2013-10-11 17:45:45 ----A---- C:\Windows\system32\win32k.sys

2013-10-11 17:45:45 ----A---- C:\Windows\system32\mswsock.dll

2013-10-11 17:45:45 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-11 17:45:45 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\tdh.dll

2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2013-10-11 17:45:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2013-10-11 17:45:43 ----A---- C:\Windows\system32\tdh.dll

2013-10-11 17:45:43 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-11 17:45:43 ----A---- C:\Windows\system32\ntdll.dll

2013-10-11 17:45:43 ----A---- C:\Windows\system32\advapi32.dll

2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\wow32.dll

2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\user.exe

2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\setup16.exe

2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2013-10-11 17:45:42 ----A---- C:\Windows\SYSWOW64\instnm.exe

2013-10-11 17:45:42 ----A---- C:\Windows\system32\wow64.dll

2013-10-11 17:45:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 17:45:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-11 17:45:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-11 17:45:37 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 month======

2013-11-07 13:29:55 ----D---- C:\Windows\Temp

2013-11-07 13:29:50 ----RD---- C:\Program Files

2013-11-07 13:29:37 ----D---- C:\Users\Michel\AppData\Roaming\uTorrent

2013-11-07 13:28:30 ----SHD---- C:\Windows\Installer

2013-11-07 13:28:25 ----A---- C:\Windows\win.ini

2013-11-07 13:28:24 ----SHD---- C:\Config.Msi

2013-11-07 13:23:32 ----D---- C:\Windows\Prefetch

2013-11-07 12:37:17 ----D---- C:\Windows\System32

2013-11-07 12:37:17 ----D---- C:\Windows\inf

2013-11-07 12:37:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-07 12:35:53 ----D---- C:\Windows\system32\drivers\AVG

2013-11-07 12:34:53 ----A---- C:\Windows\SYSWOW64\log.txt

2013-11-07 12:32:25 ----D---- C:\ProgramData\NVIDIA

2013-11-07 00:15:42 ----D---- C:\Windows\system32\config

2013-11-06 21:04:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2013-11-06 21:03:46 ----RD---- C:\Program Files (x86)

2013-11-05 16:51:29 ----D---- C:\Program Files (x86)\Mozilla Firefox

2013-11-05 16:51:27 ----HD---- C:\ProgramData

2013-11-05 11:36:28 ----RSD---- C:\Windows\assembly

2013-11-05 11:36:27 ----D---- C:\Program Files (x86)\Sony

2013-11-05 11:36:08 ----SHD---- C:\System Volume Information

2013-11-05 11:35:25 ----RD---- C:\Users

2013-11-05 11:34:57 ----D---- C:\Windows\system32\catroot2

2013-11-05 11:33:10 ----D---- C:\Windows\system32\Tasks

2013-11-05 11:33:08 ----D---- C:\Windows\Tasks

2013-11-03 22:18:09 ----D---- C:\Windows\system32\FxsTmp

2013-10-29 09:42:06 ----D---- C:\Program Files (x86)\Common Files

2013-10-29 09:42:02 ----D---- C:\Windows\SysWOW64

2013-10-29 09:41:59 ----D---- C:\Program Files (x86)\Java

2013-10-28 16:19:11 ----D---- C:\Program Files (x86)\TomTom HOME 2

2013-10-27 15:15:33 ----D---- C:\Users\Michel\AppData\Roaming\Mipony

2013-10-14 22:57:31 ----D---- C:\Windows\winsxs

2013-10-14 22:57:23 ----AD---- C:\Windows

2013-10-13 22:45:44 ----D---- C:\Program Files (x86)\Microsoft.NET

2013-10-13 22:44:52 ----D---- C:\ProgramData\Microsoft Help

2013-10-13 11:15:58 ----D---- C:\Users\Michel\AppData\Roaming\SUPERAntiSpyware.com

