virusen verwijderen

[ikwordgekvanmijnPC]

Hoi

ik heb een probleem.mijn computer is onzettend traag en heb al van alles geprobeerd.nu vald mijn computer steeds uit.en dan krijg ik iets over rebooth failure.en na een paar keer start hij weer op.alleen dan werkt mijn computer heel erg traag.dus

ik hoop dat julie mij kunnen helpen om mijn computer weer sneller en virus vrij te maken

M.V.G mike

[Dasle]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

[ikwordgekvanmijnPC]

Logfile of random's system information tool 1.09 (written by random/random)

Run by Jolanda Resier at 2014-01-30 22:23:35

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 107 GB (72%) free of 150 GB

Total RAM: 1012 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:24:48, on 30-1-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\ClamWin\bin\ClamTray.exe

C:\ProgramData\Search Protection\SearchProtection.exe

C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Jolanda Resier\Documents\Downloads\RSIT.exe

C:\Program Files\trend micro\Jolanda Resier.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sweet Page

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1391102929&from=vit&uid=WDCXWD3200AAJS-00B4A0_WD-WCAT1835669356693&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1391102929&from=vit&uid=WDCXWD3200AAJS-00B4A0_WD-WCAT1835669356693&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Sweet Page

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll

O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: PassWidget - {cf3eef74-bc7c-43eb-a92b-a652f3c5a8f2} - C:\Program Files\Pass-Widget\150.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

O4 - HKLM\..\Run: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe

O4 - HKLM\..\Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe"

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: avast! EasyPass Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.7.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u20-windows-i586.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--

End of file - 12138 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\PassWidget Update.job

C:\Windows\tasks\System Speedup_DEFAULT.job

C:\Windows\tasks\System Speedup_UPDATES.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-24 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-01-14 513136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

Ad-Aware Security Add-on - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll [2013-12-20 116248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2014-01-29 468600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

DataMngr - C:\PROGRA~1\WIA6EB~1\Datamngr\BROWSE~1.DLL [2012-07-16 88176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf3eef74-bc7c-43eb-a92b-a652f3c5a8f2}]

PassWidget - C:\Program Files\Pass-Widget\150.dll [2014-01-30 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]

{6c97a91e-4524-4019-86af-2aa2d567bf5c} - Ad-Aware Security Add-on - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll [2013-12-20 116248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]

"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

"Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2009-09-15 479232]

"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-11-24 273528]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

"DATAMNGR"=C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE [2012-07-16 1824880]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"ClamWin"=C:\Program Files\ClamWin\bin\ClamTray.exe [2012-10-01 86016]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-29 3767096]

"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-09-27 559696]

"Search Protection"=C:\ProgramData\Search Protection\SearchProtection.exe [2013-06-13 943016]

""= []

"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [2014-01-23 3643224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]

"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-10-09 3077528]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-01-21 4455704]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=lvcodec2.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"vidc.yv12"=yv12vfw.dll

"VIDC.XVID"=xvidvfw.dll

"msacm.ac3acm"=ac3acm.acm

"msacm.lameacm"=lameACM.acm

"VIDC.FFDS"=ff_vfw.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-30 22:23:39 ----D---- C:\Program Files\trend micro

2014-01-30 22:23:35 ----D---- C:\rsit

2014-01-30 18:37:42 ----D---- C:\ProgramData\IePluginService

2014-01-30 18:37:13 ----D---- C:\Program Files\SupTab

2014-01-30 18:36:57 ----D---- C:\ProgramData\WPM

2014-01-30 18:27:23 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\System Speedup

2014-01-30 18:26:52 ----SHD---- C:\$RECYCLE.BIN

2014-01-30 18:25:10 ----D---- C:\Program Files\System Speedup

2014-01-30 18:24:21 ----D---- C:\Program Files\Pass-Widget

2014-01-30 16:54:49 ----A---- C:\Windows\system32\FNTCACHE.DAT

2014-01-30 04:59:08 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\LavasoftStatistics

2014-01-30 02:31:42 ----D---- C:\ProgramData\Search Protection

2014-01-30 02:31:39 ----D---- C:\ProgramData\blekko toolbars

2014-01-30 02:31:30 ----D---- C:\ProgramData\Ad-Aware Browsing Protection

2014-01-30 02:31:08 ----D---- C:\Program Files\Toolbar Cleaner

2014-01-30 02:30:24 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\SecureSearch

2014-01-30 02:27:16 ----D---- C:\Program Files\Lavasoft

2014-01-30 02:25:15 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\Lavasoft

2014-01-30 02:23:13 ----D---- C:\Program Files\Common Files\Lavasoft

2014-01-30 02:17:09 ----D---- C:\ProgramData\Lavasoft

2014-01-29 15:28:15 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\TuneUp Software

2014-01-29 14:59:09 ----A---- C:\Windows\system32\drivers\aswStm.sys

2014-01-29 14:59:08 ----A---- C:\Windows\system32\drivers\aswVmm.sys

2014-01-29 14:59:07 ----A---- C:\Windows\system32\drivers\aswSnx.sys

2014-01-29 14:59:04 ----A---- C:\Windows\system32\drivers\aswSP.sys

2014-01-29 14:59:03 ----A---- C:\Windows\system32\drivers\aswRvrt.sys

2014-01-29 14:59:02 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2014-01-29 14:59:01 ----A---- C:\Windows\system32\drivers\aswRdr2.sys

2014-01-29 14:57:49 ----A---- C:\Windows\avastSS.scr

2014-01-29 14:20:57 ----A---- C:\Windows\system32\ie4uinit.exe

2014-01-29 14:20:56 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-29 14:20:55 ----A---- C:\Windows\system32\ieui.dll

2014-01-29 14:20:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-01-29 14:20:54 ----A---- C:\Windows\system32\iesetup.dll

2014-01-29 14:20:54 ----A---- C:\Windows\system32\iernonce.dll

2014-01-29 14:20:54 ----A---- C:\Windows\system32\ieapfltr.dll

2014-01-29 14:20:53 ----A---- C:\Windows\system32\jscript9diag.dll

2014-01-29 14:20:53 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-29 14:20:53 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-01-29 14:20:53 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-01-29 14:20:51 ----A---- C:\Windows\system32\wininet.dll

2014-01-29 14:20:50 ----A---- C:\Windows\system32\urlmon.dll

2014-01-29 14:20:50 ----A---- C:\Windows\system32\iertutil.dll

2014-01-29 14:20:48 ----A---- C:\Windows\system32\ieframe.dll

2014-01-29 14:20:46 ----A---- C:\Windows\system32\mshtml.dll

2014-01-29 14:20:46 ----A---- C:\Windows\system32\jscript9.dll

2014-01-29 04:01:05 ----D---- C:\Windows\Temp93832B52-9EB7-27D9-5D62-A80EA10E8B9B-Signatures

2014-01-29 03:22:28 ----A---- C:\Windows\system32\wmp.dll

2014-01-29 03:22:22 ----A---- C:\Windows\system32\wmploc.DLL

2014-01-29 03:13:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-01-29 03:13:05 ----A---- C:\Windows\system32\elshyph.dll

2014-01-29 03:13:04 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2014-01-29 03:13:04 ----A---- C:\Windows\system32\msls31.dll

2014-01-29 03:13:04 ----A---- C:\Windows\system32\jsIntl.dll

2014-01-29 03:13:03 ----A---- C:\Windows\system32\msrating.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\url.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\ieapfltr.dat

2014-01-29 03:13:02 ----A---- C:\Windows\system32\icardie.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\dxtrans.dll

2014-01-29 03:13:02 ----A---- C:\Windows\system32\dxtmsft.dll

2014-01-29 03:13:01 ----A---- C:\Windows\system32\iedkcs32.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\wextract.exe

2014-01-29 03:12:59 ----A---- C:\Windows\system32\webcheck.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\vbscript.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\mshtmled.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\msfeeds.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\licmgr10.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\inseng.dll

2014-01-29 03:12:59 ----A---- C:\Windows\system32\iexpress.exe

2014-01-29 03:12:58 ----A---- C:\Windows\system32\pngfilt.dll

2014-01-29 03:12:58 ----A---- C:\Windows\system32\occache.dll

2014-01-29 03:12:58 ----A---- C:\Windows\system32\mshta.exe

2014-01-29 03:12:57 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2014-01-29 03:12:57 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-01-29 03:12:57 ----A---- C:\Windows\system32\msfeedssync.exe

2014-01-29 03:12:57 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-01-29 03:12:57 ----A---- C:\Windows\system32\jscript.dll

2014-01-29 03:12:57 ----A---- C:\Windows\system32\imgutil.dll

2014-01-29 03:12:57 ----A---- C:\Windows\system32\iepeers.dll

2014-01-29 03:12:57 ----A---- C:\Windows\system32\IEAdvpack.dll

2014-01-29 03:12:56 ----A---- C:\Windows\system32\mshtmler.dll

2014-01-29 03:12:56 ----A---- C:\Windows\system32\iesysprep.dll

2014-01-28 19:24:35 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2014-01-28 19:24:35 ----A---- C:\Windows\system32\credui.dll

2014-01-28 19:24:35 ----A---- C:\Windows\system32\authui.dll

2014-01-28 19:13:47 ----A---- C:\Windows\system32\msieftp.dll

2014-01-28 19:13:18 ----A---- C:\Windows\system32\schannel.dll

2014-01-28 19:13:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2014-01-28 19:13:16 ----A---- C:\Windows\system32\drivers\cng.sys

2014-01-28 19:13:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2014-01-28 19:12:55 ----A---- C:\Windows\system32\lsasrv.dll

