Hijacklogje - iemand tijd?

[Sue]

Hallo,
Mijne laptop is zoooooooo traag in het opstarten.
Kan iemand hier eens naar kijken?
Of de oorzaak ?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:12:49, on 19/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Winsplit] C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13743 bytes

Ik gebruik ook een toetsenbord dat niet bij laptop hoort, dus er staan twee op die niet gebruikt worden? Maar welke?




O ja: het is véél te warm, dus niet te hard zwoegen hier, heb geduld op een antwoordje!

Sue

[sacho]

Tijd wel maar de log is van 19 januari 2014.
Hjt uitvoeren met rechtsklik als administrator.

[Sue]

Hier opnieuw, kreeg wel volgende vermelding:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:43:41, on 12/06/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: (no name) - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: (no name) - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11729 bytes


Alvast bedankt!! Eerst voetbal kijken!!!
Sue

[sacho]

Waarom hebt u niet meer hierop gereageerd.
http://www.seniorennet.be/forum/viewtopic.php?t=185095
'De' spyware mensen hadden hier al moeten zien dat de datum niet juist was.
Maar soit.

Begin eerst met ADW cleaner.

Download AdwCleaner by Xplode.
Downloadlokatie Download start automatisch: https://toolslib.net/downloads/finish/1/
Opmerkingen:
Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

AdwCleaner opstarten:
Windows Vista, Windows 7 en Windows 8: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
Klik op de knop Scan
Is de scan gereed, klik dan op de knop Verwijderen
Klik bij AdwCleaner – Afsluiting van de programma's op OK
Klik bij AdwCleaner – Herstarten noodzakelijk op OK
AdwCleaner logbestand:
Nadat de PC opnieuw is opgestart, opent een logfile.
Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0].txt
Post vervolgens de inhoud van dit log in je volgende bericht.
ALS DE LOG GEPLAATST IS START ADWCLEANER OP EN KLIK OP DEÎNSTALLEREN !!

Sony

Plaats de log aub. al is het maar om te zien of het juist is uitgevoerd.
Er moet ook wat uit de opstart maar dat is voor later.
idd eerst de voetbal.

[Sue]

Was dat helemaal vergeten.
Mijn hersencellen werken blijkbaar niet zo goed meer.
Sorry is echt uit mijn gedacht gegaan.

Zal het morgen zonder fout doen!

Bedankt
Sue

[pcekspeer]

@Sue

Niet dat het veel uitmaakt hoor, maar de Hijack-versie is een oude.
Hier kan je de laatste downloaden :
http://www.filehippo.com/download_hijackthis/

Laat deze 2 scanners in die volgorde eens scannen en verwijderen hetgeen niet op een pc thuis hoort.
MBAM :
http://www.seniorennet.be/forum/viewtopic.php?t=165199

AdwCleaner :
http://www.seniorennet.be/forum/viewtop ... adwcleaner

[hjb]

staat er daar wel een antivirusscanner op die laptop?

[Sue]

Alles gescand.
Mijn virusscanner is : Microsoft Seurity Essentials

Ik heb toch maar nieuw Hijacklogje gedaan :


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:04:05, on 13/06/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 38.0.5 (x86 nl)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
C:\Users\Suzanne\Downloads\HijackThis(1).exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: (no name) - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: (no name) - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Bejeweled%203/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12395 bytes

[sacho]

Gescand, maar verwijderd ook?
De log van ADW graag.

[paullamb]

Oeps Sacho,
Het is een Hijack log

[sacho]

Ja weet ik maar die had ik niet gevraagd.

[Sue]

Wist niet dat ik hier een logje van moest zetten.
Zijn er vier, heb de laatste genomen van hetgeen verwijderd is:

# AdwCleaner v4.206 - Logbestand aangemaakt 13/06/2015 op 14:25:49
# Laatste update 01/06/2015 door Xplode
# Database : 2015-06-09.1 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Suzanne - SUZANNE-PC
# Gestart vanuit : C:\Users\Suzanne\Downloads\adwcleaner_4.206.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\ProgramData\apn
Map Verwijderd : C:\ProgramData\Allmyapps
Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\video download converter
Map Verwijderd : C:\Program Files (x86)\RegClean Pro
Map Verwijderd : C:\Program Files (x86)\video download converter
Map Verwijderd : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Map Verwijderd : C:\Users\Suzanne\AppData\Roaming\rightbackup
Map Verwijderd : C:\Users\Suzanne\AppData\Roaming\Systweak
Bestand Verwijderd : C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fr.ask.com_0.localstorage-journal

***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Sleutel Verwijderd : HKCU\Software\systweak
Sleutel Verwijderd : HKLM\SOFTWARE\systweak
Sleutel Verwijderd : HKU\.DEFAULT\Software\systweak
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Gegevens Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 nl)