2013-10-13 11:15:53 ----D---- C:\Program Files (x86)\SUPERAntiSpyware

2013-10-13 10:27:28 ----D---- C:\Program Files (x86)\MSXML 4.0

2013-10-13 10:25:09 ----D---- C:\Windows\Logs

2013-10-13 10:13:22 ----D---- C:\ProgramData\Nero

2013-10-13 02:11:49 ----D---- C:\Windows\Microsoft.NET

2013-10-12 15:55:50 ----D---- C:\Windows\rescache

2013-10-12 08:56:41 ----D---- C:\Windows\system32\drivers

2013-10-12 08:56:22 ----D---- C:\Program Files (x86)\Internet Explorer

2013-10-12 08:56:21 ----D---- C:\Program Files\Internet Explorer

2013-10-12 08:56:18 ----D---- C:\Windows\AppPatch

2013-10-12 08:56:13 ----D---- C:\Windows\system32\DriverStore

2013-10-12 08:56:10 ----D---- C:\Windows\SYSWOW64\drivers

2013-10-12 08:55:45 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-12 08:55:44 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2013-10-11 22:28:22 ----D---- C:\Windows\system32\catroot

2013-10-11 22:26:49 ----D---- C:\Windows\system32\MRT

2013-10-11 22:25:39 ----A---- C:\Windows\system32\MRT.exe

2013-10-11 22:24:45 ----D---- C:\Windows\system32\nl-NL

2013-10-09 11:53:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

R0 iusb3hcs;Intel® USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944]

R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-01-11 358576]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]

R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]

R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-19 14448]

S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-19 27760]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]

S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-11-09 189608]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-01-20 277784]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-06-17 230408]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [2012-11-07 186760]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-20 363800]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21 116648]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]

S2 SASCORE;SAS Core Service; C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21 116648]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-21 194032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]

S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]

S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]

S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-06 1255736]

S4 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 {87775fdb-6972-41f9-ae51-8326e38cb206};c
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r64
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 C:\ProgramData\eSafe;fs
 C:\Users\Michel\AppData\Roaming\ExpressFiles;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• Shortcut Fix
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[divermickey]

Zoek.exe Version 4.0.0.5 Updated 05-November-2013

Tool run by Michel on do 07/11/2013 at 16:30:36,13.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Michel\Desktop\zoek\zoek.scr [script inserted] [Checkboxes used]

==== System Restore Info ======================

7/11/2013 16:32:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Garmin deleted successfully

C:\PROGRA~2\GUMC436.tmp deleted successfully

C:\PROGRA~2\Nokia deleted successfully

C:\PROGRA~2\Samsung deleted successfully

C:\PROGRA~2\Whilokii deleted successfully

C:\PROGRA~2\WinZip Registry Optimizer deleted successfully

C:\ProgramData\Browser Manager deleted successfully

C:\ProgramData\Nokia deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\ProgramData\pcdfdata deleted successfully

C:\ProgramData\ZoomBrowser deleted successfully

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\Users\Michel\AppData\Roaming\ExpressFiles deleted successfully

C:\Users\Michel\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\Michel\AppData\Roaming\Nokia deleted successfully

C:\Users\Michel\AppData\Roaming\Nokia Suite deleted successfully

C:\Users\Michel\AppData\Roaming\SUPERAntiSpyware.com deleted successfully

C:\Users\Michel\AppData\Roaming\ZoomBrowser EX deleted successfully

C:\Users\Michel\AppData\Local\Conduit deleted successfully

C:\Users\Michel\AppData\Local\Lollipop deleted successfully

==== Creating Sample_20130711_1636.zip ======================

Process iexplore.exe killed

Copied file C:\Users\Michel\AppData\Local\patchYDG.exe to sample\patchYDG.exe

sample\patchYDG.exe renamed to 943F1E446C1AD33D6310979C861B7780

C:\Users\Public\Desktop\sample_20130711_1636.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E60A195C-F67C-40E6-8F37-D320EE1E1F26} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default\prefs.js:

Added to C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]