2014-01-28 19:12:54 ----A---- C:\Windows\system32\sspicli.dll

2014-01-28 19:12:54 ----A---- C:\Windows\system32\ncrypt.dll

2014-01-28 19:12:52 ----A---- C:\Windows\system32\secur32.dll

2014-01-28 19:12:52 ----A---- C:\Windows\system32\lsass.exe

2014-01-28 19:12:51 ----A---- C:\Windows\system32\sspisrv.dll

2014-01-28 19:11:51 ----A---- C:\Windows\system32\imagehlp.dll

2014-01-28 19:11:41 ----A---- C:\Windows\system32\wscript.exe

2014-01-28 19:11:40 ----A---- C:\Windows\system32\scrrun.dll

2014-01-28 19:11:39 ----A---- C:\Windows\system32\cscript.exe

2014-01-28 19:11:24 ----A---- C:\Windows\system32\WMPhoto.dll

2014-01-28 19:10:35 ----A---- C:\Windows\system32\tzres.dll

2014-01-28 19:08:15 ----A---- C:\Windows\system32\win32k.sys

2014-01-28 19:08:06 ----A---- C:\Windows\system32\drivers\portcls.sys

2014-01-28 19:08:06 ----A---- C:\Windows\system32\drivers\drmk.sys

2014-01-28 19:08:01 ----A---- C:\Windows\system32\gdi32.dll

2014-01-28 19:07:56 ----A---- C:\Windows\system32\drivers\netio.sys

2014-01-28 19:07:50 ----A---- C:\Windows\system32\IKEEXT.DLL

2014-01-28 19:07:48 ----A---- C:\Windows\system32\nshwfp.dll

2014-01-28 19:07:48 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2014-01-28 19:07:34 ----A---- C:\Windows\system32\crypt32.dll

2014-01-28 19:06:24 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-28 19:06:24 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-28 19:06:24 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-28 19:06:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-28 19:06:23 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-28 19:06:23 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-28 19:06:23 ----A---- C:\Windows\system32\drivers\usbd.sys

======List of files/folders modified in the last 1 month======

2014-01-30 22:23:39 ----RD---- C:\Program Files

2014-01-30 22:22:49 ----D---- C:\Windows\Temp

2014-01-30 21:14:02 ----D---- C:\Windows\system32\Tasks

2014-01-30 20:49:02 ----SHD---- C:\System Volume Information

2014-01-30 20:34:18 ----D---- C:\Windows\system32\config

2014-01-30 20:09:52 ----D---- C:\ProgramData\DivX

2014-01-30 20:09:52 ----D---- C:\Program Files\DivX

2014-01-30 20:09:49 ----D---- C:\Program Files\Common Files\PX Storage Engine

2014-01-30 20:09:32 ----D---- C:\Program Files\Common Files

2014-01-30 20:09:25 ----SHD---- C:\Windows\Installer

2014-01-30 20:09:25 ----HD---- C:\Config.Msi

2014-01-30 20:09:06 ----D---- C:\Windows\System32

2014-01-30 19:20:14 ----D---- C:\Windows\tracing

2014-01-30 18:56:22 ----D---- C:\Windows\inf

2014-01-30 18:37:42 ----HD---- C:\ProgramData

2014-01-30 18:36:37 ----D---- C:\Windows\Tasks

2014-01-30 18:26:31 ----D---- C:\Users\Jolanda Resier\AppData\Roaming\Systweak

2014-01-30 17:38:37 ----SD---- C:\ProgramData\Microsoft

2014-01-30 16:56:09 ----D---- C:\Windows

2014-01-30 15:46:41 ----D---- C:\Program Files\CCleaner

2014-01-30 09:11:09 ----D---- C:\Program Files\Yontoo

2014-01-30 02:49:26 ----D---- C:\Program Files\AVG

2014-01-30 02:42:13 ----D---- C:\ProgramData\MFAData

2014-01-30 02:32:55 ----D---- C:\Windows\system32\drivers

2014-01-29 23:35:59 ----D---- C:\Program Files\Logitech

2014-01-29 23:34:44 ----D---- C:\Windows\system32\catroot

2014-01-29 23:30:55 ----D---- C:\Windows\Panther

2014-01-29 23:30:53 ----D---- C:\Windows\Logs

2014-01-29 23:30:53 ----D---- C:\Windows\debug

2014-01-29 23:25:51 ----D---- C:\Windows\system32\DriverStore

2014-01-29 23:20:53 ----D---- C:\Program Files\Common Files\logishrd

2014-01-29 23:18:25 ----D---- C:\Program Files\Common Files\LWS

2014-01-29 23:00:10 ----D---- C:\Windows\rescache

2014-01-29 21:25:20 ----D---- C:\Windows\Prefetch

2014-01-29 14:58:53 ----D---- C:\Windows\winsxs

2014-01-29 14:57:49 ----A---- C:\Windows\system32\aswBoot.exe

2014-01-29 14:52:40 ----D---- C:\ProgramData\AVAST Software

2014-01-29 14:37:50 ----D---- C:\Windows\system32\MRT

2014-01-29 14:31:37 ----D---- C:\Program Files\Internet Explorer

2014-01-29 14:21:37 ----D---- C:\Windows\system32\catroot2

2014-01-29 14:18:45 ----D---- C:\Program Files\Microsoft Security Client

2014-01-29 04:41:59 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-29 04:28:29 ----D---- C:\Windows\system32\nl-NL

2014-01-29 04:27:36 ----D---- C:\Program Files\Windows Media Player

2014-01-29 04:26:59 ----D---- C:\Windows\PolicyDefinitions

2014-01-29 04:26:57 ----D---- C:\Windows\system32\migration

2014-01-29 04:26:55 ----D---- C:\Windows\system32\en-US

2014-01-29 04:19:05 ----D---- C:\ProgramData\Microsoft Help

2014-01-29 04:04:24 ----D---- C:\Windows\Microsoft.NET

2014-01-29 04:04:02 ----RSD---- C:\Windows\assembly

2014-01-29 03:56:06 ----A---- C:\Windows\win.ini

2014-01-28 19:34:17 ----D---- C:\Program Files\Java

2014-01-28 18:37:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-01-19 08:32:23 ----N---- C:\Windows\system32\MpSigStub.exe

2014-01-06 16:20:08 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-29 49944]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-29 180248]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-06 21576]

R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-29 79720]

R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-29 775952]

R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-29 410784]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-29 67824]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]

R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-29 64168]

R3 E100B;Intel® PRO-adapterstuurprogramma; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-13 159232]

R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [2013-07-17 154464]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2013-07-17 340624]

S1 bcvhjsns;bcvhjsns; \??\C:\Windows\system32\drivers\bcvhjsns.sys []

S1 fctgheab;fctgheab; \??\C:\Windows\system32\drivers\fctgheab.sys []

S1 fvscxjba;fvscxjba; \??\C:\Windows\system32\drivers\fvscxjba.sys []

S1 gpseopjk;gpseopjk; \??\C:\Windows\system32\drivers\gpseopjk.sys []

S1 hrtunzfj;hrtunzfj; \??\C:\Windows\system32\drivers\hrtunzfj.sys []

S1 iljqomiv;iljqomiv; \??\C:\Windows\system32\drivers\iljqomiv.sys []

S1 jqacfylk;jqacfylk; \??\C:\Windows\system32\drivers\jqacfylk.sys []

S1 klrlwkeh;klrlwkeh; \??\C:\Windows\system32\drivers\klrlwkeh.sys []

S1 kzdngrft;kzdngrft; \??\C:\Windows\system32\drivers\kzdngrft.sys []

S1 pjgkdjkd;pjgkdjkd; \??\C:\Windows\system32\drivers\pjgkdjkd.sys []

S1 rfaqmsnj;rfaqmsnj; \??\C:\Windows\system32\drivers\rfaqmsnj.sys []

S1 udttjvqo;udttjvqo; \??\C:\Windows\system32\drivers\udttjvqo.sys []

S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]

S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []

S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]

S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2011-08-19 315808]

S3 LVUVC;Logitech Webcam 200(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2011-08-19 4334624]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2011-02-16 64000]

S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]

S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]

S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]

S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]

S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-29 50344]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-08-31 107520]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-01-14 508016]

R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [2014-01-23 651232]

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R2 Wpm;Wpm Service; C:\ProgramData\WPM\wprotectmanager.exe [2014-01-30 493568]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-28 136176]

S2 KMService;KMService; C:\Windows\system32\srvany.exe [2011-03-23 8192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-28 257416]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-28 136176]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]

S3 nosGetPlusHelper;getPlus® Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-23 1343400]

-----------------EOF-----------------

- - - Updated - - -

die van 64bit wil mijn computer niet downloaden en alvast bedankt voor jullie medewerking

- - - Updated - - -

info.txt logfile of random's system information tool 1.09 2014-01-30 22:25:19

======Uninstall list======

-->C:\Program Files\Toolbar Cleaner\uninstall.exe

-->C:\ProgramData\Ad-Aware Browsing Protection\uninstall.exe

32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}

Ad-Aware Antivirus-->"C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.1.5354.0\AdAwareUpdater.exe" --uninstall

Ad-Aware Security Add-on-->C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\uninstall.exe

AdAwareInstaller-->MsiExec.exe /I{1836BD51-4707-42EB-A81B-831AB2CA9E6A}

AdAwareUpdater-->MsiExec.exe /I{17E73768-9F21-4334-ABE6-CD131031564C}

Adobe Download Manager-->"C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe" /Get1

Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe -maintain activex

AntimalwareEngine-->MsiExec.exe /I{600DEB42-433A-40AF-BC14-082E40577BF2}

ArcSoft Panorama Maker 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}\Setup.exe" -l0x13

