• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

PC hangt non- stop vast

Status
Niet open voor verdere reacties.

Ozira

Bekend gezicht
Lid geworden
27 jul 2012
Berichten
111
Waarderingsscore
0
Beste leden,

Ik heb al een tijdje een heel erg vervelend probleem, nadat ik met Anti- Malware een browser hijacker heb gedelete en schoongemaakt krijg ik steeds problemen dat mijn HELE PC gewoon vasthangt. Hij doet dan gewoon helemaal niets meer. En dit duurt redelijk lang ~1,5min per keer, hangt er vanaf of het een goede dag is of niet. Meestal kan het oplopen tot zo'n 15x binnen een paar uur. En dan beginnen er een beetje frustraties op te komen.

Ik heb ook nog een ander zr vervelend programma/ virus gehad genaamd: 'Your own screensaver'. Dit blokkeerde bijna alles wat ik deed, nadat ik dit heb weten op te lossen en te verwijderen begonnen de problemen pas echt.

Ik heb met CC Cleaner geprobeerd alles op te schonen, maar het probleem blijft voortduren.
Is er iemand die mij kan helpen?

Alvast bedankt!
 
Hallo,

We gaan even kijken;
Download
51a5f5d096dae-icon_RSIT.png
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

RSIT Uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
  • Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Als u RSIT de eerste keer uitvoert zal HijackThis gedownload worden als deze niet aanwezig is, sta dit vervolgens toe door op "I accept" te klikken.
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" geopend.
  • Voeg Log.txt logbestanden toe aan uw volgende bericht.
 
Hallo, excuses voor het late antwoord:

Logfile of random's system information tool 1.10 (written by random/random)
Run by JasperR at 2014-09-15 15:36:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 4 GB (3%) free of 114 GB
Total RAM: 8150 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:37:00, on 15-9-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Program Files\trend micro\JasperR.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&aid=134&itype=n&ver=11471&tm=299&src=hmp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\JasperR\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ScreenUpdate.lnk = C:\Program Files (x86)\Your Own Screensaver\ScreenUpdate.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11182 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=d051094e-dedf-4162-8d66-e2703f71f35a /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\f5eda33b-f3be-4c29-8227-855ba4bbd722-1ac-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"taskhost.exe"
taskeng.exe {46D4B61E-4385-48CE-8135-DCB5011FCAD5}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {A1A899CE-F83A-4091-B82B-F31549092531}
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ASRock\XFast LAN\spd.exe" -service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-20999292121571016270-85814260-5852412781544755885-1732885427-510934944-561569428
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files\ASRock\XFast LAN\cfosspeed.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE" /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
ctfmon.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5600.25895bc0.1257346093 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5600 "\\.\pipe\gecko-crash-server-pipe.5600" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --proxy-stub-channel=Flash6040.67D66EE8.8639 --host-broker-channel=Flash6040.67D66EE8.24186 --host-pid=6040 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe" --channel=6028.005DF3F4.2012001001 --proxy-stub-channel=Flash6040.67D66EE8.8639 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
taskhost.exe $(Arg0)
"C:\Users\JasperR\Downloads\RSITx64.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Open Chrome.job - c:\program files (x86)\Google\Chrome\Application\chrome.exe --new-window http://toolbar.avg.com/almost-done?pid=safeguard&lang=nl

=========Mozilla firefox=========

ProfilePath - C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default

prefs.js - "browser.startup.homepage" - "https://mysearch.avg.com?cid={D50BC266-124D-40DE-8962-0073E4031F37}&mid=bc626196100047d384256d16b25b615a-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 20:17:55&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle Next Generation Java Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL


C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default\searchplugins\
avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-08-28 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-08-28 3627032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-18 11855976]
"XFast LAN"=C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2011-10-19 1441152]
"THXCfg64"=C:\Windows\system32\THXCfg64.dll [2011-05-13 26624]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-08-01 8290584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockXTU"= []
"zASRockInstantBoot"= []
"Akamai NetSession Interface"=C:\Users\JasperR\AppData\Local\Akamai\netsession_win.exe []
"uTorrent"=C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-13 1418832]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-08-28 1939136]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [2012-02-29 283232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"XFastUSB"=C:\Program Files (x86)\XFastUSB\XFastUsb.exe [2013-09-09 5021448]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"THX TruStudio NB Settings"=C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [2011-05-19 909824]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"Aeria Ignite"=C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [2013-06-06 1925656]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-10-08 766208]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2014-08-28 2640408]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