[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("browser.search.selectedEngine", "Ask Web Search");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":224539475,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224539476,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.prev", "Google");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.savedPrev", "true");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.prev", "Google");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.savedPrev", "true");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "hxxps://mijn.telenet.be/");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=5A1FA16B-A4FF-4C26-B9B3-E67009F65618&n=781b614f&p2=^Y6^xdm223^YYA^be&si=CN7Z_K[...]
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.prev", 3);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.browser.version.last", "38.0");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "7.18.7.7630");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=5A1FA16B-A4FF-4C26-B9B3-E67009F65618&n=781b614f&p2=^Y6^xdm223^YYA^be&si=CN7Z_KvT88UCFS2WtAodRDQA2[...]
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", false);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.hp.guardType", "HPR");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.hp.user.defined", false);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installKeysSource", "Cookies");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.dlpCountryCode", "BE");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2015060303");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm223^YYA^be");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CN7Z_KvT88UCFS2WtAodRDQA2A");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "hxxp://download.fromdoctopdf.com/install_pixels.jhtml?partner=^Y6^xdm223^YYA^be&sub_id=CN7Z_KvT88UCFS2WtAodRDQA2A&coId=1947[...]
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "5A1FA16B-A4FF-4C26-B9B3-E67009F65618");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.isCompliantUninstallImplementation", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1434187124763");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "7.18.7.19718");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "hxxp://download.fromdoctopdf.com/installComplete.jhtml");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.toolbar.ownSearch", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", true);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");
[1hasfxbu.default-1425113409459\prefs.js] - Regel Verwijderd : user_pref("keyword.URL", "hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=5A1FA16B-A4FF-4C26-B9B3-E67009F65618&n=781b614f&ind=2015060303&p2=^Y6^xdm223^YYA^be&si=CN7Z_KvT88UCFS2WtAodRDQA2A&[...]

-\\ Google Chrome v

[C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=101&systemid=406&sr=0&q={searchTerms}

*************************

AdwCleaner[R0].txt - [42022 bytes] - [18/01/2014 18:58:35]
AdwCleaner[R1].txt - [9853 bytes] - [13/06/2015 14:17:52]
AdwCleaner[S0].txt - [42568 bytes] - [18/01/2014 19:00:44]
AdwCleaner[S1].txt - [10291 bytes] - [13/06/2015 14:25:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10351 bytes] ##########

[sacho]

Goed zo, maar u moet wel uitkijken wat en van waar u download.
Binnen de kortste keren hebt u weer een besmette laptop.

Download nu zoek exe hier naar uw bureaublad.
http://download.bleepingcomputer.com/smeenk/
Neem de linkse downloadknop bovenaan, niet de rar of zipfile.
Daarna start u dat programma als administrator met rechtsklik.
copieer deze tekst in het groen en plak die in het invulvenster.

Code: Selecteer alles

emptyclcid;
emptyfolderscheck;delete

Klik daarna op de knop 'more options' en vink deze aan.

Do a Quick Scan
Installed Programs
System Specs
Empty Temp
Schortcut Fix
Auto Clean

Daarna klikt u op Run Script.
Wacht nu geduldig af, wellicht een half uur tot een uur, onderbreek het niet.
Er zal gevraagd worden om de laptop te herstarten. Doe dat(maar niet zonder eerst die melding, vermits nog dingen verwijderd worden na die reboot) en na de herstart komt een log. Plaats die hier aub.

Opgelet voor anderen, gebruik dit niet op uw eigen computer, het is enkel voor deze computer bedoeld.

[Sue]

Hier is het nieiuwe logje; windows is heel traag in het opstarten.
Mijn schermtoetsenbord start ook telkens mee op.
O ja heb onlangs een bericht gekregen voor een gratis update naar Windows 10. Kan dit?
En is mijn virusscannner goed of vervangen door andere?

Hier is het logje: MOET NIET VANDAAG HOOR? IS VADERDAG / PROFICIAT VOOR DE VADERS!