AVG 2014-->MsiExec.exe /I{44BC4A3F-0332-435B-9B75-437FB95F2F88}

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

DefaultTab Chrome-->"C:\Program Files\DefaultTab\uninstaller.exe"

DefaultTab-->"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe"

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{81FB7C60-565A-4869-9D90-3BE1D270E8B7}" "1043" "0"

File Uploader-->MsiExec.exe /X{237CD223-1B9D-47E8-A76C-E478B83CCEA2}

Google Chrome-->"C:\Program Files\Google\Chrome\Application\32.0.1700.102\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Drive-->MsiExec.exe /X{56D4499E-AC3E-4B8D-91C9-C700C148C44B}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot

HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3-->C:\Program Files\HP\Digital Imaging\{A00C9114-40E6-4C70-A619-7DF264B23485}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop -forcereboot

HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot

HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}

HP Smart Web Printing 4.51-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat

HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot

HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}

IePluginService12.27.0.3326-->C:\ProgramData\IePluginService\PluginService.exe -uninstall

Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall

Intel® TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall

Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217021FF}

Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}

JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}

Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

K-Lite Codec Pack 7.0.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Antimalware Service NL-NL Language Pack-->MsiExec.exe /X{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}

Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}

Microsoft Office Groove MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}

Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}

Microsoft Security Client NL-NL Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}

Microsoft Security Client-->MsiExec.exe /X{0CD47142-BA4F-46B0-AA92-2675864928B8}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

MovieDownloader-->C:\Program Files\1clickmoviedownloader.com\uninst.exe

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}

MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}

MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}

MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94}

Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}

Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}

NRW Codec-->MsiExec.exe /X{8033FDC6-86F0-4F34-A2C1-822910825FCA}

Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe

PassWidget-->C:\Program Files\Pass-Widget\Uninstall.exe

RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

RealPlayer-->c:\program files\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|12.0

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CF581973-77E0-3093-A1AC-A03130DE990F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {576C07F8-777C-3981-B8BF-063A6B57254E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {90EA7C4E-7F03-31FD-BE27-B1A9B4AE56BD} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Client

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DC8EDDCF-2031-4C8D-916C-64058A3ACA95}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{63EF0C85-5B63-410F-ACE4-C1D4E6769E7A}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{EC2CA755-17D8-4392-A91E-FD4D2DD31072}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{0241FB40-015F-42AC-A711-1AE59E346B51}" "1043" "0"

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7AC3F78E-ECA0-45F4-A9CC-3E885DA23662}" "1043" "0"

Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{FD346649-CCFA-4FB8-9406-ED3FC568BC72}" "1043" "0"

Security Update for Microsoft Word 2010 (KB2863902) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{09A9DF49-DA06-4093-A2FD-F339211E39EA}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{2C2D6CA0-1F04-4551-A82A-E0800CD616FA}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0413-0000-0000000FF1CE}" "{0B17C286-F7CC-4605-80D0-B465D5A44152}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0413-0000-0000000FF1CE}" "{07466203-7D4B-49A0-85BC-85CCC297AD9E}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0413-0000-0000000FF1CE}" "{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}" "1043" "0"

Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat

SupTab-->C:\Program Files\SupTab\uninstall.exe

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

System Speedup-->"C:\Program Files\System Speedup\unins000.exe" /silent

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {D5B80B17-2443-3296-A700-792FAA0748BD} /parameterfolder Client

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1043" "0"

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}" "1043" "0"

Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1043" "0"

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1043" "0"

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1043" "0"

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1043" "0"

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{9D69691D-823D-4C3E-9B12-563A3F520366}" "1043" "0"

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}" "1043" "0"

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1043" "0"

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1043" "0"

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BA610006-2C39-4419-9834-CF61AB24810A}" "1043" "0"

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}" "1043" "0"

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}" "1043" "0"

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{B5C70C99-B109-42FD-B219-FF12CA543F19}" "1043" "0"

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{82F87E28-B18E-46D6-A399-E2F19CF5949B}" "1043" "0"

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0413-0000-0000000FF1CE}" "{9A854864-23D5-4FD5-8357-F4602A2A7CC4}" "1043" "0"

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}" "1043" "0"

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}" "1043" "0"

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0413-0000-0000000FF1CE}" "{01C54C3F-EF56-4753-A0EC-6B3938822923}" "1043" "0"

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{8C55AA83-54C2-4236-A622-78440A411DC5}" "1043" "0"

Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}

Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}

Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}

Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}

Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}

Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}

Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}

Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}

Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

Windows Searchqu Toolbar-->C:\Program Files\Windows Searchqu Toolbar\uninstall.exe

WiseConvert Toolbar-->C:\Program Files\WiseConvert\uninstall.exe toolbar

WPM17.8.0.3325-->C:\ProgramData\WPM\wprotectmanager.exe -uninstall

======System event log======

Computer Name: AMD5300

Event Code: 7036

Message: De Adobe Flash Player Update Service-service heeft nu de status wordt uitgevoerd.

Record Number: 276386

Source Name: Service Control Manager

Time Written: 20130528193450.815224-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 33

Message: De oudste schaduwkopie van volume C: is verwijderd om het gebruik van schijfruimte voor schaduwkopieën van volume C: beneden de door de gebruiker opgegeven limiet te houden.

Record Number: 276385

Source Name: volsnap

Time Written: 20130528193341.686270-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 7

Message: Beschadigd blok in apparaat \Device\Harddisk0\DR0.

Record Number: 276384

Source Name: Disk

Time Written: 20130528193052.143573-000

Event Type: Fout

User:

Computer Name: AMD5300

Event Code: 7

Message: Beschadigd blok in apparaat \Device\Harddisk0\DR0.

Record Number: 276383

Source Name: Disk

Time Written: 20130528193049.335412-000

Event Type: Fout

User:

Computer Name: AMD5300

Event Code: 7

Message: Beschadigd blok in apparaat \Device\Harddisk0\DR0.

Record Number: 276382

Source Name: Disk

Time Written: 20130528193046.512251-000

Event Type: Fout

User:

=====Application event log=====

Computer Name: AMD5300

Event Code: 301

Message: Windows (3068) Windows: De database-engine is begonnen met het opnieuw afspelen van logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00301.log.

Record Number: 23714

Source Name: ESENT

Time Written: 20120325120927.000000-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 300

Message: Windows (3068) Windows: De database-engine voert herstelstappen uit.

Record Number: 23713

Source Name: ESENT

Time Written: 20120325120927.000000-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 102

Message: Windows (3068) Windows: De database-engine (6.01.7601.0000) heeft een nieuwe sessie (0) gestart.

Record Number: 23712

Source Name: ESENT

Time Written: 20120325120927.000000-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 0

Message:

Record Number: 23711

Source Name: hpqcxs08

Time Written: 20120325120922.000000-000

Event Type: Informatie

User:

Computer Name: AMD5300

Event Code: 5617

Message: Subsystemen van Windows Management Instrumentation-service zijn geïnitialiseerd

Record Number: 23710

Source Name: Microsoft-Windows-WMI

Time Written: 20120325120920.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: AMD5300

Event Code: 4647

Message: De gebruiker heeft een afmelding gestart:

Onderwerp:

Beveiligings-id: S-1-5-21-4027270910-661022722-644475913-1001

Accountnaam: Jolanda Resier

Accountdomein: AMD5300

Aanmeldings-id: 0x138d8

Deze gebeurtenis wordt gegenereerd wanneer een afmelding wordt gestart. De gebruiker kan verder geen activiteiten starten. Deze gebeurtenis kan worden geïnterpreteerd als een afmeldingsgebeurtenis.

Record Number: 42970

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20120720200511.960865-000

Event Type: Controle geslaagd

User:

Computer Name: AMD5300

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 42969

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20120720184705.234736-000

Event Type: Controle geslaagd

User:

Computer Name: AMD5300

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: AMD5300$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x1f8

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 42968

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20120720184705.234736-000

Event Type: Controle geslaagd

User:

Computer Name: AMD5300

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 42967

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20120720105237.377569-000

Event Type: Controle geslaagd

User:

Computer Name: AMD5300

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: AMD5300$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x1f8

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 42966

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20120720105237.377569-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=1

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log

"windows_tracing_flags"=3

-----------------EOF-----------------

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1};c
 {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c
 C:\Program Files\SupTab;fs
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab;fs
 {99079a25-328f-4bd4-be04-00955acaa0a7};c
 {9D717F81-9148-4f12-8568-69135F087DB0};c
 {99079a25-328f-4bd4-be04-00955acaa0a7};c
 DATAMNGR;s
 Search Protection;s
 C:\ProgramData\Search Protection;fs
 DefaultTabUpdate;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 "DATAMNGR"=-;r
 "Search Protection"=-;r
 ""=-;r
 C:\ProgramData\Search Protection;fs
 C:\ProgramData\blekko toolbars;fs
 C:\Users\Jolanda Resier\AppData\Roaming\SecureSearch;fs
 C:\Users\Jolanda Resier\AppData\Roaming\Systweak;fs
 C:\Program Files\Yontoo;fs
 bcvhjsns;s
 fctgheab;s
 fvscxjba;s
 gpseopjk;s
 hrtunzfj;s
 iljqomiv;s
 jqacfylk;s
 klrlwkeh;s
 kzdngrft;s
 pjgkdjkd;s
 rfaqmsnj;s
 udttjvqo;s
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[ikwordgekvanmijnPC]

Zoek.exe v5.0.0.0 Updated 29-January-2014

Tool run by Jolanda Resier on vr 31-01-2014 at 5:17:06,69.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Jolanda Resier\Documents\Downloads\zoek (3).exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

31-1-2014 5:21:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Adobe deleted successfully