C:\Users\JasperR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ScreenUpdate.lnk - C:\Program Files (x86)\Your Own Screensaver\ScreenUpdate.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-15 15:36:54 ----D---- C:\rsit
2014-09-15 15:36:54 ----D---- C:\Program Files\trend micro
2014-09-14 13:16:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-11 01:09:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-11 01:09:29 ----A---- C:\Windows\system32\ieui.dll
2014-09-11 01:09:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-11 01:09:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-11 01:09:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-11 01:09:28 ----A---- C:\Windows\system32\iernonce.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-11 01:09:28 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-11 01:09:27 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-11 01:09:27 ----A---- C:\Windows\system32\vbscript.dll
2014-09-11 01:09:27 ----A---- C:\Windows\system32\msrating.dll
2014-09-11 01:09:27 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-11 01:09:27 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-11 01:09:27 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-11 01:09:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-11 01:09:26 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-11 01:09:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-11 01:09:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-11 01:09:26 ----A---- C:\Windows\system32\mshtml.dll
2014-09-11 01:09:26 ----A---- C:\Windows\system32\iesetup.dll
2014-09-11 01:09:26 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-11 01:09:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-11 01:09:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-11 01:09:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-11 01:09:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-11 01:09:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 01:09:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-11 01:09:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-11 01:09:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-11 01:09:25 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-11 01:09:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-11 01:09:24 ----A---- C:\Windows\system32\iertutil.dll
2014-09-11 01:09:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-11 01:09:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-11 01:09:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-11 01:09:23 ----A---- C:\Windows\system32\wininet.dll
2014-09-11 01:09:23 ----A---- C:\Windows\system32\urlmon.dll
2014-09-11 01:09:23 ----A---- C:\Windows\system32\jscript9.dll
2014-09-11 01:09:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-11 01:09:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-11 01:09:21 ----A---- C:\Windows\system32\ieframe.dll
2014-09-11 01:02:36 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-11 01:02:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 17:12:23 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-10 17:12:23 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-10 17:12:15 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-10 17:12:14 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-10 17:12:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-10 17:12:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-10 17:12:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-10 17:12:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 17:12:07 ----A---- C:\Windows\system32\kerberos.dll
2014-09-10 17:12:04 ----A---- C:\Windows\system32\aepdu.dll
2014-09-10 17:12:04 ----A---- C:\Windows\system32\aeinv.dll
2014-08-29 18:59:45 ----D---- C:\Windows\rescache
2014-08-28 17:36:38 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 17:36:38 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 17:36:38 ----A---- C:\Windows\system32\gdi32.dll
2014-08-27 16:58:32 ----D---- C:\Program Files (x86)\AVG Security Toolbar
2014-08-27 16:58:28 ----D---- C:\ProgramData\Avg_Update_0814tb
2014-08-22 02:27:29 ----D---- C:\ProgramData\Bohemia Interactive Studio
2014-08-22 01:23:59 ----D---- C:\Program Files (x86)\Dotjosh Studios
2014-08-19 13:25:05 ----A---- C:\Windows\system32\wups2.dll
2014-08-19 13:25:04 ----A---- C:\Windows\system32\wucltux.dll
2014-08-19 13:25:04 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-19 13:25:04 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-19 13:25:01 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-19 13:25:01 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-19 13:25:01 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-19 13:25:01 ----A---- C:\Windows\system32\wups.dll
2014-08-19 13:25:01 ----A---- C:\Windows\system32\wudriver.dll
2014-08-19 13:25:01 ----A---- C:\Windows\system32\wuapi.dll
2014-08-19 13:24:59 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-19 13:24:59 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-19 13:24:59 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-19 13:24:59 ----A---- C:\Windows\system32\wuapp.exe
2014-08-18 16:26:15 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-18 16:26:15 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-18 16:26:15 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-18 16:26:15 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-18 16:26:15 ----A---- C:\Windows\system32\icardres.dll
2014-08-18 16:26:15 ----A---- C:\Windows\system32\icardagt.exe
2014-08-18 16:26:11 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-18 16:26:11 ----A---- C:\Windows\system32\TsWpfWrp.exe