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Suzanne on zo 14/06/2015 at 12:35:57,99.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Suzanne\Downloads\zoek(1).exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-06-14-101805.log 432 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\WinRAR deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\PDFCreator deleted successfully
C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\4Sync deleted successfully
C:\PROGRA~3\PCSettings deleted successfully
C:\Users\Suzanne\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Suzanne\AppData\Roaming\TP deleted successfully
C:\Users\Suzanne\AppData\Roaming\Twins deleted successfully
C:\Users\Suzanne\AppData\Local\CrashDumps deleted successfully
C:\Users\Suzanne\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Suzanne\AppData\Local\EmieSiteList deleted successfully
C:\Users\Suzanne\AppData\Local\EmieUserList deleted successfully
C:\Users\Suzanne\AppData\Local\MigWiz deleted successfully
C:\Users\Suzanne\AppData\Local\Twins deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 17 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Photoshop Elements 8.0
Adobe Reader XI (11.0.11)
Adobe Refresh Manager
Adobe Shockwave Player 11.6
Advertising Center
Agatha Christie - Death on the Nile
Alcor Micro USB Card Reader
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Backup Manager Basic
Bejeweled 2 Deluxe
Belgium e-ID middleware 4.0.7 (build 7453)
Bonjour
Build-a-lot 2
Canon MP190 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Corel Paint Shop Pro Photo X2
D3DX10
Diner Dash 2 Restaurant Rescue
Facebook Video Calling 3.1.0.521
Farm Frenzy
FATE
Final Drive Nitro
FolderIco 3.0
Google Toolbar for Internet Explorer
Google Update Helper
iCloud
Identity Card
ImagXpress
Insaniquarium Deluxe
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Intel(R) Turbo Boost Technology Monitor
iTunes
Java 2 Runtime Environment, SE v1.4.2_19
Java 8 Update 40
Java 8 Update 40 (64-bit)
Java Auto Updater
Java(TM) 6 Update 31
JavaFX 2.1.1
Jewel Quest Solitaire 2
John Deere Drive Green
Junk Mail filter update
Launch Manager
Malwarebytes Anti-Malware versie 2.1.6.1022
Mesh Runtime
Messenger Companion
MFC RunTime files
Microsoft .NET Framework 4.5.1 (Nederlands)
Microsoft .NET Framework 4.5.1 (NLD)
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
More Games from Packard Bell Games
Mozilla Firefox 38.0.5 (x86 nl)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
OpenOffice.org 3.4
Packard Bell InfoCentre
Packard Bell MyBackup
Packard Bell PowerSave Solution
Packard Bell Recovery Management
Packard Bell Registration
Packard Bell ScreenSaver
Packard Bell Social Networks
Penguins
Picasa 3
Plants vs. Zombies
Polar Bowler
Polar Golfer
PX Profile Update
QuickTime 7
Realtek High Definition Audio Driver
Recuva
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4)
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TomTom HOME
TomTom HOME Visual Studio Merge Modules
TP-LINK 150Mbps Mini Wireless N USB Adapter Driver
Update Installer for WildTangent Games App
Video Web Camera
Virtual Villagers 4 - The Tree of Life
Visual Studio C++ 10.0 Runtime
Welcome Center
WIDCOMM Bluetooth Software
Wifi-fikser versie 1.0
WildTangent Games App (Packard Bell Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.10 (64-bit)
WinSplit Revolution (v11.04)
Zuma's Revenge
Zuma Deluxe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\1hasfxbu.default-1425113409459

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_20151406_1250_.backup

ProfilePath: C:\Users\Suzanne\AppData\Roaming\TomTom\HOME\Profiles\51et4p5e.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20151406_1250_.backup

ProfilePath: C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\p6l1vq9q.default

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ----


==== Deleting Files \ Folders ======================

C:\PROGRA~2\WinRAR not found
C:\Users\Suzanne\AppData\LocalLow\Conduit deleted
C:\PROGRA~2\Mozilla Firefox\user.js deleted
C:\PROGRA~2\Mozilla Firefox\searchplugins\Babylon.xml deleted
C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted
C:\PROGRA~2\Mozilla Firefox\extensions\ffxtlbr@babylon.com deleted
C:\PROGRA~2\Allin1Convert_8h deleted
C:\PROGRA~2\VideoDownloadConverter_4z deleted
C:\PROGRA~2\UtilityChest_49 deleted
C:\PROGRA~2\Vid-Saver deleted
C:\PROGRA~2\Conduit deleted
C:\user.js deleted
C:\install.exe deleted
C:\PROGRA~3\WinMaximizer deleted
C:\Users\Suzanne\AppData\Local\Ilivid Player deleted
C:\Users\Suzanne\AppData\Local\apn deleted
C:\Users\Suzanne\AppData\Local\VideoDownloadConverter_4z deleted
C:\Users\Suzanne\AppData\Local\Allin1Convert_8h deleted
C:\Users\Suzanne\AppData\Local\Vid-Saver deleted
C:\Users\Suzanne\AppData\Local\CrashRpt deleted
C:\Users\Suzanne\AppData\Local\Babylon deleted
C:\Users\Suzanne\AppData\LocalLow\AskToolbar deleted
C:\Users\Suzanne\AppData\LocalLow\VideoDownloadConverter_4z deleted
C:\Users\Suzanne\AppData\LocalLow\Allin1Convert_8h deleted
C:\Users\Suzanne\AppData\LocalLow\PriceGong deleted
C:\Windows\wininit.ini deleted
C:\Windows\Syswow64\shoBC5.tmp deleted
C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\1hasfxbu.default-1425113409459\jetpack deleted
"C:\Users\Suzanne\AppData\Local\{836271A7-D813-4750-BF4F-E1619DC1241F}" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3765 MB
CPU Info: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
CPU Speed: 2313.2 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | AMD Radeon HD 6500M/5600/5700 Series | AMD Radeon HD 6500M/5600/5700 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11n Network Adapter
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT30N
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 583.1GB
Hard Disks - Free: C: 420.4GB
Manufacturer *: Phoenix
BIOS Info: AT/AT COMPATIBLE | 08/11/10 | ACRSYS - 6040000
Time Zone: West-Europa (standaardtijd)
Motherboard *: Packard Bell SJM70-CP
Country: Belgi‰
Language: NLB