C:\Program Files\Fighters deleted successfully

C:\Program Files\LimewirePlus deleted successfully

C:\Program Files\System Speedup deleted successfully

C:\Program Files\Common Files\LWS deleted successfully

C:\Program Files\Common Files\Symantec Shared deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\NexonUS deleted successfully

C:\Users\Jolanda Resier\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\Jolanda Resier\AppData\Roaming\WinRAR deleted successfully

C:\Users\Jolanda Resier\AppData\Local\LogiShrd deleted successfully

C:\Users\Jolanda Resier\AppData\Local\OpenCandy deleted successfully

C:\Users\Jolanda Resier\AppData\Local\PackageAware deleted successfully

C:\Users\Jolanda Resier\AppData\Local\Research In Motion deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bcvhjsns deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bcvhjsns deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fctgheab deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fctgheab deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fvscxjba deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fvscxjba deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gpseopjk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\gpseopjk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hrtunzfj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hrtunzfj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iljqomiv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iljqomiv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jqacfylk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\jqacfylk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klrlwkeh deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\klrlwkeh deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kzdngrft deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kzdngrft deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pjgkdjkd deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pjgkdjkd deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rfaqmsnj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rfaqmsnj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\udttjvqo deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\udttjvqo deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"DATAMNGR"=-

"Search Protection"=-

""=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Search Protection not found

C:\ProgramData\Search Protection not found

C:\ProgramData\blekko toolbars not found

C:\Program Files\SupTab deleted

C:\Users\Jolanda Resier\AppData\Roaming\SecureSearch deleted

C:\Users\Jolanda Resier\AppData\Roaming\Systweak deleted

C:\Program Files\Yontoo deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll" deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe" deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab" not deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-01-29 13:57:49 0245D0889C3443F5DC9194558583FE59 43152 ----a-w- C:\Windows\avastSS.scr

====== C:\Users\JOLAND~1\AppData\Local\Temp ====

2014-01-31 03:21:40 9911EF198C1A01F11D8D6F777F9A9261 1070088 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\install_flashplayer12x32axau_mssa_aaa_aih.exe

2014-01-31 02:29:24 A412399D2431857141FAB8FA598EC426 166792 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\psmachine.dll

2014-01-31 02:29:24 A32E19DB8623C6E50DF6F8C0768881BE 166792 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\psuser.dll

2014-01-31 02:29:23 C36444D7301A8C881FC7296B092609C7 578440 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\npGoogleUpdate3.dll

2014-01-31 02:28:28 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateSetup.exe

2014-01-31 02:28:28 A7495E342A2EE0160812AC856C11F6CF 847752 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\goopdate.dll

2014-01-31 02:28:28 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateOnDemand.exe

2014-01-31 02:28:27 FBF1CE5A3D017271CF979A3DFF872BFB 26112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateHelper.msi

2014-01-31 02:28:27 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateBroker.exe

2014-01-31 02:28:26 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler64.exe

2014-01-31 02:28:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdate.exe

2014-01-31 02:28:26 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler.exe

2014-01-30 19:42:47 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\instup.exe

2014-01-30 19:42:47 DC730F5EA07F8CE98E49BBBD110EAA14 3167112 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\HTMLayout.dll

2014-01-30 19:42:47 D11625C81FB88DC8A607BB9D76920A3D 2966792 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\aswOfferTool.exe

2014-01-30 19:42:47 BCDEA07CD91EF85BBCC869DF4906C8C1 7201640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\Instup.dll

2014-01-30 19:42:47 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\avBugReport.exe

2014-01-30 19:41:55 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\instup.exe

2014-01-30 19:41:53 DC730F5EA07F8CE98E49BBBD110EAA14 3167112 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\HTMLayout.dll

2014-01-30 19:41:44 BCDEA07CD91EF85BBCC869DF4906C8C1 7201640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\Instup.dll

2014-01-30 19:41:24 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\avBugReport.exe

2014-01-30 17:22:47 511942E0C59CFE4419604A2E070E79CC 8192 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\OKitSpaceSetup.exe

2014-01-30 17:22:21 8A27DB882C784B0F205B1FF72C72F841 4624785 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\systemspeedup.exe

2014-01-30 17:21:45 9A7348E0F5C4A56455C1533E8B4EB313 882672 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\vit_sweet-page.exe

2014-01-30 12:06:34 6BF0239E4E680068A1D93FDA830DAF71 603988 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\instloffer.exe

2014-01-30 01:25:43 C54B767CA838D6DD39CABC8DF017C34C 4048592 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\5677a7de-6b0f-45d6-b279-9fa4d36c1159.exe

2014-01-29 22:03:53 4F93663C1849D7723F160586F84465DA 178064 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGM.exe

2014-01-29 22:03:52 8DB30A62D73A072E601C80AE257A480C 399704 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGMResource.dll

2014-01-29 22:03:52 0AF2FC1A37EFDD0E3F5493B43B97026C 911256 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGMDll.dll

2014-01-23 00:54:20 9E343AE10F8B2F8C75B957E065D004D4 100864 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\QQBrowserFrame.dll

2014-01-23 00:54:20 2EEE15B1927EADFF45013E94B0CB0D94 131640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\QQBrowser.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-01-30 15:54:49 ABE0D5749C3C41510121241112389C91 409752 ----a-w- C:\Windows\System32\FNTCACHE.DAT

2014-01-29 13:20:58 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-29 13:20:57 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-29 13:20:56 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-29 13:20:55 BE8480727660354B93E32B0ED709BF0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-01-29 13:20:55 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\System32\ieui.dll

2014-01-29 13:20:54 491B4F34BA2CD7EFCAC934C7EFF48F52 61952 ----a-w- C:\Windows\System32\iesetup.dll

2014-01-29 13:20:54 36D150C4F80DF88ED97D14598C24692F 32768 ----a-w- C:\Windows\System32\iernonce.dll

2014-01-29 13:20:54 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-01-29 13:20:53 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-01-29 13:20:53 7C7FF72C48AF9DD8CA7ABA2EA97A6670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-01-29 13:20:53 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-29 13:20:53 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-01-29 13:20:51 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\System32\wininet.dll

2014-01-29 13:20:50 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-29 13:20:50 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-29 13:20:50 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-29 13:20:48 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-29 13:20:46 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-29 13:20:46 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\System32\jscript9.dll

2014-01-29 02:22:28 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\System32\wmp.dll

2014-01-29 02:22:22 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\System32\wmploc.DLL

2014-01-29 02:13:05 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-01-29 02:13:05 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll

2014-01-29 02:13:04 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2014-01-29 02:13:04 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll

2014-01-29 02:13:04 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll

2014-01-29 02:13:03 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll

2014-01-29 02:13:02 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-01-29 02:13:02 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf

2014-01-29 02:13:02 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec

2014-01-29 02:13:02 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll

2014-01-29 02:13:02 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-01-29 02:13:02 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat

2014-01-29 02:13:02 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx

2014-01-29 02:13:02 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll

2014-01-29 02:13:02 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-01-29 02:13:02 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll

2014-01-29 02:13:01 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-01-29 02:12:59 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll

2014-01-29 02:12:59 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll

2014-01-29 02:12:59 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe

2014-01-29 02:12:59 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll

2014-01-29 02:12:59 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe

2014-01-29 02:12:59 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll

2014-01-29 02:12:59 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll

2014-01-29 02:12:59 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll

2014-01-29 02:12:58 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe

2014-01-29 02:12:58 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll

2014-01-29 02:12:58 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll

2014-01-29 02:12:57 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll

2014-01-29 02:12:57 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2014-01-29 02:12:57 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll

2014-01-29 02:12:57 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll

2014-01-29 02:12:57 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-01-29 02:12:57 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-01-29 02:12:57 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-01-29 02:12:57 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll

2014-01-29 02:12:56 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll

2014-01-29 02:12:56 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll

2014-01-28 18:24:35 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll

2014-01-28 18:24:35 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll

2014-01-28 18:24:35 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2014-01-28 18:13:47 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\System32\msieftp.dll

2014-01-28 18:13:18 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll

2014-01-28 18:12:55 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll

2014-01-28 18:12:54 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll

2014-01-28 18:12:54 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll

2014-01-28 18:12:52 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe

2014-01-28 18:12:52 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll

2014-01-28 18:12:51 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll

2014-01-28 18:11:51 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-28 18:11:41 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe

2014-01-28 18:11:41 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\System32\wshom.ocx

2014-01-28 18:11:40 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\System32\scrrun.dll

2014-01-28 18:11:39 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe

2014-01-28 18:11:24 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\System32\WMPhoto.dll

2014-01-28 18:10:35 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-01-28 18:08:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 18:08:01 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll

2014-01-28 18:07:50 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL

2014-01-28 18:07:48 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2014-01-28 18:07:48 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll

2014-01-28 18:07:34 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll

====== C:\Windows\system32\drivers =====

2014-01-29 13:59:09 BFE2A154BC197656ACA0FF917564406D 64168 ----a-w- C:\Windows\System32\drivers\aswStm.sys

2014-01-29 13:59:08 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-29 13:59:07 8CD8710457FCC1CDE88CBFA3AA119B92 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-29 13:59:04 C1F95C9481F46B96E23A276639C55AC9 410784 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-29 13:59:03 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-29 13:59:02 61953E5E1FFAEAF246A610BEE2554879 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-29 13:59:01 2206985EF126AB90F3D7F1A020589DC9 79720 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2014-01-28 18:13:16 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-01-28 18:13:16 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys

2014-01-28 18:13:11 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 18:07:56 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

====== C:\Windows\Tasks ======

2014-01-31 03:33:11 D3F98456B1EDDAEE19EF8FFB2384E1F8 3396 ----a-w- C:\Windows\system32\Tasks\Install_SSD