@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Users\Michel\AppData\Roaming\ExpressFiles not found

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found

C:\ProgramData\eSafe deleted

C:\PROGRA~2\FreeRIP deleted

C:\PROGRA~2\Conduit deleted

C:\ProgramData\FreeRIP deleted

C:\Users\Michel\AppData\Local\CRE deleted

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Users\Michel\AppData\LocalLow\DataMngr deleted

C:\Users\Michel\AppData\LocalLow\PriceGong deleted

C:\Users\Michel\AppData\LocalLow\Conduit deleted

C:\windows\SysNative\Tasks\Express FilesUpdate deleted

C:\Users\Michel\AppData\Local\patchYDG.exe deleted

"C:\Users\Michel\AppData\Local\gnptuior" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Michel\AppData\Local\Temp ====

2013-11-06 20:04:19 B0900C9BD9166147E1A9CD4567FE595F 20208024 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.181_NetStorage.exe

2013-11-05 13:28:16 FBB458117F5687922C57249F179BD6B5 1706136 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\eGdpSvc.exe

2013-11-05 13:28:16 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\Baofeng.exe

2013-11-05 13:28:16 227C1B3A29E5EA61EBA240E2C3C4A1D9 92672 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\UpDate.dll

2013-11-05 09:43:16 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1237290.exe

2013-11-05 09:37:56 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\Baofeng.exe

2013-11-05 09:37:56 227C1B3A29E5EA61EBA240E2C3C4A1D9 92672 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\UpDate.dll

2013-11-05 09:37:21 4E86B643656D58C32E14CF59C598933B 152608 ----a-w- C:\Users\Michel\AppData\Local\Temp\toolbar882731.exe

2013-11-05 09:37:10 9AF0B38E19FFB4CE1CF1B86C70306A58 249440 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1245028.exe

2013-11-05 09:36:51 A55B82103A202C20717F45C201EC4553 936960 ----a-w- C:\Users\Michel\AppData\Local\Temp\htmlayout.dll

2013-11-02 09:47:42 75F096B5FE78062288DCF6171F89D4CB 20206504 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.180_NetStorage.exe

====== Java Cache =====

2013-10-29 08:44:49 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7caff65b

2013-10-29 08:44:42 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-495da58c

2013-10-29 08:44:42 0D84C512149D7C5F8F47B3BE33CCEC09 99 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2013-10-29 08:44:41 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-23990500

2013-10-29 08:44:42 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Michel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-2f6a2273

====== C:\Windows\SysWOW64 =====

2013-10-29 08:42:02 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2013-10-29 08:41:59 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2013-10-29 08:41:59 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-29 08:41:59 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-10-11 16:45:48 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-11 16:45:47 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-11 16:45:46 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys

2013-10-11 16:45:46 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-11 16:45:46 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-11 16:45:46 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-11 16:45:45 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-11 16:45:45 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-11 16:45:38 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-07 12:29:50 -------- d-----w- C:\Program Files\trend micro

2013-10-13 21:45:44 -------- d-----w- C:\Program Files\Microsoft.NET

======= C:\PROGRA~2 =====

2013-11-05 15:51:27 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service

2013-10-29 08:42:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2013-10-13 12:48:42 -------- d-----w- C:\PROGRA~2\VideoLAN

2013-10-13 09:27:09 -------- d-----w- C:\PROGRA~2\COMMON~1\LightScribe

======= C: =====

====== C:\Users\Michel\AppData\Roaming ======

2013-11-07 12:23:31 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\Michel\AppData\Local\resmon.resmoncfg

2013-11-05 18:12:37 AAC1C0B4B7D727782765CDDCA275C71D 588708 ----a-w- C:\Users\Michel\AppData\Local\meta.txt