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox 38.0.5
Internet Explorer Version: 11.0.9600.17843
Mozilla Firefox version: 38.0.5 (x86 nl)
Adobe Reader version: 11.0.11.18
Sun Java version: 1.8.0_40 (32-bit)
Sun Java version: 1.8.0_40 (64-bit)
Flash Player version: 18.0.0.160
Shockwave Player version: 11.6.8r638

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-06-14 10:23:48 364C167C325F782D69E536489A6E14BE 587538020 ----a-w- C:\Windows\MEMORY.DMP
====== C:\Users\Suzanne\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-10 09:08:56 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll
2015-06-10 09:08:48 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 09:08:48 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll
2015-06-10 09:08:48 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 09:08:48 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 09:08:25 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-06-10 09:08:18 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll
2015-06-10 09:08:18 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 09:08:13 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 09:08:12 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 09:08:11 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-06-10 09:08:10 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 09:08:10 8C7635292CFF4901F058269454A1D64E 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2015-06-10 09:08:09 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 09:08:09 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll
2015-06-10 09:08:09 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe
2015-06-10 09:08:08 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll
2015-06-10 09:08:08 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 09:08:07 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-06-10 09:08:07 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:08:05 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-06-10 09:08:05 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-06-10 09:08:05 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe
2015-06-10 09:08:05 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe
2015-06-10 09:08:04 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe
2015-06-10 09:08:01 F72A9953199EF5807D595AE3694B5D01 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-06-10 09:08:01 D877133532CE090502B1166B360E9516 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:08:01 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-06-10 09:08:01 558227F567E977D71B9182013EF03E9C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:08:01 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-06-10 09:08:00 F81920ADB15012CF4E9FF8238C85686A 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:08:00 6C730482615C97B923B88C648FF554A3 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:07:54 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 09:07:53 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:07:53 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2015-06-10 09:07:52 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-06-10 09:07:49 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-06-10 09:07:49 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-06-10 09:04:59 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll
2015-06-10 08:53:41 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 08:53:41 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-06-10 08:53:40 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 08:53:40 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 08:53:38 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-06-10 08:53:38 7C9F8DB66A56306C5BBE97F9FC0F01EF 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 08:53:38 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-06-10 08:53:38 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 08:53:37 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 08:53:37 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-06-10 08:53:37 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 08:53:34 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 08:53:34 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-06-10 08:53:32 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-06-10 08:53:32 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 08:53:31 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-06-10 08:53:31 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 08:53:29 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 08:53:27 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 08:53:26 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 08:53:25 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-06-10 08:53:25 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-06-10 08:53:24 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 08:53:22 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-06-10 08:53:22 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 08:53:22 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-06-10 08:53:21 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-06-10 08:53:21 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-06-04 11:52:09 FE5A945ECCAD50F72FB31555A0ED78D9 42 ----a-w- C:\Windows\SysWOW64\AK083E209605E394C.lie
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-10 09:09:02 9D80A82B0BB77AC3EF6A87FA0C534E20 14635008 ----a-w- C:\Windows\Sysnative\wmp.dll
2015-06-10 09:08:52 834FD7C31EA16D59CC3B2DC60F2F2620 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll
2015-06-10 09:08:48 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx
2015-06-10 09:08:48 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll
2015-06-10 09:08:47 51ECEE70F33601310DDEF3EEE39550D3 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2015-06-10 09:08:27 AA5319FA8602676B5D3A2B4A1355896D 1255424 ----a-w- C:\Windows\Sysnative\diagtrack.dll
2015-06-10 09:08:26 6ECD6D92F43C2DC55099F892978D5BE7 728576 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-06-10 09:08:25 8DCA1C70AF170C3FBCE47A4F49BFC887 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2015-06-10 09:08:22 6FDF03A3B110C5264F52F979335AE301 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll
2015-06-10 09:08:20 93A05407F8E53BC731C42AAD56163F80 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-06-10 09:08:19 4FFD08A01047EF6B58F6EB4E6D001A8D 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll
2015-06-10 09:08:16 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-06-10 09:08:14 53042708C242959B3924242FBBE297B1 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll
2015-06-10 09:08:13 FF9BBFAE899091C1FF0D1A3F2C587911 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2015-06-10 09:08:13 CCB352B939B77B38983DD878C547451F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-06-10 09:08:13 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2015-06-10 09:08:12 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe
2015-06-10 09:08:12 2313AF8D5A9CEB4A55400A01DD311A95 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2015-06-10 09:08:12 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-06-10 09:08:11 37DFCC91E419952772E02F2B3BBB2E2B 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-06-10 09:08:10 AD54856A16B635720B0BE5FAF44526FC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-06-10 09:08:10 996EE6571ADB880A60846DD02C8D5869 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-06-10 09:08:10 66DF73B202105406602941778792FE3D 879104 ----a-w- C:\Windows\Sysnative\tdh.dll