2014-01-30 17:24:33 08A5CBBFB7800E7B7C26B9978556845F 3044 ----a-w- C:\Windows\system32\Tasks\PassWidget Update

2014-01-30 17:24:25 103C7884432434719BFD1015FDD49426 378 ----a-w- C:\Windows\Tasks\PassWidget Update.job

2014-01-29 22:28:32 89C5613414DDB996BCE9C11A3803D0F8 3088 ----a-w- C:\Windows\system32\Tasks\{A2BDF64C-A442-4806-A954-A31C9516C370}

2014-01-29 13:59:44 5F87AA91A94E635C2365B7B32555F5BA 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update

2014-01-13 22:28:25 69A282A7293F02873D323B356E18D715 3826 ----a-w- C:\Windows\system32\Tasks\DTReg

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 21:23:39 -------- d-----w- C:\Program Files\trend micro

2014-01-30 17:24:21 -------- d-----w- C:\Program Files\Pass-Widget

2014-01-30 01:27:16 -------- d-----w- C:\Program Files\Lavasoft

2014-01-30 01:23:13 -------- d-----w- C:\Program Files\Common Files\Lavasoft

======= C: =====

====== C:\Users\Jolanda Resier\AppData\Roaming ======

2014-01-31 03:10:14 EBB503CAAFF9F403EEAF584A1F41C635 2272 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

2014-01-31 01:54:43 -------- d-----w- C:\Users\Jolanda Resier\AppData\Local\ElevatedDiagnostics

2014-01-30 15:57:01 781DF97ACD1A977D94D5132494360DCA 109600 ----a-w- C:\Users\Jolanda Resier\AppData\Local\GDIPFONTCACHEV1.DAT

2014-01-30 03:59:08 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\LavasoftStatistics

2014-01-30 01:49:43 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014

2014-01-30 01:25:15 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\Lavasoft

2014-01-30 01:23:26 -------- d-----w- C:\Users\Jolanda Resier\AppData\Local\Avg2014

2014-01-29 14:28:15 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\TuneUp Software

====== C:\Users\Jolanda Resier ======

2014-01-31 03:15:50 -------- d-----r- C:\Users\Jolanda Resier\Documents

2014-01-31 01:41:58 -------- d-----r- C:\Users\Jolanda Resier\Favorites

2014-01-31 01:12:56 -------- d-----r- C:\Users\Jolanda Resier\Desktop

2014-01-30 17:37:42 -------- d-----w- C:\ProgramData\IePluginService

2014-01-30 17:36:57 -------- d-----w- C:\ProgramData\WPM

2014-01-30 01:17:09 -------- d-----w- C:\ProgramData\Lavasoft

2014-01-28 18:34:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-01-31 03:21:40 9911EF198C1A01F11D8D6F777F9A9261 1070088 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\install_flashplayer12x32axau_mssa_aaa_aih.exe

2014-01-31 02:31:20 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Install\{0BF3B539-98BF-4917-AEF8-4D4294443D74}\32.0.1700.102_chrome_installer.exe

2014-01-31 02:31:19 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.102\32.0.1700.102_chrome_installer.exe

2014-01-31 02:28:28 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateSetup.exe

2014-01-31 02:28:28 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateOnDemand.exe

2014-01-31 02:28:27 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateBroker.exe

2014-01-31 02:28:26 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler64.exe

2014-01-31 02:28:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdate.exe

2014-01-31 02:28:26 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler.exe

2014-01-30 21:23:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jolanda Resier.exe

2014-01-30 19:42:47 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\instup.exe

2014-01-30 19:42:47 D11625C81FB88DC8A607BB9D76920A3D 2966792 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\aswOfferTool.exe

2014-01-30 19:42:47 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\avBugReport.exe

2014-01-30 19:41:55 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\instup.exe

2014-01-30 19:41:24 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\avBugReport.exe

2014-01-30 17:37:42 D1EBE337782B1F32A52C0C80A98FC08B 508016 ----a-w- C:\ProgramData\IePluginService\PluginService.exe

2014-01-30 17:36:58 39531D54F2AFA4473BB4A97F64E99271 493568 ----a-w- C:\ProgramData\WPM\wprotectmanager.exe

2014-01-30 17:24:06 6AA0AF80E07736DEFC8361811C582685 160135 ----a-w- C:\Program Files\Pass-Widget\Uninstall.exe

2014-01-30 17:23:55 3CC34C3F48B39E081FDCEF02C472C5F3 251904 ----a-w- C:\Program Files\Pass-Widget\passwup.exe

2014-01-30 17:22:47 AA16CCAE722A70A380ACF4AE0693ACFD 8521 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W46S49UL\OKitSpaceSetup[1].exe

2014-01-30 17:22:47 511942E0C59CFE4419604A2E070E79CC 8192 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\OKitSpaceSetup.exe

2014-01-30 17:22:21 8A27DB882C784B0F205B1FF72C72F841 4624785 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\systemspeedup.exe

2014-01-30 17:21:45 9A7348E0F5C4A56455C1533E8B4EB313 882672 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\vit_sweet-page.exe

2014-01-30 12:06:34 6BF0239E4E680068A1D93FDA830DAF71 603988 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\instloffer.exe

2014-01-30 01:25:43 C54B767CA838D6DD39CABC8DF017C34C 4048592 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\5677a7de-6b0f-45d6-b279-9fa4d36c1159.exe

2014-01-29 22:03:53 4F93663C1849D7723F160586F84465DA 178064 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGM.exe

2014-01-29 13:20:51 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-01-29 04:04:34 67FF24E267534F997E4874BBD30C941C 12607144 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_30.0.1599.101_chrome_updater.exe

2014-01-29 02:22:22 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2014-01-29 02:13:04 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-01-29 02:13:02 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-01-29 02:13:02 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe

2014-01-29 02:12:57 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe

2014-01-28 22:58:06 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-28 22:58:06 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-28 22:58:04 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-28 22:57:20 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-28 22:57:20 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-28 22:57:15 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-28 22:56:40 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

2014-01-28 18:31:57 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Jolanda Resier\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

=== C: other files ==

2014-01-31 03:43:22 A633C1DD965307A31E0B4A13C30C7A5D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4027270910-661022722-644475913-1001\$INSTOXK.com

2014-01-30 17:29:39 099D2BB54063A342296D39A199180554 1439487 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\tmp\package2.zip

2014-01-30 17:29:27 89C1D511BADC8074138F237D89D381EB 325038 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

2014-01-30 17:24:21 3D956C0AA82A29DD8AB9B4CD3F5E6FE2 9789 ----a-w- C:\Program Files\Pass-Widget\150.xpi

2014-01-30 17:23:28 1834F81E48E1D06EDFB9F6A55C48E5B8 17922 ----a-w- C:\Program Files\Pass-Widget\150.crx

2014-01-30 17:22:49 DAE050612482639114C4DBE70EAD6B58 1877249 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\package1.zip

2014-01-30 00:10:46 CC20AA0EE104065B6FA346B9D048485A 32128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe\2.1.2_0\american-racing-2-3d.crx

2014-01-29 13:59:09 BFE2A154BC197656ACA0FF917564406D 64168 ----a-w- C:\Windows\System32\drivers\aswStm.sys

2014-01-29 13:59:08 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-29 13:59:07 8CD8710457FCC1CDE88CBFA3AA119B92 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-29 13:59:04 C1F95C9481F46B96E23A276639C55AC9 410784 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-29 13:59:03 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-29 13:59:02 61953E5E1FFAEAF246A610BEE2554879 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-29 13:59:01 2206985EF126AB90F3D7F1A020589DC9 79720 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2014-01-28 18:13:16 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-01-28 18:13:16 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys

2014-01-28 18:13:11 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 18:08:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\portcls.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\drmk.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 18:07:56 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)]

"command"=""

"hkey"="HKLM"

"item"="(default)"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ad-Aware Browsing Protection]

"command"="\"C:\\ProgramData\\Ad-Aware Browsing Protection\\adawarebp.exe\""

"hkey"="HKLM"

"item"="Ad-Aware Browsing Protection"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray]

"command"="\"C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.1.5354.0\\AdAwareTray.exe\""

"hkey"="HKLM"

"item"="AdAwareTray"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]

"command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

"hkey"="HKLM"

"item"="ArcSoft Connection Service"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

"hkey"="HKLM"

"item"="BCSSync"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ClamWin]

"command"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"

"hkey"="HKLM"

"item"="ClamWin"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR]

"command"="C:\\PROGRA~1\\WIA6EB~1\\Datamngr\\DATAMN~1.EXE"

"hkey"="HKLM"

"item"="DATAMNGR"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

"hkey"="HKLM"

"item"="HP Software Update"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]

"command"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

"hkey"="HKLM"

"item"="hpqSRMon"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

"hkey"="HKLM"

"item"="MSC"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Transfer Monitor]

"command"="C:\\Program Files\\Common Files\\Nikon\\Monitor\\NkMonitor.exe"

"hkey"="HKLM"

"item"="Nikon Transfer Monitor"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection]

"command"="C:\\ProgramData\\Search Protection\\SearchProtection.exe"

"hkey"="HKLM"

"item"="Search Protection"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"command"="\"c:\\program files\\real\\realplayer\\Update\\realsched.exe\" -osboot"

"hkey"="HKLM"

"item"="TkBellExe"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2011-03-31 18:58:39 2069 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [28-01-2014 18:37]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-03-2011 14:32]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-03-2011 14:32]

C:\Windows\tasks\PassWidget Update.job --a------ C:\Program Files\Pass-Widget\passwup.exe [30-01-2014 18:24]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\DTReg" [C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Install_SSD" [C:\Users\Jolanda]