2013-11-05 15:51:36 -------- d-----w- C:\Users\Michel\AppData\Local\Mozilla

2013-10-13 12:50:34 -------- d-----w- C:\Users\Michel\AppData\Roaming\vlc

2013-10-13 08:10:22 -------- d-----w- C:\Users\Michel\AppData\Local\Programs

====== C:\Users\Michel ======

2013-11-07 12:29:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michel\Desktop\RSITx64.exe

2013-11-05 15:51:27 -------- d-----w- C:\ProgramData\Mozilla

2013-10-29 08:41:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-13 12:48:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-10-13 09:27:09 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling

2013-10-13 08:15:33 -------- d-----w- C:\ProgramData\TEMP

====== C: exe-files ==

2013-11-07 12:29:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michel.exe

2013-11-07 12:29:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Michel\Desktop\RSITx64.exe

2013-11-06 20:04:33 6E0105823B4FE91632C9DA8314418417 655536 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe

2013-11-06 20:04:19 B0900C9BD9166147E1A9CD4567FE595F 20208024 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.181_NetStorage.exe

2013-11-05 18:10:14 74669728AAAF3EC7A0EF3BCF4E6015CC 2631680 ----a-w- C:\Users\Michel\Desktop\tomtom\FastTools_Lite\FastTools_Lite.exe

2013-11-05 18:07:15 98E77A70744D82727BA026CC655FFD42 3157504 ----a-w- C:\Users\Michel\Desktop\tomtom\FastTools_Pro\FastTools_Pro.exe

2013-11-05 15:51:29 18E3F5AC9079735B1FB5C09340AA1797 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe

2013-11-05 15:51:27 5D494509432897338AFC19DB78A76DCB 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

2013-11-05 15:51:11 903B1F210485F680B7B4AFDCFD06F3B1 283112 ----a-w- C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J\Firefox Setup Stub 25.0.exe

2013-11-05 13:28:16 FBB458117F5687922C57249F179BD6B5 1706136 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\eGdpSvc.exe

2013-11-05 13:28:16 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\Baofeng.exe

2013-11-05 09:50:08 EA089EB4E0DD6A440BB65E860C920BD9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$IFG265I.exe

2013-11-05 09:49:53 2D6FEAAEF99914543445990513D2D97E 311592 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$RFG265I.exe

2013-11-05 09:43:16 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1237290.exe

2013-11-05 09:37:56 AA023839E9DFBB84A6F446889994344F 116608 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\Baofeng.exe

2013-11-05 09:37:21 4E86B643656D58C32E14CF59C598933B 152608 ----a-w- C:\Users\Michel\AppData\Local\Temp\toolbar882731.exe

2013-11-05 09:37:10 9AF0B38E19FFB4CE1CF1B86C70306A58 249440 ----a-w- C:\Users\Michel\AppData\Local\Temp\uninstall1245028.exe

2013-11-05 09:36:37 077C56205D5820840D05635335E51C38 6554208 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom_Maps_Central_and_Eastern_Europe_905.4800_downloader_be_99271.exe

2013-11-04 18:16:17 D152F927E2C0830C7AD8126065E8652F 1388544 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TomTom Navigator.exe

2013-11-04 18:16:17 A0CFEB5579F8CE2D53D3C11DD5A77589 8192 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\GPSSwitchToNMEA.exe

2013-11-04 18:16:17 90EBA299650B61C13A85B33999540CA2 50176 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\MortScript.exe

2013-11-04 18:16:17 69BF241E7DF4570BAE7C6418781E2C92 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TT7 Navigator.exe

2013-11-04 18:16:17 69BF241E7DF4570BAE7C6418781E2C92 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\TomTom Mio Menu 2 planners\TT7 Navigator 268.exe

2013-11-04 18:10:06 E1DD8C33A5D98905ED435A72370A1A51 8192 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\TT7 Navigator.exe

2013-11-04 18:10:06 9308DC14A05BC06E410EA596FF1E1F98 1395200 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\TomTom Navigator.exe

2013-11-04 18:10:06 3BA9F247DFF11499C793B9BE843154F6 50176 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\MortScript.exe