======List of files/folders modified in the last 1 month======

2014-09-15 15:36:54 ----RD---- C:\Program Files
2014-09-15 15:35:18 ----D---- C:\Users\JasperR\AppData\Roaming\Skype
2014-09-15 15:34:51 ----D---- C:\Program Files (x86)\Steam
2014-09-15 15:34:41 ----D---- C:\Users\JasperR\AppData\Roaming\uTorrent
2014-09-15 15:34:39 ----D---- C:\Windows\system32\catroot2
2014-09-15 15:34:38 ----D---- C:\Windows\Temp
2014-09-15 15:33:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 20:54:44 ----D---- C:\Windows\System32
2014-09-14 20:54:44 ----D---- C:\Windows\inf
2014-09-14 20:54:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-14 20:52:30 ----D---- C:\ProgramData\MFAData
2014-09-14 20:50:28 ----D---- C:\Windows\system32\FxsTmp
2014-09-14 20:49:35 ----RD---- C:\Program Files (x86)
2014-09-14 14:46:30 ----D---- C:\Windows\system32\config
2014-09-14 13:57:54 ----SHD---- C:\System Volume Information
2014-09-11 13:07:52 ----D---- C:\Windows\Microsoft.NET
2014-09-11 13:06:06 ----RSD---- C:\Windows\assembly
2014-09-11 12:17:30 ----D---- C:\Windows\winsxs
2014-09-11 12:16:43 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-09-11 12:16:43 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-11 12:16:43 ----D---- C:\Windows\SysWOW64
2014-09-11 12:16:43 ----D---- C:\Windows\system32\nl-NL
2014-09-11 12:16:43 ----D---- C:\Windows\system32\en-US
2014-09-11 12:16:43 ----D---- C:\Program Files\Internet Explorer
2014-09-11 12:16:42 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-11 01:10:59 ----SHD---- C:\Windows\Installer
2014-09-11 01:09:39 ----D---- C:\Windows\system32\catroot
2014-09-11 01:09:12 ----D---- C:\ProgramData\Microsoft Help
2014-09-11 01:08:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-11 01:08:11 ----D---- C:\Windows\system32\MRT
2014-09-11 01:02:58 ----A---- C:\Windows\system32\MRT.exe
2014-09-11 01:02:35 ----SD---- C:\Windows\system32\CompatTel
2014-09-10 17:59:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-02 17:13:27 ----D---- C:\Windows\system32\drivers
2014-09-01 21:15:44 ----D---- C:\Windows\Logs
2014-08-29 18:59:45 ----D---- C:\Windows
2014-08-28 17:34:05 ----D---- C:\Windows\Tasks
2014-08-28 17:34:05 ----D---- C:\Windows\system32\Tasks
2014-08-28 17:33:05 ----D---- C:\ProgramData\AVG SafeGuard toolbar
2014-08-28 17:33:03 ----D---- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-27 16:58:28 ----HD---- C:\ProgramData
2014-08-22 17:13:53 ----D---- C:\Program Files (x86)\Battle.net
2014-08-22 12:33:45 ----D---- C:\Users\JasperR\AppData\Roaming\TS3Client
2014-08-22 02:27:28 ----D---- C:\Program Files (x86)\Common Files
2014-08-22 00:07:13 ----D---- C:\Users\JasperR\AppData\Roaming\Curse Client
2014-08-21 23:58:49 ----SHD---- C:\AI_RecycleBin
2014-08-21 23:56:37 ----D---- C:\Program Files (x86)\PokerStars.EU
2014-08-21 23:56:24 ----D---- C:\Program Files\OBS
2014-08-21 23:56:24 ----D---- C:\Program Files (x86)\OBS
2014-08-21 23:54:39 ----D---- C:\Programs
2014-08-20 12:12:40 ----D---- C:\Windows\system32\NDF
2014-08-19 17:59:41 ----D---- C:\Program Files (x86)\SpeedFan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsrRamDisk;AsrRamDisk; C:\Windows\system32\DRIVERS\AsrRamDisk.sys [2012-08-09 34640]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-11 50976]
R1 cFosSpeed;cFosSpeed for faster Internet connections (NDIS 6); C:\Windows\system32\DRIVERS\cfosspeed6.sys [2011-07-04 1632128]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [2014-04-10 36240]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2013-09-09 16648]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-10-08 12534784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-10-08 619008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-03-04 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-03-04 390632]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-05-24 2881256]
R3 LADF_CaptureOnly;LADF Capture Filter Driver; C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [2013-04-15 410008]
R3 LADF_RenderOnly;LADF Render Filter Driver; C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [2013-04-15 102808]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-21 471144]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-12-13 56448]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AsrCDDrv;AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys []
S3 FNETTBOH_305;FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [2013-12-14 32320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 XFDriver64;XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-03-14 17160]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-10-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-08 344064]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\ASRock\XFast LAN\spd.exe [2011-10-19 395136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-08-22 448384]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-14 114288]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-09-02 4909600]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-17 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
 