"C:\Windows\system32\tasks\PassWidget Update" [C:\Program Files\Pass-Widget\passwup.exe]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-4027270910-661022722-644475913-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-4027270910-661022722-644475913-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]

"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{98BD8F3E-E746-4F16-8D2A-42DBE591DA0B}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{14029CE4-12A6-47E4-81F3-DAECB7FE72EB}" [E:\Nikon Transfer\WMFDist.exe]

"C:\Windows\system32\tasks\{46E36538-E172-430C-9463-EC359DFF60B9}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\{7888A96D-1C3F-441D-96C6-4F34BC9821B1}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\{B808D153-9F0E-46CC-A5B3-78EDFF6D716F}" [C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe]

"C:\Windows\system32\tasks\{D2A6F8A0-C576-478E-A264-1E5B10600354}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [24-11-2011 12:26]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{f9820cf4-de9a-441e-b465-d0219fdd147e}"="C:\Program Files\Pass-Widget\150.xpi" [30-01-2014 18:24]

==== Firefox Extensions ======================

ExtDir: C:\Users\Jolanda Resier\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- 1ClickMovieDownloader - %ExtDir%\clickmoviedownloader@clickmoviedownloader.com.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bcjagnifjocnddgeknajocbkkhlgibem - C:\Program Files\Chrome\surfcanyon.crx[22-07-2011 17:46]

dhpigdnmefdjeemeldnnmbckmpogpbji - C:\Program Files\1clickmoviedownloader.com\clickmoviedownloader10.crx[]

fbdagnimlohkpamglloopgfnoiijpmoj - C:\Program Files\Pass-Widget\150.crx[30-01-2014 18:23]

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[29-01-2014 14:57]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[24-11-2011 12:26]

kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files\DefaultTab\DefaultTab.crx[16-09-2013 15:03]

niapdbllcanepiiimjjndipklodoedlc - No path found[]

oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx[]

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[]

pkndmigholgfjlniaohblojbhgjbkakn - C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[14-01-2014 00:20]

Surf Canyon - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem

Improved sequel. 12 new courses 45 more events better handling upgrades. - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe

Extended Protection - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

PassWidget - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdagnimlohkpamglloopgfnoiijpmoj

avast Online Security - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

RealPlayer HTML5Video Downloader Extension - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

DefaultTab - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Google Wallet - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Lightning speedDial - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn

DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

undetermined - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Mozilla\Firefox\Extensions\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=68 folders=31 6528163 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab" not found

==== EOF on vr 31-01-2014 at 5:40:06,47 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection];r
 C:\Windows\system32\tasks\DTReg;s
 C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab;fs
 C:\Windows\system32\tasks\{14029CE4-12A6-47E4-81F3-DAECB7FE72EB};fs
 C:\Windows\system32\tasks\{46E36538-E172-430C-9463-EC359DFF60B9};fs
 C:\Windows\system32\tasks\{7888A96D-1C3F-441D-96C6-4F34BC9821B1};fs
 C:\Windows\system32\tasks\{B808D153-9F0E-46CC-A5B3-78EDFF6D716F};fs
 C:\Windows\system32\tasks\{D2A6F8A0-C576-478E-A264-1E5B10600354};fs
 C:\Users\Jolanda Resier\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\clickmoviedownloader@clickmoviedownloader.com.xpi;f
 Bcjagnifjocnddgeknajocbkkhlgibem;chr
 C:\Program Files\Chrome\surfcanyon.crx;f
 Dhpigdnmefdjeemeldnnmbckmpogpbji;chr
 C:\Program Files\1clickmoviedownloader.com\clickmoviedownloader10.crx;f
 Kdidombaedgpfiiedeimiebkmbilgmlc;chr
 C:\Program Files\DefaultTab\DefaultTab.crx;f
niapdbllcanepiiimjjndipklodoedlc ;chr
oejkcgajlodefenbbjdnaiahmbnnoole;chr
 C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx;f
 pgafcinpmmpklohkojmllohd****efph;chr
 C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx;f
 Bfpfdjclhabpjncikdngdoldjjjegnbe;chr
 Cekcjpgehmohobmdiikfnopibipmgnml;chr
 emptyfolderscheck;delete 
autoclean;
startupall; 
filesrcm;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[ikwordgekvanmijnPC]

Zoek.exe v5.0.0.0 Updated 29-January-2014

Tool run by Jolanda Resier on vr 31-01-2014 at 5:17:06,69.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Jolanda Resier\Documents\Downloads\zoek (3).exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

31-1-2014 5:21:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Adobe deleted successfully

C:\Program Files\Fighters deleted successfully

C:\Program Files\LimewirePlus deleted successfully

C:\Program Files\System Speedup deleted successfully

C:\Program Files\Common Files\LWS deleted successfully

C:\Program Files\Common Files\Symantec Shared deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\NexonUS deleted successfully

C:\Users\Jolanda Resier\AppData\Roaming\Media Player Classic deleted successfully

C:\Users\Jolanda Resier\AppData\Roaming\WinRAR deleted successfully

C:\Users\Jolanda Resier\AppData\Local\LogiShrd deleted successfully

C:\Users\Jolanda Resier\AppData\Local\OpenCandy deleted successfully

C:\Users\Jolanda Resier\AppData\Local\PackageAware deleted successfully

C:\Users\Jolanda Resier\AppData\Local\Research In Motion deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bcvhjsns deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bcvhjsns deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fctgheab deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fctgheab deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fvscxjba deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fvscxjba deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gpseopjk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\gpseopjk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hrtunzfj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hrtunzfj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iljqomiv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iljqomiv deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jqacfylk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\jqacfylk deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\klrlwkeh deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\klrlwkeh deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kzdngrft deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kzdngrft deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pjgkdjkd deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pjgkdjkd deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rfaqmsnj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rfaqmsnj deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\udttjvqo deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\udttjvqo deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"DATAMNGR"=-

"Search Protection"=-

""=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Search Protection not found

C:\ProgramData\Search Protection not found

C:\ProgramData\blekko toolbars not found

C:\Program Files\SupTab deleted

C:\Users\Jolanda Resier\AppData\Roaming\SecureSearch deleted

C:\Users\Jolanda Resier\AppData\Roaming\Systweak deleted

C:\Program Files\Yontoo deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll" deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe" deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab" not deleted

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-01-29 13:57:49 0245D0889C3443F5DC9194558583FE59 43152 ----a-w- C:\Windows\avastSS.scr

====== C:\Users\JOLAND~1\AppData\Local\Temp ====

2014-01-31 03:21:40 9911EF198C1A01F11D8D6F777F9A9261 1070088 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\install_flashplayer12x32axau_mssa_aaa_aih.exe

2014-01-31 02:29:24 A412399D2431857141FAB8FA598EC426 166792 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\psmachine.dll

2014-01-31 02:29:24 A32E19DB8623C6E50DF6F8C0768881BE 166792 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\psuser.dll

2014-01-31 02:29:23 C36444D7301A8C881FC7296B092609C7 578440 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\npGoogleUpdate3.dll

2014-01-31 02:28:28 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateSetup.exe

2014-01-31 02:28:28 A7495E342A2EE0160812AC856C11F6CF 847752 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\goopdate.dll

2014-01-31 02:28:28 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateOnDemand.exe

2014-01-31 02:28:27 FBF1CE5A3D017271CF979A3DFF872BFB 26112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateHelper.msi

2014-01-31 02:28:27 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateBroker.exe

2014-01-31 02:28:26 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler64.exe

2014-01-31 02:28:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdate.exe

2014-01-31 02:28:26 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler.exe

2014-01-30 19:42:47 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\instup.exe

2014-01-30 19:42:47 DC730F5EA07F8CE98E49BBBD110EAA14 3167112 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\HTMLayout.dll

2014-01-30 19:42:47 D11625C81FB88DC8A607BB9D76920A3D 2966792 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\aswOfferTool.exe

2014-01-30 19:42:47 BCDEA07CD91EF85BBCC869DF4906C8C1 7201640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\Instup.dll

2014-01-30 19:42:47 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\avBugReport.exe

2014-01-30 19:41:55 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\instup.exe

2014-01-30 19:41:53 DC730F5EA07F8CE98E49BBBD110EAA14 3167112 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\HTMLayout.dll

2014-01-30 19:41:44 BCDEA07CD91EF85BBCC869DF4906C8C1 7201640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\Instup.dll

2014-01-30 19:41:24 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\avBugReport.exe

2014-01-30 17:22:47 511942E0C59CFE4419604A2E070E79CC 8192 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\OKitSpaceSetup.exe

2014-01-30 17:22:21 8A27DB882C784B0F205B1FF72C72F841 4624785 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\systemspeedup.exe

2014-01-30 17:21:45 9A7348E0F5C4A56455C1533E8B4EB313 882672 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\vit_sweet-page.exe

2014-01-30 12:06:34 6BF0239E4E680068A1D93FDA830DAF71 603988 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\instloffer.exe

2014-01-30 01:25:43 C54B767CA838D6DD39CABC8DF017C34C 4048592 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\5677a7de-6b0f-45d6-b279-9fa4d36c1159.exe

2014-01-29 22:03:53 4F93663C1849D7723F160586F84465DA 178064 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGM.exe

2014-01-29 22:03:52 8DB30A62D73A072E601C80AE257A480C 399704 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGMResource.dll

2014-01-29 22:03:52 0AF2FC1A37EFDD0E3F5493B43B97026C 911256 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGMDll.dll

2014-01-23 00:54:20 9E343AE10F8B2F8C75B957E065D004D4 100864 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\QQBrowserFrame.dll