2013-11-04 18:10:06 2F8B724ACB110415F8983905426589FE 26624 ----a-w- C:\Users\Michel\Desktop\tomtom\TT7_WinCe6.0_op_Chinese_kloon\TomTom\Setmem.exe

2013-11-04 17:11:49 F4BBBE08C63A5F1DE2478948FA451CC6 35764 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_WindowsLive_v101_9000_E66_E71.exe

2013-11-04 17:11:49 EDD4999AF237211F2C92C85EB04A9448 259067 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\TopHitsSolitaires.exe

2013-11-04 17:11:49 DE979CAE08FCD9FABD26EE41E0513D5A 6658 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\MMIOServer.exe

2013-11-04 17:11:49 D643AD515A0932715ECC8BA425D92354 157063 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\wipres.exe

2013-11-04 17:11:49 CF801CAFB14CE2F5F88DDC0D048D645D 35736 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_YahooGO_v2_0_82_E66.exe

2013-11-04 17:11:49 C1778F5F26C342BFCAC0431F85F1AAF1 36066 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\DRMCommonLicSrv.exe

2013-11-04 17:11:49 B8415C6DDA76617DE920DAA602A50A06 22186 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Flashlight20030F55.exe

2013-11-04 17:11:49 AC3E615609EA8E93882583D43B8022A7 4900 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\ACMServer0x20000133.exe

2013-11-04 17:11:49 99B396999BF368F281568A7EB8796621 35844 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_NokiaSportsTracker_180_E66_E71_PrePR1.exe

2013-11-04 17:11:49 94F698E4E4A516AE48D47AF6E6FB5953 35785 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_MobileMagnifierLite_E66_v1103.exe

2013-11-04 17:11:49 7895F66D831713A24562B188138350F4 35783 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_WorldMate_v600_E66_PrePR1.exe

2013-11-04 17:11:49 37A33CEA9D82EACBC1866428B09BF02E 288428 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\RagingThunderGR.exe

2013-11-04 17:11:49 19D691F8DFEE1D3A9DB5143F360E7F66 35821 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Launcher_Top_Hit_Solit_v1_30_E66_E71_PrePR1.exe

2013-11-04 17:11:49 159F5947E47A0378F09F0873A1F39B6D 4777 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\DRMCommonProcessor.exe

2013-11-04 17:11:49 085CB538CEEADB9651B47A738F05FDFA 33618 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\Scanner.exe

2013-11-04 17:11:49 0661FE5047F3F0092999A32EA4AFD9D2 68229 ----a-w- C:\Users\Michel\Desktop\kopie microsd gsm\sys\bin\ACM0x20000131.exe

2013-11-03 18:18:45 C52F3B378B5041DCC607B29285579F99 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\Apps\Off.exe

2013-11-03 18:18:45 88B3EEC184CD6813B60BC490E565F688 337920 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\Apps\CECMD.EXE

2013-11-03 18:18:45 6FD2146261C4B02E28FC958BDA55A048 66048 ----a-w- C:\Users\Michel\Desktop\tomtom\Menuutje Standaard 320x240\autorunce.exe

2013-11-03 18:18:29 B7B412A2E7D705819CF75B231B71DBC4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$ITV2A39.exe

2013-11-03 18:18:03 C52F3B378B5041DCC607B29285579F99 7680 ----a-w- C:\Users\Michel\Desktop\tomtom\Apps\Off.exe

2013-11-03 18:18:03 88B3EEC184CD6813B60BC490E565F688 337920 ----a-w- C:\Users\Michel\Desktop\tomtom\Apps\CECMD.EXE

2013-11-03 18:18:03 6FD2146261C4B02E28FC958BDA55A048 66048 ----a-w- C:\$Recycle.Bin\S-1-5-21-3624815036-1722546690-1708832409-1000\$RTV2A39.exe

2013-11-03 18:15:25 8B5EC890E63402346D8614457D7D9E55 121344 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\autorunce.exe