2015-06-10 09:08:10 4F90A7A0FCBC0ED18E573917860062FF 113664 ----a-w- C:\Windows\Sysnative\sechost.dll
2015-06-10 09:08:09 7C5E375F20F639607376351A8BCC0647 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-06-10 09:08:09 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\Sysnative\logman.exe
2015-06-10 09:08:08 A929B9ABA1083AF35ECE7BD63AF3E42F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-06-10 09:08:08 A5F57F4866C2DC7F8215058D7D56BD21 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-06-10 09:08:07 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-06-10 09:08:07 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-06-10 09:08:06 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-06-10 09:08:05 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe
2015-06-10 09:08:05 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\Sysnative\relog.exe
2015-06-10 09:08:05 13DE715D959DD502CFD52DC920408B33 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-06-10 09:08:05 11D5815F0DC571CE3C72213B375860B1 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-06-10 09:08:04 D68690450978D127E030FB14E9B2023B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2015-06-10 09:08:04 5EC57AC6DC16CB8A058CA019AA2C188D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-06-10 09:08:04 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe
2015-06-10 09:08:01 6ACD3C75BE449F039E1A4E43424D5B6F 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-06-10 09:08:01 5A17FF38EDE95B2313E428BF444126D7 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2015-06-10 09:08:01 289D99B0879C6ED5C6D1B3A856CA6DA3 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-06-10 09:08:01 20BD408AC3F8576997D6A47F48A1C5B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2015-06-10 09:07:54 AF557D115972A73964FC8F209300948A 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-06-10 09:07:52 6ACFCC28E4D60B5A931D8749332A14E2 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-06-10 09:07:49 8A4EB32C7C948F70EAC6F85063596A39 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll
2015-06-10 09:07:49 837BBE4170D5A75F293BD6F294A8FE34 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-06-10 09:07:49 6E882D7CA34073890107559B5A515A24 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-06-10 09:05:06 52DEF4C743C2EABD6BD3EDC790A0E778 1021440 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-06-10 09:05:06 2DCA988113A02EB9BCB98A5DC2D34E57 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-06-10 09:05:05 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll
2015-06-10 09:05:05 CFF429F2234C1D1A5993E80F46C37CFB 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-06-10 09:05:05 B23AB4C401E2DE02C47B7497D41E2318 757248 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-06-10 09:05:05 6F07FC190DBCB42C8A5319235F72F906 423424 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-06-10 09:05:05 6E2EB5A36C3CCD917F7FF9BED7C1390E 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-06-10 09:05:04 587BBA3B3959144334700EC48232712F 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-06-10 09:05:01 51F89CE2D0FEC66070354504E6C4C3E4 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll
2015-06-10 09:04:47 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-06-10 08:53:41 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-06-10 08:53:40 9DB8E01D5A546FAFCACE95489E351186 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-06-10 08:53:39 9E2B8C0601E3D460F78F0233B509CE4F 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-06-10 08:53:39 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-06-10 08:53:37 4BD747AAF01C480901B3E777EC48826B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-06-10 08:53:35 3C3E159F284F51D55DB59C3D0B843979 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-06-10 08:53:33 D202078FBA3A77B85D39669EE4110DE2 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-06-10 08:53:32 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-06-10 08:53:31 36F3718E67F442F54AB4A39DCDD8FD19 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-06-10 08:53:26 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-06-10 08:53:26 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-06-10 08:53:25 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-06-10 08:53:24 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-06-10 08:53:24 5F8EE9311ECF078CD9426874FFAD660C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-06-10 08:53:23 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-06-10 08:53:23 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-06-10 08:53:22 AFF5C12099B87FA645F8867701729894 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-06-10 08:53:22 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-06-10 08:53:22 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-06-10 08:53:20 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-06-10 08:53:20 8909A24DA8B5C426CF6595BA843B6CC5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-06-10 08:53:20 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-06-10 08:53:19 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-06-10 08:53:19 4A5A84B457C72E79A64AE4036EC6BB0E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-06-10 08:53:18 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-06-10 08:53:18 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-06-10 08:53:18 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-06-10 08:53:18 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-06-10 08:53:17 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-06-10 08:53:17 16091938F6CDBCCCBA1CBE24600121BC 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-06-10 08:53:17 06A8CE6C3AE6B7916F026B0EFDDCAAA5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-06-10 08:53:15 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-13 11:25:14 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-06-13 11:23:52 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2015-06-13 11:23:52 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-06-13 11:23:52 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2015-06-10 09:08:13 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-06-10 09:08:10 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-06-10 08:54:06 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys
====== C:\Windows\Tasks ======
2015-06-13 13:02:18 0977D4952E03C90254F6E83ACD14808F 3150 ----a-w- C:\Windows\Sysnative\Tasks\{CACA0B99-9585-4A35-A3B5-97F567F89C08}
2015-06-13 11:19:57 2A6962D5DAA67A5C652D48B0FC6F4DAA 3144 ----a-w- C:\Windows\Sysnative\Tasks\{13AB97E2-98E8-49CE-9A93-51B9DBECC3B9}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Suzanne\AppData\Roaming ======
2015-06-13 12:24:56 -------- d-----w- C:\Users\Suzanne\AppData\Local\UtilityChest_49
2015-06-02 07:26:01 -------- d-----w- C:\Users\Suzanne\AppData\Local\GWX
====== C:\Users\Suzanne ======
2015-06-13 12:24:44 -------- d-----w- C:\ProgramData\boost_interprocess
2015-06-13 12:17:18 D56605A4F5CE2DBEBA1540304827B394 2231296 ----a-w- C:\Users\Suzanne\Downloads\adwcleaner_4.206.exe
2015-06-13 11:22:29 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Suzanne\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-04 11:50:54 C3E983189E289E28BA49D1C3BE9E75B7 3372904 ----a-w- C:\Users\Suzanne\Downloads\BestRemovalTool_Setup.exe
2015-06-04 11:49:53 F0EE0FE6CC055FCEBE2B417D6ACAEF57 5239920 ----a-w- C:\Users\Suzanne\Downloads\ParetoLogic PC Health Advisor_nl.exe
2015-06-03 13:17:10 -------- d-----r- C:\Users\Suzanne\Saved Games
2015-05-30 16:30:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-05-30 16:04:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