2014-01-23 00:54:20 2EEE15B1927EADFF45013E94B0CB0D94 131640 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\QQBrowser.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-01-30 15:54:49 ABE0D5749C3C41510121241112389C91 409752 ----a-w- C:\Windows\System32\FNTCACHE.DAT

2014-01-29 13:20:58 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-29 13:20:57 A6B0B7F006F1CB84B48981499F6B7210 208896 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-01-29 13:20:56 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-29 13:20:55 BE8480727660354B93E32B0ED709BF0E 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-01-29 13:20:55 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\System32\ieui.dll

2014-01-29 13:20:54 491B4F34BA2CD7EFCAC934C7EFF48F52 61952 ----a-w- C:\Windows\System32\iesetup.dll

2014-01-29 13:20:54 36D150C4F80DF88ED97D14598C24692F 32768 ----a-w- C:\Windows\System32\iernonce.dll

2014-01-29 13:20:54 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-01-29 13:20:53 C8AF3CF3030C3962B978FA3871D759FF 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-01-29 13:20:53 7C7FF72C48AF9DD8CA7ABA2EA97A6670 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-01-29 13:20:53 3DE9521C90F7CC4413CBF6569A8B85B5 112128 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-29 13:20:53 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-01-29 13:20:51 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\System32\wininet.dll

2014-01-29 13:20:50 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-29 13:20:50 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-29 13:20:50 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-29 13:20:48 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-29 13:20:46 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-29 13:20:46 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\System32\jscript9.dll

2014-01-29 02:22:28 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\System32\wmp.dll

2014-01-29 02:22:22 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\System32\wmploc.DLL

2014-01-29 02:13:05 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-01-29 02:13:05 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll

2014-01-29 02:13:04 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2014-01-29 02:13:04 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll

2014-01-29 02:13:04 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll

2014-01-29 02:13:03 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll

2014-01-29 02:13:02 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-01-29 02:13:02 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf

2014-01-29 02:13:02 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec

2014-01-29 02:13:02 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll

2014-01-29 02:13:02 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-01-29 02:13:02 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat

2014-01-29 02:13:02 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx

2014-01-29 02:13:02 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll

2014-01-29 02:13:02 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-01-29 02:13:02 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll

2014-01-29 02:13:01 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-01-29 02:12:59 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll

2014-01-29 02:12:59 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll

2014-01-29 02:12:59 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe

2014-01-29 02:12:59 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll

2014-01-29 02:12:59 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe

2014-01-29 02:12:59 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll

2014-01-29 02:12:59 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll

2014-01-29 02:12:59 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll

2014-01-29 02:12:58 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe

2014-01-29 02:12:58 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll

2014-01-29 02:12:58 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll

2014-01-29 02:12:57 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll

2014-01-29 02:12:57 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2014-01-29 02:12:57 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll

2014-01-29 02:12:57 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll

2014-01-29 02:12:57 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-01-29 02:12:57 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll

2014-01-29 02:12:57 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe

2014-01-29 02:12:57 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll

2014-01-29 02:12:56 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll

2014-01-29 02:12:56 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll

2014-01-28 18:24:35 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll

2014-01-28 18:24:35 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll

2014-01-28 18:24:35 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2014-01-28 18:13:47 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\System32\msieftp.dll

2014-01-28 18:13:18 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll

2014-01-28 18:12:55 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll

2014-01-28 18:12:54 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll

2014-01-28 18:12:54 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll

2014-01-28 18:12:52 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe

2014-01-28 18:12:52 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll

2014-01-28 18:12:51 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll

2014-01-28 18:11:51 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-28 18:11:41 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\System32\wscript.exe

2014-01-28 18:11:41 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\System32\wshom.ocx

2014-01-28 18:11:40 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\System32\scrrun.dll

2014-01-28 18:11:39 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\System32\cscript.exe

2014-01-28 18:11:24 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\System32\WMPhoto.dll

2014-01-28 18:10:35 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\System32\tzres.dll

2014-01-28 18:08:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 18:08:01 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll

2014-01-28 18:07:50 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL

2014-01-28 18:07:48 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2014-01-28 18:07:48 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll

2014-01-28 18:07:34 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll

====== C:\Windows\system32\drivers =====

2014-01-29 13:59:09 BFE2A154BC197656ACA0FF917564406D 64168 ----a-w- C:\Windows\System32\drivers\aswStm.sys

2014-01-29 13:59:08 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-29 13:59:07 8CD8710457FCC1CDE88CBFA3AA119B92 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-29 13:59:04 C1F95C9481F46B96E23A276639C55AC9 410784 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-29 13:59:03 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-29 13:59:02 61953E5E1FFAEAF246A610BEE2554879 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-29 13:59:01 2206985EF126AB90F3D7F1A020589DC9 79720 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2014-01-28 18:13:16 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-01-28 18:13:16 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys

2014-01-28 18:13:11 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 18:07:56 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

====== C:\Windows\Tasks ======

2014-01-31 03:33:11 D3F98456B1EDDAEE19EF8FFB2384E1F8 3396 ----a-w- C:\Windows\system32\Tasks\Install_SSD

2014-01-30 17:24:33 08A5CBBFB7800E7B7C26B9978556845F 3044 ----a-w- C:\Windows\system32\Tasks\PassWidget Update

2014-01-30 17:24:25 103C7884432434719BFD1015FDD49426 378 ----a-w- C:\Windows\Tasks\PassWidget Update.job

2014-01-29 22:28:32 89C5613414DDB996BCE9C11A3803D0F8 3088 ----a-w- C:\Windows\system32\Tasks\{A2BDF64C-A442-4806-A954-A31C9516C370}

2014-01-29 13:59:44 5F87AA91A94E635C2365B7B32555F5BA 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update

2014-01-13 22:28:25 69A282A7293F02873D323B356E18D715 3826 ----a-w- C:\Windows\system32\Tasks\DTReg

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 21:23:39 -------- d-----w- C:\Program Files\trend micro

2014-01-30 17:24:21 -------- d-----w- C:\Program Files\Pass-Widget

2014-01-30 01:27:16 -------- d-----w- C:\Program Files\Lavasoft

2014-01-30 01:23:13 -------- d-----w- C:\Program Files\Common Files\Lavasoft

======= C: =====

====== C:\Users\Jolanda Resier\AppData\Roaming ======

2014-01-31 03:10:14 EBB503CAAFF9F403EEAF584A1F41C635 2272 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

2014-01-31 01:54:43 -------- d-----w- C:\Users\Jolanda Resier\AppData\Local\ElevatedDiagnostics

2014-01-30 15:57:01 781DF97ACD1A977D94D5132494360DCA 109600 ----a-w- C:\Users\Jolanda Resier\AppData\Local\GDIPFONTCACHEV1.DAT

2014-01-30 03:59:08 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\LavasoftStatistics

2014-01-30 01:49:43 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014

2014-01-30 01:25:15 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\Lavasoft

2014-01-30 01:23:26 -------- d-----w- C:\Users\Jolanda Resier\AppData\Local\Avg2014

2014-01-29 14:28:15 -------- d-----w- C:\Users\Jolanda Resier\AppData\Roaming\TuneUp Software

====== C:\Users\Jolanda Resier ======

2014-01-31 03:15:50 -------- d-----r- C:\Users\Jolanda Resier\Documents

2014-01-31 01:41:58 -------- d-----r- C:\Users\Jolanda Resier\Favorites

2014-01-31 01:12:56 -------- d-----r- C:\Users\Jolanda Resier\Desktop

2014-01-30 17:37:42 -------- d-----w- C:\ProgramData\IePluginService

2014-01-30 17:36:57 -------- d-----w- C:\ProgramData\WPM

2014-01-30 01:17:09 -------- d-----w- C:\ProgramData\Lavasoft

2014-01-28 18:34:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-01-31 03:21:40 9911EF198C1A01F11D8D6F777F9A9261 1070088 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\install_flashplayer12x32axau_mssa_aaa_aih.exe

2014-01-31 02:31:20 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Install\{0BF3B539-98BF-4917-AEF8-4D4294443D74}\32.0.1700.102_chrome_installer.exe

2014-01-31 02:31:19 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.102\32.0.1700.102_chrome_installer.exe

2014-01-31 02:28:28 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateSetup.exe

2014-01-31 02:28:28 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateOnDemand.exe

2014-01-31 02:28:27 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdateBroker.exe

2014-01-31 02:28:26 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler64.exe

2014-01-31 02:28:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleUpdate.exe

2014-01-31 02:28:26 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Users\Jolanda Resier\AppData\Local\Temp\{0792749F-0610-4FA5-B221-5AF52408EBD7}\GoogleCrashHandler.exe

2014-01-30 21:23:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jolanda Resier.exe

2014-01-30 19:42:47 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\instup.exe

2014-01-30 19:42:47 D11625C81FB88DC8A607BB9D76920A3D 2966792 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\aswOfferTool.exe

2014-01-30 19:42:47 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\New\avBugReport.exe

2014-01-30 19:41:55 E6633716EE2AC06BCB4A58FF993015F3 155976 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\instup.exe

2014-01-30 19:41:24 B8FA402B238DB49C35CAF711D5BC9843 1093216 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\_av_iup.tm~a05776\avBugReport.exe

2014-01-30 17:37:42 D1EBE337782B1F32A52C0C80A98FC08B 508016 ----a-w- C:\ProgramData\IePluginService\PluginService.exe

2014-01-30 17:36:58 39531D54F2AFA4473BB4A97F64E99271 493568 ----a-w- C:\ProgramData\WPM\wprotectmanager.exe