2013-11-03 18:11:47 23227770946AD0D0646F018EB3A4FA4E 152064 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\NAVIGON\ScreenShot.exe

2013-11-03 18:11:47 1F029CCF7B5256567F6F2E78194680A7 7381504 ----a-w- C:\Users\Michel\Desktop\backup navigon\NAVIGON\NAVIGON\navigon.exe

2013-11-02 09:47:42 75F096B5FE78062288DCF6171F89D4CB 20206504 ----a-w- C:\Users\Michel\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.180_NetStorage.exe

=== C: other files ==

2013-11-07 15:36:56 A0E9965FE6DAD0929332CE1376A144C2 91323 ----a-w- C:\Users\Public\Desktop\sample_20130711_1636.zip

2013-11-05 13:28:16 36A4AA76737A3835B67AF4A0012CBE46 38849 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\ep.zip

2013-11-05 13:28:16 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\newtab.crx

2013-11-05 09:37:58 3456E5AEC0B3DCCD26D5A3CDED8880E3 1703069 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\package2.zip

2013-11-05 09:37:56 D50C8B807883EA28E849257905C2EF2A 1394998 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\package1.zip

2013-11-05 09:37:56 36A4AA76737A3835B67AF4A0012CBE46 38849 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\ep.zip

2013-11-05 09:37:56 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Michel\AppData\Local\Temp\MircosoftStudio\1.1.6.6.crx

2013-11-05 09:37:47 D50C8B807883EA28E849257905C2EF2A 1394998 ----a-w- C:\Users\Michel\AppData\Local\Temp\fullpackage_temp\package1.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3624815036-1722546690-1708832409-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

"uTorrent"="C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

"TrayServer"="C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe"

"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"

"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"

"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

"uTorrent"="C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0]

"command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\""

"hkey"="HKLM"

"item"="Acrobat Assistant 8.0"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"

"hkey"="HKLM"

"item"="AdobeCS6ServiceManager"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]

"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"

"hkey"="HKLM"

"item"="KiesTrayAgent"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]

"command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup"

"hkey"="HKLM"

"item"="PWRISOVM.EXE"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TomTomHOME.exe"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="WinampAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASGT]

==== Startup Folders ======================

2013-03-06 15:08:31 2099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

2012-11-06 21:47:13 1318 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk

2012-11-06 21:47:13 1373 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 11:53]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/05/2013 21:54]

C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [09/06/2013 20:28]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [30/06/2013 23:13]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [06/03/2013 16:09]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\j3c18b04.default

472DAEA6EEE84240DEA132C95C57EB68 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer

7D04E74E8B63FF93F26C6A2EC14A4EE7 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Michel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 03:23]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Michel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[]

YouTube - Michel - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Extended Protection - Michel - Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

uTorrentBar_NL - Michel - Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb

Google Search - Michel - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Select City - Michel - Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Google Wallet - Michel - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Michel - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage-journal deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0 deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="Start.qone8.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Search}"

"Default_Page_URL"="Start.qone8.com"

"Start Page"="Start.qone8.com"

"Search Page"="Search}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Search}"

"Default_Page_URL"="Start.qone8.com"

"Start Page"="Start.qone8.com"

"Search Page"="Search}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Michel\Desktop\Magic Photo Editor.lnk - C:\Program Files (x86)\Magic Photo Editor\MagicPhoto.exe

C:\Users\Michel\Desktop\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe

C:\Users\Michel\Desktop\WBFS Manager 3.0.lnk - C:\Program Files (x86)\WBFS\WBFS Manager 3.0\WBFSManager.exe

C:\Users\Michel\Desktop\µTorrent.lnk -

C:\Users\Michel\Desktop\tomtom\fast tool pro\Benelux_915_5074 - Snelkoppeling.lnk - C:\Users\Michel\Desktop\tomtom\Benelux_915_5074

C:\Users\UpdatusUser\Desktop\Magic Photo Editor Website.lnk - C:\Program Files (x86)\Magic Photo Editor\website.htm