====== C: exe-files ==
2015-06-14 10:35:39 B413E66A6F119DD25E7BA3769B7DBC80 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2591756090-1180931119-412351797-1000\$IUNXHTL.exe
2015-06-14 10:08:13 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$Recycle.Bin\S-1-5-21-2591756090-1180931119-412351797-1000\$RUNXHTL.exe
2015-06-13 12:17:18 D56605A4F5CE2DBEBA1540304827B394 2231296 ----a-w- C:\Users\Suzanne\Downloads\adwcleaner_4.206.exe
2015-06-13 11:22:29 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Suzanne\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-10 09:08:54 8D3316795ACCC0EC0DD6A844E046DA68 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2015-06-10 09:08:53 5F7B628B5F10531E8DE3E711ED73AAD7 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-06-10 09:08:52 E39D7E7FCC5D4B77B8CBA52FEF8753DE 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe
2015-06-10 09:08:52 44854DDB738BF2C507FC2162245361D6 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe
2015-06-10 09:08:49 3505E5A7664FD84AC8AE51FE3B545AE1 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-06-10 09:08:48 6F139F39295000E6301C0D08F7493CC6 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-06-10 09:08:16 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-06-10 09:08:13 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-06-10 09:08:12 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-06-10 09:08:12 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-06-10 09:08:09 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\System32\logman.exe
2015-06-10 09:08:07 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\System32\smss.exe
2015-06-10 09:08:07 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-06-10 09:08:06 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-06-10 09:08:05 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-06-10 09:08:05 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\System32\relog.exe
2015-06-10 09:08:04 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-06-10 08:53:41 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-06-10 08:53:39 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\System32\ie4uinit.exe
2015-06-10 08:53:39 2B3CF8F7903266E2AA5C9D9850FAA8F6 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-06-10 08:53:34 8D4E75DEAA0FFBEFB5F366A4770D9644 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2015-06-10 08:53:33 29874C10D7D0088CD8743EC8F5DABBE4 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-06-10 08:53:31 9F45DA24EBAE4180F70D03503580E8CA 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-06-10 08:53:26 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-10 08:53:23 FF9877ABCA06D539264275321C97BB07 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2015-06-10 08:53:23 52956B4DD1899CB09BB50FB939F6E99D 490496 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2015-06-10 08:53:22 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
=== C: other files ==
2015-06-13 11:25:14 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-06-13 11:23:52 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-06-13 11:23:52 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-06-13 11:23:52 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-06-10 09:08:13 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-06-10 09:08:10 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-06-10 09:04:47 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-06-10 08:54:06 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\System32\drivers\stream.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2591756090-1180931119-412351797-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe -h -k"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"Corel File Shell Monitor"="C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 "
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Corel Photo Downloader"="C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup"
"Yadis"="c:\program files (x86)\codessentials\yadis\yadis.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\4shared Desktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="4shared Desktop"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\4shared Desktop\\desktop.exe\" \"startup\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\4shared Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="4shared Update"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\4shared Desktop\\checkUpdate.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Camera Assistant Software]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Camera Assistant Software"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Video Web Camera\\traybar.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Malwarebytes' Anti-Malware"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyTomTomSA.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MyTomTomSA.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\MyTomTom 3\\MyTomTomSA.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Suzanne\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Winsplit]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Winsplit"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\WinSplit Revolution\\WinSplit.exe"