het logje.
 
Laatst bewerkt door een moderator:
Hallo,

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

Download
51a612a8b27e2-Zoek.png
Zoek.exe naar het bureaublad.
  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


Zoek.exe uitvoeren (voor meer informatie kunt u deze handleiding raadplegen)
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
    Code:
    firefoxlook;
    torpigcheck;
    emptyfolderscheck;delete
    chromelook;
    standardsearch;
    filesrcm;
    autoclean;
    startupall;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als.

Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
 
Zoek.exe v5.0.0.0 Updated 14-September-2014
Tool run by JasperR on ma 15-09-2014 at 16:29:03,54.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JasperR\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15-9-2014 16:29:32 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Overwolf deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Browser Manager deleted successfully
C:\PROGRA~3\BrowserProtect deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\JasperR\AppData\Roaming\SimilarSites deleted successfully
C:\Users\JasperR\AppData\Local\PokerStars.NET deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\JasperR\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.9 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default

user.js not found
---- Lines mysearch removed from prefs.js ----
user_pref("browser.startup.homepage", "https://mysearch.avg.com?cid={D50BC266-124D-40DE-8962-0073E4031F37}&mid=bc626196100047d384256d16b25b615a-ad1491
---- FireFox user.js and prefs.js backups ----

prefs_15-09-2014_1638_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Overwolf deleted
C:\Users\JasperR\daemonprocess.txt deleted
C:\Users\JasperR\.android deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\default-search.xml deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml deleted
C:\PROGRA~2\Linkey deleted
C:\PROGRA~3\Avg_Update_0414c deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\Wincert deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\AVG SafeGuard toolbar deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\systemk deleted
C:\Users\JasperR\AppData\Local\cache deleted
C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted
C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted
C:\Users\JasperR\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Users\JasperR\AppData\LocalLow\DataMngr deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default\searchplugins\avg-secure-search.xml deleted
"C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dll" deleted
"C:\PROGRA~2\AVG SafeGuard toolbar\vprot.exe" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.1.9\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.9\SiteSafety.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll" deleted
"C:\PROGRA~2\Settings Manager" deleted
"C:\PROGRA~2\AVG SafeGuard toolbar" not deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Users\JasperR\AppData\Local\AVG SafeGuard toolbar" deleted
"C:\AI_RecycleBin" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.1.9" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.9" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.9" deleted
"C:\Users\JasperR\AppData\Local\AVG SafeGuard toolbar\Chrome" deleted
"C:\Users\JasperR\AppData\Local\AVG SafeGuard toolbar\Chrome\Default" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8150 MB
CPU Info: AMD FX(tm)-8120 Eight-Core Processor
CPU Speed: 3092,1 MHz
Sound Card: Luidsprekers (11- Logitech G430 |
Display Adapters: AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: SONY DVD RW DRU-190S
Ports: COM1 LPT Port NOT Present.
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C: 111,7GB | E: 294,2GB | F: 3,4GB
Hard Disks - Free: C: 4,0GB | E: 227,7GB | F: 3,4GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 01/17/13 | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASRock 970 Extreme4
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Firefox 32.0.1
Internet Explorer Version: 11.0.9600.17280
Mozilla Firefox version: 32.0.1 (x86 nl)
Google Chrome version: 37.0.2062.120
Adobe Reader version: 9.0.0.2008061200
Sun Java version: 1.7.0_67 (32-bit)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\JasperR\AppData\Local\Temp ====
====== Java Cache =====
2014-08-22 14:48:50 2554EF6E48D8DE1FDC2BF5B5837E415D 82 ----a-w- C:\Users\JasperR\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\20603493-ebe6fe1fb1ab6f7e326da17e5473c8515474f13a6238b6a20f9737b7cc0b7fe2-6.0.lap
2014-08-22 14:48:51 89CC87C2D998E3563FE29C9E46A991AB 1473138 ----a-w- C:\Users\JasperR\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\62683f17-2d423c12
2014-08-22 14:51:05 06FC0FA1B2B59AA687A7ACFC361B0574 82707 ----a-w- C:\Users\JasperR\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\19325ab5-7f7c9c34
====== C:\Windows\SysWOW64 =====
2014-09-10 23:09:29 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 23:09:29 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-09-10 23:09:28 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 23:09:28 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 23:09:28 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:09:27 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 23:09:27 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-09-10 23:09:27 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-09-10 23:09:27 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-09-10 23:09:27 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 23:09:27 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 23:09:27 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 23:09:26 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-09-10 23:09:26 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 23:09:26 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 23:09:26 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 23:09:25 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 