2014-01-30 17:24:06 6AA0AF80E07736DEFC8361811C582685 160135 ----a-w- C:\Program Files\Pass-Widget\Uninstall.exe

2014-01-30 17:23:55 3CC34C3F48B39E081FDCEF02C472C5F3 251904 ----a-w- C:\Program Files\Pass-Widget\passwup.exe

2014-01-30 17:22:47 AA16CCAE722A70A380ACF4AE0693ACFD 8521 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W46S49UL\OKitSpaceSetup[1].exe

2014-01-30 17:22:47 511942E0C59CFE4419604A2E070E79CC 8192 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\OKitSpaceSetup.exe

2014-01-30 17:22:21 8A27DB882C784B0F205B1FF72C72F841 4624785 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\systemspeedup.exe

2014-01-30 17:21:45 9A7348E0F5C4A56455C1533E8B4EB313 882672 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\vit_sweet-page.exe

2014-01-30 12:06:34 6BF0239E4E680068A1D93FDA830DAF71 603988 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\instloffer.exe

2014-01-30 01:25:43 C54B767CA838D6DD39CABC8DF017C34C 4048592 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\5677a7de-6b0f-45d6-b279-9fa4d36c1159.exe

2014-01-29 22:03:53 4F93663C1849D7723F160586F84465DA 178064 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\NGM.exe

2014-01-29 13:20:51 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-01-29 04:04:34 67FF24E267534F997E4874BBD30C941C 12607144 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_30.0.1599.101_chrome_updater.exe

2014-01-29 02:22:22 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2014-01-29 02:13:04 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-01-29 02:13:02 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2014-01-29 02:13:02 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe

2014-01-29 02:12:57 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe

2014-01-28 22:58:06 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-28 22:58:06 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-28 22:58:04 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-28 22:57:20 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-28 22:57:20 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-28 22:57:15 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-28 22:56:40 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

2014-01-28 18:31:57 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Jolanda Resier\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

=== C: other files ==

2014-01-31 03:43:22 A633C1DD965307A31E0B4A13C30C7A5D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4027270910-661022722-644475913-1001\$INSTOXK.com

2014-01-30 17:29:39 099D2BB54063A342296D39A199180554 1439487 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\tmp\package2.zip

2014-01-30 17:29:27 89C1D511BADC8074138F237D89D381EB 325038 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

2014-01-30 17:24:21 3D956C0AA82A29DD8AB9B4CD3F5E6FE2 9789 ----a-w- C:\Program Files\Pass-Widget\150.xpi

2014-01-30 17:23:28 1834F81E48E1D06EDFB9F6A55C48E5B8 17922 ----a-w- C:\Program Files\Pass-Widget\150.crx

2014-01-30 17:22:49 DAE050612482639114C4DBE70EAD6B58 1877249 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Temp\fullpackage_temp1391102550\package1.zip

2014-01-30 00:10:46 CC20AA0EE104065B6FA346B9D048485A 32128 ----a-w- C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe\2.1.2_0\american-racing-2-3d.crx

2014-01-29 13:59:09 BFE2A154BC197656ACA0FF917564406D 64168 ----a-w- C:\Windows\System32\drivers\aswStm.sys

2014-01-29 13:59:08 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-29 13:59:07 8CD8710457FCC1CDE88CBFA3AA119B92 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-29 13:59:04 C1F95C9481F46B96E23A276639C55AC9 410784 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-29 13:59:03 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-29 13:59:02 61953E5E1FFAEAF246A610BEE2554879 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-29 13:59:01 2206985EF126AB90F3D7F1A020589DC9 79720 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2014-01-28 18:13:16 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2014-01-28 18:13:16 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys

2014-01-28 18:13:11 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2014-01-28 18:08:15 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\portcls.sys

2014-01-28 18:08:06 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_x86_neutral_df2ea65e936720f7\drmk.sys

2014-01-28 18:08:06 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-28 18:07:56 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys

2014-01-28 18:06:24 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys

2014-01-28 18:06:24 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys

2014-01-28 18:06:24 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys

2014-01-28 18:06:24 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys

2014-01-28 18:06:23 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys

2014-01-28 18:06:23 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys

2014-01-28 18:06:23 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

"Pando Media Booster"="C:\Program Files\Pando Networks\Media Booster\PMB.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)]

"command"=""

"hkey"="HKLM"

"item"="(default)"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ad-Aware Browsing Protection]

"command"="\"C:\\ProgramData\\Ad-Aware Browsing Protection\\adawarebp.exe\""

"hkey"="HKLM"

"item"="Ad-Aware Browsing Protection"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray]

"command"="\"C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.1.5354.0\\AdAwareTray.exe\""

"hkey"="HKLM"

"item"="AdAwareTray"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]

"command"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

"hkey"="HKLM"

"item"="ArcSoft Connection Service"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

"hkey"="HKLM"

"item"="BCSSync"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ClamWin]

"command"="\"C:\\Program Files\\ClamWin\\bin\\ClamTray.exe\" --logon"

"hkey"="HKLM"

"item"="ClamWin"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR]

"command"="C:\\PROGRA~1\\WIA6EB~1\\Datamngr\\DATAMN~1.EXE"

"hkey"="HKLM"

"item"="DATAMNGR"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

"hkey"="HKLM"

"item"="HP Software Update"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]

"command"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"

"hkey"="HKLM"

"item"="hpqSRMon"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"command"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

"hkey"="HKLM"

"item"="MSC"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Transfer Monitor]

"command"="C:\\Program Files\\Common Files\\Nikon\\Monitor\\NkMonitor.exe"

"hkey"="HKLM"

"item"="Nikon Transfer Monitor"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection]

"command"="C:\\ProgramData\\Search Protection\\SearchProtection.exe"

"hkey"="HKLM"

"item"="Search Protection"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"command"="\"c:\\program files\\real\\realplayer\\Update\\realsched.exe\" -osboot"

"hkey"="HKLM"

"item"="TkBellExe"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2011-03-31 18:58:39 2069 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [28-01-2014 18:37]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-03-2011 14:32]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-03-2011 14:32]

C:\Windows\tasks\PassWidget Update.job --a------ C:\Program Files\Pass-Widget\passwup.exe [30-01-2014 18:24]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\DTReg" [C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Install_SSD" [C:\Users\Jolanda]

"C:\Windows\system32\tasks\PassWidget Update" [C:\Program Files\Pass-Widget\passwup.exe]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-4027270910-661022722-644475913-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-4027270910-661022722-644475913-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]

"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{98BD8F3E-E746-4F16-8D2A-42DBE591DA0B}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{14029CE4-12A6-47E4-81F3-DAECB7FE72EB}" [E:\Nikon Transfer\WMFDist.exe]

"C:\Windows\system32\tasks\{46E36538-E172-430C-9463-EC359DFF60B9}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\{7888A96D-1C3F-441D-96C6-4F34BC9821B1}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\{B808D153-9F0E-46CC-A5B3-78EDFF6D716F}" [C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe]

"C:\Windows\system32\tasks\{D2A6F8A0-C576-478E-A264-1E5B10600354}" [C:\Users\Jolanda Resier\Contacts\Downloads\install_flashplayer10_mssd_aih.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [24-11-2011 12:26]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{f9820cf4-de9a-441e-b465-d0219fdd147e}"="C:\Program Files\Pass-Widget\150.xpi" [30-01-2014 18:24]

==== Firefox Extensions ======================

ExtDir: C:\Users\Jolanda Resier\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- 1ClickMovieDownloader - %ExtDir%\clickmoviedownloader@clickmoviedownloader.com.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bcjagnifjocnddgeknajocbkkhlgibem - C:\Program Files\Chrome\surfcanyon.crx[22-07-2011 17:46]

dhpigdnmefdjeemeldnnmbckmpogpbji - C:\Program Files\1clickmoviedownloader.com\clickmoviedownloader10.crx[]

fbdagnimlohkpamglloopgfnoiijpmoj - C:\Program Files\Pass-Widget\150.crx[30-01-2014 18:23]

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[29-01-2014 14:57]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[24-11-2011 12:26]

kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files\DefaultTab\DefaultTab.crx[16-09-2013 15:03]

niapdbllcanepiiimjjndipklodoedlc - No path found[]

oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx[]

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[]

pkndmigholgfjlniaohblojbhgjbkakn - C:\Users\Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[14-01-2014 00:20]

Surf Canyon - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem

Improved sequel. 12 new courses 45 more events better handling upgrades. - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe

Extended Protection - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

PassWidget - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdagnimlohkpamglloopgfnoiijpmoj

avast Online Security - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

RealPlayer HTML5Video Downloader Extension - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

DefaultTab - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Google Wallet - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Lightning speedDial - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn

DefaultTab - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

undetermined - Jolanda Resier\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4027270910-661022722-644475913-1001\Software\Mozilla\Firefox\Extensions\{58bd07eb-0ee0-4df0-8121-dc9b693373df} deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=68 folders=31 6528163 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Jolanda Resier\AppData\Roaming\DefaultTab" not found

==== EOF on vr 31-01-2014 at 5:40:06,47 ======================

- - - Updated - - -

ik had deze al verstuurd maar zie net dat ik hem weer moet plaatsen

[ikwordgekvanmijnPC]

hoop echt dat ik snel geholpen word mij pc is net weer uitgevallen.en ik kreeg een blauw scherm met text.denk niet dat dat erbij hoord haha ik hoop snel wat te horen groetjes

[ikwordgekvanmijnPC]

komen mij berichten aan??

[ikwordgekvanmijnPC]

ik vind het erg jammer dat ik nu niet verder geholpen word of een bericht krijg dat jullie ermee bezig zijn.