==== Startup Folders ======================

2010-10-06 03:50:25 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/06/2015 11:21]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2591756090-1180931119-412351797-1000Core.job --a------ C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [03/11/2013 17:01]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2591756090-1180931119-412351797-1000UA.job --a------ C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [03/11/2013 17:01]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/10/2014 13:58]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/10/2014 13:58]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2591756090-1180931119-412351797-1000Core" [C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2591756090-1180931119-412351797-1000UA" [C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{AA4D4D96-B469-41B5-8A4A-61FBD08612CE}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{BE7327D8-EC0B-481A-A3D3-648913AEC2F0}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.6.0.106/nl/a ... e=tsPlugin]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\1hasfxbu.default-1425113409459
user_pref("browser.startup.homepage", "about:home");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\1hasfxbu.default-1425113409459
- Pin It Button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi

ProfilePath: C:\Users\Suzanne\AppData\Roaming\TomTom\HOME\Profiles\51et4p5e.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\1hasfxbu.default-1425113409459
DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
4174499E49FE276D9BDCE13364559080 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Suzanne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
llmfehnfojojfamjjijjciopbjimcffa - C:\Users\Suzanne\AppData\Local\Chat Undetected\Chrome\Chat Undetected.crx[]

Bookmark Manager - Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Google Wallet - Suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Preferences
AC9A209DE9DDFC4A5F2","ennkphjdgehloodpbhlhldgbnhmacadg":"126BDE3E16E94AF6A03F3CF798185495B41F3504A4644B5575D5828D49C9BECB","gfdkimpbcpahaombhbimeihdjnejgicl":"BF1D6C9D9537A708E9E0E054DA684F41F0FA05F316091F563A4CD3B1C4ED56F5","gmlllbghnfkpflemihljekbapjopfjik":"5F4A7555543EC3436606A94D1795BD93C435474AB1102FD1D283F360EB612C95","kmendfapggjehodndflmmgagdbamhnfd":"E6B4DC619F43AC78DB00ECED88FA692DAA6A09C055759D2FA7F8C739D1A087A9","llmfehnfojojfamjjijjciopbjimcffa":"8EF0DCB0DE7EF04D8C0E5731C89DB2AA7D5B6CA47D5F558F79F3DBAABD24CBFA","mfehgcgbbipciphmccgaenjidiccnmng":"49D3F48B86E885A429DA5782F96114929DD48433F4C2E5BBC0157B1FA09B141E","mgndgikekgjfcpckkfioiadnlibdjbkf":"506A9835C4E0404EDD7687F22DF4BEE0531E3B4E47AD09FB1010669AAADD8349","mhjfbmdgcfjbbpaeojofohoefgiehjai":"665F243C1CB69A6B5C7E658F42EBD87F421C9999F94ED51D50D998E59C57064E","neajdppkdcdipfabeoofebfddakdcjhd":"B6591E984E3691D136D4A6E5261FD45C7B3D8D46EBDE79D97F93B39A6F7B42DB","nkeimhogjdpnpccoofpliimaahmaaome":"91474756AC7C2B0543597CDA01E602493FF306974B5C5C7C2FFC33B9F36E0DAE","nmmhkkegccagdldgiimedpiccmgmieda":"F6CB085E0075A1430D06DCEF21AFF0BDE8ABC89FE38666DE91454E90A66D7776","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"CFC3FC071AD274DED6E7DF7CEFBC409DA167932EF466B825C48A3982F6AC4FD7","pjkljhegncpnkpknbcohdijeoejaedia":"EC082618F8B1DADA87022D6D0233A81E9F122532A13A76035090EFF5D56B0747"}},"google":{"services":{"last_username":"310A4E9F33267487FA40FA8A2C4206BE32B8D2AA7F8D0EB3166393AB6A708FA5","username":"CC6A0025F5F64D56D404AC2BEDE49F70480330E92D248DE38A6ECAF506A33921"}},"homepage":"415EC96D03C8230934DDB5137BA2E638CD289D7D0F5ADFC6FBB28FB471C6A919","homepage_is_newtabpage":"26789B8399D9D5FA45E1E89735D04B1B853E54CAADFF64360342846E53058F4B","pinned_tabs":"8ABBBDDFD89D888C39BDD6C09C3F61A9EEC13DCAA06904C036F67DA036999591","prefs":{"preference_reset_time":"35DD1C01061F1778D86FA14DB00D900C7BCAFB389DF5CF0A3E9103D330C0D6D7"},"profile":{"reset_prompt_memento":"03DF8CF2351AD0C5DD05E7A86FCC7C95AEDDF60AC158FEDBEE9E6BBB0E4B9CBB"},"safebrowsing":{"incidents_sent":"E58E7925423F869381BB4C8191FA03DDCFDF7C84E03EA316DC01142B1901886C"},"search_provider_overrides":"9DC9058EA62FBE23859D47893D668082613EE78D4174AEE3A1079B921AC110BF","session":{"restore_on_startup":"18B6047BB082080976E9C7B51CD75B8B89DF6EA8492F0C72254CDCC6E2A3223D","startup_urls":"FF3A58C8446EE1B66513946F022A62F6249DF6E07FE7020F3B9B46BCBF6FCAB1"},"software_reporter":{"prompt_reason":"6072A397AA3E129BFA7CF6E3764089A976D6E5188EAE8B01205533176BFC8E1E","prompt_seed":"183BE266E7E015C1B5F55AD865C36F5AB2CD0EDA07DB16AC388C33BEECFE4670","prompt_version":"340B28086D906AF093C53607EC4C8DBCDE65F7149D0F551628300B61A1827E66"},"sync":{"remaining_rollback_tries":"3E1305AD801953BA465F3136AAB17C56C4694DA03A84E1421D8725FBB92F1234"}},"super_mac":"01D7EB9CC342884C9031DACD425630A20B22C55932B9C61FA18039A2758EED06"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"]}}