23:09:25 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 23:09:25 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 23:09:24 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-09-10 23:09:23 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-09-10 23:09:23 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-09-10 23:09:23 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 23:09:23 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-09-10 23:09:22 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-09-10 23:09:21 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-09-10 23:02:36 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 15:12:23 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 15:12:14 79896A78039C9A63C56197843CFBAD0B 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 15:12:07 B094390B6B2D0456821384771020870B 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2014-09-10 15:12:07 1B85FA0D0A93C011B76678733F39DB6C 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-09-10 15:12:07 10826DA2FC073702AEAB93AF3D73B066 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-10 23:09:29 9EFF09364ABDC86770FA0B1BCC9CA3C3 596480 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-09-10 23:09:29 1BE1D1942825BE2146941DA274D2B92F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-09-10 23:09:28 EF79F0B9E0F277F5797C475DF4248B97 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-09-10 23:09:28 EE6B22396FA99639A163B1B7E9736669 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2014-09-10 23:09:28 A0600300428AB73664050659E738F11F 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-09-10 23:09:28 786ECD92C9D77F571134283E0FABAF1A 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-09-10 23:09:28 4CF33E458BAEDA917CAE9F2E8338479C 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-09-10 23:09:28 305D5395A65D00C74A94AEA40E9909E9 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-09-10 23:09:28 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-09-10 23:09:28 0113777A28BEC88A50C2566F346E4B58 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-09-10 23:09:27 E76C23C71345ACBC65ED8F6E87AD01D1 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-09-10 23:09:27 C07D636B0237172345E68AE8B70A2984 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-09-10 23:09:27 C067D863FCD53B91A5BF78AE1CE88E54 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-09-10 23:09:27 641068C626DE3AD348871D0D7931A3FA 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-09-10 23:09:27 2AEFBA4339A34C8EF021B49D23D1F1DF 727040 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-09-10 23:09:26 A1BB4CFB25F7CE1D4F67DD71111823AA 374968 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-09-10 23:09:26 920BD93A0B64657A20CA66C2EBB167EA 23591424 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-09-10 23:09:26 68B0077C0D09D1B669A260F2921FD6B9 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-09-10 23:09:26 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-09-10 23:09:25 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-09-10 23:09:25 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-09-10 23:09:25 4C8838D7C13E9080AF4B548CA791896B 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2014-09-10 23:09:25 227303FC6E95547EA274F4337BBC7278 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-09-10 23:09:25 1439630B47D717960D59423958754394 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-09-10 23:09:24 75498A52C2AE248DEE5BDF5209768963 2793984 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-09-10 23:09:23 FECA80905D551074E1A9298BD98103B7 1447424 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-09-10 23:09:23 F6304AACC5744016770C8C797CAA2AF7 5833728 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-09-10 23:09:23 39EBB9708453036A74C30C9A294023FF 2310656 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-09-10 23:09:22 97752927B6E2401011A96E0D6082E403 2104832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-09-10 23:09:21 BA56C68CCB912C4C08C97DD32C47AD31 13588480 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-09-10 23:02:36 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll
2014-09-10 15:12:23 EFF3FF9D9E5BFD2A05390D959A1C3AD0 1031168 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll
2014-09-10 15:12:15 224C2EEBAAF39CD93DE5332DBE5E5A95 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2014-09-10 15:12:07 EE4B105F1DBE1E864AFC72E7F0315432 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-09-10 15:12:07 33EF550DCCC58C93F5B65FD75BAD9832 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-09-10 15:12:04 E2BCB58869598B392D6A78953F61A2D9 578048 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-09-10 15:12:04 88BC88D0BDFB6BBE5765D5ABB233C110 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-08-28 15:33:09 7E705F45ABFC74E84FA22E95DEFC04DD 370 ----a-w- C:\Windows\Tasks\Open Chrome.job
2014-08-28 15:33:09 285B73862701AE1E03CF2DA02F07D6B0 2616 ----a-w- C:\Windows\Sysnative\Tasks\Open Chrome
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-15 13:36:54 -------- d-----w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-08-22 00:27:28 -------- d-----w- C:\PROGRA~2\COMMON~1\BattlEye
2014-08-21 23:23:59 -------- d-----w- C:\PROGRA~2\Dotjosh Studios
======= C: =====
====== C:\Users\JasperR\AppData\Roaming ======
2014-08-22 00:27:29 -------- d-----w- C:\Users\JasperR\AppData\Local\ArmA 2 OA
2014-08-22 00:25:51 -------- d-----w- C:\Users\JasperR\AppData\Local\ArmA 2
2014-08-22 00:25:50 -------- d-----w- C:\Users\JasperR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-08-21 23:24:04 -------- d-----w- C:\Users\JasperR\AppData\Local\DayZCommander
====== C:\Users\JasperR ======
2014-09-15 13:36:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JasperR\Desktop\RSITx64.exe
2014-08-22 00:27:29 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2014-08-22 00:25:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-08-21 23:23:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios

====== C: exe-files ==
2014-09-15 13:36:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\JasperR.exe
2014-09-15 13:36:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\JasperR\Desktop\RSITx64.exe
2014-09-13 15:56:14 A332204057E507353D3C5AC68E746BF5 1418832 ----a-w- C:\Users\JasperR\AppData\Roaming\uTorrent\updates\3.4.2_33870.exe
2014-09-12 13:34:20 198DC8EE284854EBDCB0977FCEA50B18 2391632 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_37.0.2062.103_chrome_updater.exe
2014-09-11 10:17:42 5BAFB8A5A86D8D60879CE568534FCE46 1418832 ----a-w- C:\Users\JasperR\AppData\Roaming\uTorrent\updates\3.4.2_33497.exe
2014-09-10 23:09:29 ED689CF5DA7A0374D2A8E3A8550522F7 483328 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-09-10 23:09:29 665256B575BF83E4B188BE73450C5C29 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-09-10 23:09:29 4DABFE3A9D3C67E9D9AD83C7F8FAD855 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-09-10 23:09:29 0D75A74E925F00D9F256F6A53733DAF8 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-09-10 23:09:28 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 23:09:28 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-09-10 23:09:26 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\System32\ie4uinit.exe
2014-09-10 23:09:25 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-09-10 23:09:25 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-10 23:09:23 EEA63B8CF19E59C4A51AD2D9A59DDA25 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-09-10 23:09:23 9540F3F5489747E71101E8AC9850CC79 810168 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-09-10 15:12:04 1386CD9322CD4A673FF96BF136D91633 31232 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe
2014-09-10 15:12:04 0C3028324C475485D6C24D626D9149C3 176288 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-09-10 15:10:40 A90892E69543F29D6469F554016239F0 15912440 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_game_client\releases\0.0.0.249\deploy\League of Legends.exe
2014-09-10 15:07:33 50E165BEC0EF211ECB25CC55295D48DC 1712120 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.6\deploy\rPipe.exe
2014-09-10 15:07:33 0D8769B388B139C9F58BCAFE1899691A 4070904 ----a-w- C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.6\deploy\LoLPatcher.exe
2014-09-09 22:57:54 868B37009E604AD7737B9428D708DACD 10549296 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\JasperR\AppData\Local\Akamai\netsession_win.exe"
"uTorrent"="C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XFastUSB"="C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"THX TruStudio NB Settings"="C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe /r"
"UpdReg"="C:\Windows\UpdReg.EXE"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe silent"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"vProt"="C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\JasperR\AppData\Local\Akamai\netsession_win.exe"
"uTorrent"="C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"XFast LAN"="C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe"
"THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"