C:\Users\UpdatusUser\Desktop\Magic Photo Editor.lnk - C:\Program Files (x86)\Magic Photo Editor\MagicPhoto.exe

C:\Users\UpdatusUser\Desktop\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\ASUS GPU Tweak.lnk - C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe

C:\Users\Public\Desktop\AVG 2012.lnk - C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\Digital Photo Professional.lnk - C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe

C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com

C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe

C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe

C:\Users\Public\Desktop\HP Solution Center.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe

C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe

C:\Users\Public\Desktop\MAGIX Video deluxe 16 Plus Download-versie.lnk - C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\Videodeluxe.exe

C:\Users\Public\Desktop\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe

C:\Users\Public\Desktop\Morpheus Photo Animation Suite.lnk - C:\Program Files (x86)\Morpheus Photo Animation Suite\Morpheus.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Public\Desktop\Nitro Pro 8.lnk - C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe

C:\Users\Public\Desktop\Picture Style Editor.lnk - C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe

C:\Users\Public\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe

C:\Users\Public\Desktop\ProShow Gold.lnk - C:\Program Files (x86)\Photodex\ProShowGold\proshow.exe

C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk - C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Users\Public\Desktop\Tux Paint.lnk - C:\Program Files (x86)\TuxPaint\tuxpaint.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe

C:\Users\Public\Desktop\Winkel voor HP-benodigheden.lnk - C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe

C:\Users\Public\Desktop\ZoomBrowser EX.lnk - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -

C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com

C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe 1

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk - C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk - C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Verwijderen.lnk - C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe -uninst -runfromtemp

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk - C:\Windows\Installer\{99072AB4-D795-44D5-9D65-E3C9F8322C97}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Verwijder TomTom HOME 2.lnk - C:\Windows\SysWOW64\msiexec.exe /x {99072AB4-D795-44D5-9D65-E3C9F8322C97}

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Start.qone8.com

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE /recycle

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Start.qone8.com

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Photosmart Essential 3.5.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Start.qone8.com

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk - C:\Program Files (x86)\MiPony\MiPony.exe

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [TrayServer] C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Michel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs:

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SAS Core Service (SASCORE) - Unknown owner - C:\Program Files (x86)\SUPERAntiSpyware\SASCore.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8MGZXG will be deleted at reboot

C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNHH1IP2 will be deleted at reboot

C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Michel\AppData\Local\Mozilla\Firefox\Profiles\j3c18b04.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Michel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8MGZXG" not found

"C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNHH1IP2" not found

"C:\Users\Michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z9WPSJ5J" not found

==== EOF on do 07/11/2013 at 16:42:42,48 ======================

[kape]

Behoorlijk wat rotzooi opgeruimd. Hoe gedraagt de PC zich nu ? En de startpagina ?

[divermickey]

Probleem met de startpagina is opgelost

Kan ik de computer ook sneller laten opstarten ?

Alvast bedankt voor je hulp.

[kape]

Download Soluto. (klik er op)

Klik op I Agree – Install. Wacht in het scherm wat daarop volgt. Na 30 seconden verdwijnt dit scherm en installeert Soluto verder. Tijdens dit proces kan je je pc normaal gebruiken.

Als je wilt zien hoever Soluto is met installeren druk je met de rechtermuisknop op het icoontje rechts onderin op de taakbalk en kies je voor ‘Open’.

Als de installatie voltooid is zal Soluto vragen om opnieuw op te starten. Sla alle programma’s die je open hebt staan op, en klik op Reboot PC Now.

Als de pc opnieuw opgestart is open je Soluto en klik je op ‘Chop Boot’. Daar kan je programma’s uitsluiten van het opstarten.

Voor een uitgebreide handleiding hierover klik je Hier. (klik er op)

[divermickey]

ok ga ik proberen

thx

- - - Updated - - -

[divermickey]

lukt niet

kan het niet installeren.