==== Chromium Fix ======================

C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully
C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0.localstorage deleted successfully
C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0.localstorage-journal deleted successfully
C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0 deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{5700A8FC-DD2F-45AF-B8D8-0BE27D1473A6} Google Url="http://www.google.be/search?hl=nl&q={se ... GB_nlBE528"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Suzanne\Desktop\Downloads - Snelkoppeling.lnk - C:\Users\Suzanne\Downloads
C:\Users\Suzanne\Desktop\appartemenet\FILE0037 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0037.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0043 - Snelkoppeling (2).lnk - E:\DCIM\102MEDIA\FILE0043.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0043 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0043.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0044 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0044.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0045 - Snelkoppeling (2).lnk - E:\DCIM\102MEDIA\FILE0045.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0045 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0045.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0046 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0046.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0049 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0049.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0050 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0050.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0051 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0051.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0052 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0052.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0053 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0053.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0054 - Snelkoppeling.lnk - E:\DCIM\102MEDIA\FILE0054.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0151 - Snelkoppeling.lnk - C:\Users\Suzanne\Pictures\Zazu\FILE0151.JPG
C:\Users\Suzanne\Desktop\appartemenet\FILE0155 - Snelkoppeling.lnk - C:\Users\Suzanne\Pictures\Zazu\FILE0155.JPG
C:\Users\Suzanne\Desktop\Augustus 2013\FILE0154 - Snelkoppeling.lnk - C:\Users\Suzanne\Desktop\APPARTEMENT GEVEL\gevel 8 mei 2015\FILE0154.JPG
C:\Users\Suzanne\Desktop\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe calendar
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe contacts
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe mail
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Herinneringen.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe reminders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-foto's.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe keynote
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notities.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe notes
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe numbers
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe pages
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe find
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Installatie ongedaan maken.lnk - C:\Program Files (x86)\Google\Picasa3\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa-fotoviewer configureren.lnk - C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe /reconfig

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lphant.lnk - C:\Program Files (x86)\Lphant Applications\Lphant\Lphant.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - packardbell.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src quicklaunch /dp packardbelllt
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\XPS Viewer.lnk - C:\Windows\system32\xpsrchvw.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Suzanne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Security Essentials.lnk - C:\Program Files (x86)\Microsoft Security Client\msseces.exe
C:\Users\Suzanne\AppData

[sacho]

Ik kan hier moeilijk in oordelen wat u gebruikt op deze computer.
Spelletjes of fotobewerking.
Ik oordeel nu op mijn gevoel als een niet gamer en geen apple producten.

Alles wat spelletjes betreft uit de programma's en onderdelen.
Alles wat te maken heeft met apple ook er af dus incl bonjour, icloud, itunes. Zoonlief zal wel niet tevreden zijn maar het is uw computer.

Dit in de opstart uitschakelen met ccleaner.
HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKCU\..\Run: [Facebook Update] "C:\Users\Suzanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

Global Startup: Bluetooth.lnk = ?

Ik denk ook niet dat u dit gebruikt.
WinSplit Revolution (v11.04)

En inderdaad hjb had goed gezien.
Uw antivirus is niet meer ok, die moet u bijwerken.