==== Startup Folders ======================

2013-10-15 10:05:10 1147 ----a-w- C:\Users\JasperR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenUpdate.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-09-2014 17:59]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-09-2013 14:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-09-2013 14:45]
C:\Windows\tasks\Open Chrome.job --a------ :C:\Program Files (x86)\Google\C:hrome\AppliC:ation\C:hrome.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Asrsetup" [D:\ASRSetup.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Open Chrome" [c:\program files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-07-23 18:48:10 -------- d-----w- C:\PROGRA~3\Riot Games
2014-08-22 00:27:29 -------- d-----w- C:\PROGRA~3\Bohemia Interactive Studio

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"quick_start@gmail.com"="C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\dpn5vjmk.default\extensions\quick_start@gmail.com" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default
- AntiGameOrigin - %ProfilePath%\extensions\antigameorigin@antigame.de.xpi
- Galaxytoolbar - %ProfilePath%\extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\JasperR\AppData\Roaming\Mozilla\Firefox\Profiles\4p9qc81v.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
pelmeidfhdlhlbjimpabfcbnnojbboma - C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]

Galaxytoolbar for Chrome - JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\baphbmdmbobikapopnggboiopbinogeo
AdBlock - JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
AGO - JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm
Google Wallet - JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Select City - JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

==== Chromium Startpages ======================

C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://mysearch.avg.com?cid={D50BC266-124D-40DE-8962-0073E4031F37}&mid=bc626196100047d384256d16b25b615a-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 20:17:55&v=18.1.5.512&pid=safeguard&sg=&sap=hp",
"homepage": "http://mysearch.avg.com?cid={D50BC266-124D-40DE-8962-0073E4031F37}&mid=bc626196100047d384256d16b25b615a-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 20:17:55&v=18.1.5.512&pid=safeguard&sg=&sap=hp",
"startup_urls": [ "http://mysearch.avg.com?cid={D50BC266-124D-40DE-8962-0073E4031F37}&mid=bc626196100047d384256d16b25b615a-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 20:17:55&v=18.1.5.512&pid=safeguard&sg=&sap=hp" ],


==== Chromium Fix ======================

C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Extensions\baphbmdmbobikapopnggboiopbinogeo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.default-search.net?sid=476&aid=134&itype=n&ver=11471&tm=299&src=hmp"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\quick_start@gmail.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\JasperR\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\JasperR\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ScreenUpdate.lnk = C:\Program Files (x86)\Your Own Screensaver\ScreenUpdate.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (file missing)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JasperR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JasperR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJGBRG0V will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\JasperR\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=8445 folders=10811 3461241839 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\JasperR\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JasperR\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\AVG SafeGuard toolbar" not found
"C:\Users\JasperR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJGBRG0V" not found

==== EOF on ma 15-09-2014 at 17:29:56,57 ======================
 
Hallo,

Dat zijn al mooie opruimingen:

Download
53f33878ecafb-Emsisoft-Anti-Malware-logo.png
Emsisoft Anti-Malware naar het bureaublad.
De volledige installatieprocedure kunt u nalezen op de volgende link - Emsisoft Anti-Malware installeren.

Emsisoft Anti-Malware uitvoeren
  • Dubbelklik op "EmsisoftAntiMalwareSetup.exe" om Emsisoft Anti-Malware te installeren.
  • Selecteer de optie "Ik accepteer de licentieovereenkomst" en klik op "Installeren"
  • Klik in het licentiescherm de 30 dagen probeerversie "Test 30 days for free". (Hierna kan je het programma als gratis versie blijven gebruiken)
  • Klik in het volgende scherm op de optie "Join the Emsisoft Anti-Malware Network".
  • Vervolgens zal het programma de benodigde updates installeren.
  • Kies in het scherm bij "Potentially Unwanted Programs" voor de optie Enable PUPs detection.
  • Kies vervolgens de optie "Full scan",
  • Laat de gevonden items in quarantaine plaatsen en klik op "Rapport bekijken", het logbestand wordt nu automatisch geopend.
  • Voeg het logbestand met de naam "a2scan_xxxxxx-xxxxxx" toe aan het volgende bericht. (Dit logbestand kunt u terug vinden in de map "C:\Users\Gebruikersnaam\Documents\Anti-Malware\Reports")
 
Wat ik raar vind is dat er 1 bestand niet in quarantaine geplaatst kan worden...
Rest allemaal wel, kreeg bij dit bestand ook een melding van AVG dat het een Trojan Horse betrof.


Emsisoft Anti-Malware - Versie 9.0
Laatste Update: 15-9-2014 18:14:46
Gebruikersaccount: JasperR-PC\JasperR

Scaninstellingen:

Scanmodus: Diepe scan
Objecten: Rootkits, Geheugen, Sporen, C:\, E:\, F:\

Detecteer PUPs: Aan
Scan archieven: Aan
ADS Scan: Aan
Bestandsextensiefilter: Uit
Geavanceerde cache: Aan
Directe schijftoegang: Uit

Scan gestart: 15-9-2014 18:15:59
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Ontdekt: Application.Win32.WebApp (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1 Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE.1 Ontdekt: Application.AdReg (A)
Key: HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\SOFTWARE\SOFTONIC Ontdekt: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\AWESOMEHPSOFTWARE Ontdekt: Application.AdSome (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\IEPLUGINSERVICE Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\WPM Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\DATAMNGR Ontdekt: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SDP Ontdekt: Application.Win32.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Ontdekt: Application.AdReg (A)
C:\zoek_backup\C_PROGRA~2_Settings Manager\systemk\systemkmgrc1.cfg Ontdekt: Adware.SearchSuite.A (B)

Gescand: 326172
Gevonden: 24

Scan geindigd: 15-9-2014 19:37:19
Scantijd: 1:21:20

C:\zoek_backup\C_PROGRA~2_Settings Manager\systemk\systemkmgrc1.cfg In quarantaine geplaatst Adware.SearchSuite.A (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SDP In quarantaine geplaatst Application.Win32.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\DATAMNGR In quarantaine geplaatst Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\WPM In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\IEPLUGINSERVICE In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8} In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\AWESOMEHPSOFTWARE In quarantaine geplaatst Application.AdSome (A)
Key: HKEY_USERS\S-1-5-21-3974349557-196560878-2544727730-1000\SOFTWARE\SOFTONIC In quarantaine geplaatst Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE.1 In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\VIPROTOCOL.VIPROTOCOLOLE In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1 In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} In quarantaine geplaatst Application.AdReg (A)

In quarantaine geplaatst 23
 
Hallo,

Alles is verwijderd n regel kwam twee maal voor,
Maar doe nu eens een scan met AVG en plaats daar de uitslag eens van.
 
Geen bedreigingen :)
 
Hallo,

Hoe staat het hierna met je pc?
 
Geen last meer!
Heel hartelijk bedankt!
 
Hallo,

Dat is mooi doe het volgende;

Emsisoft Anti-Malware mag je weer verwijderen: (als je de gratis versie na 30 dagen niet wil behouden)
Klik op Start > Configuratiescherm > Een programma verwijderen:
Emsisoft Anti-Malware

Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

Download
51a5ce45263de-delfix.png
Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan