Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Enige weken geleden heb ik Avast Pro (betaald) geïnstleerd.

Sedertdien werkt internet explorer 10 niet meer

Ik krijg als reden: appData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.

Voor zover ik zie moet ik UpdateTask.exe verwijderen.

Hoe doe ik dat ?

A l VAST bedankt bij voorbaat voor een antwoord.

elanto

  • 2 weken later...
Geplaatst:

Dag elanto,

Excuses voor de late reactie. Jouw topic blijkt door de mazen van het net geglipt te zijn.

Voer onderstaande zaken eens uit en post de 3 logjes in volgorde:

1.

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren


  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

2.

Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:


  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.


  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht.

3.

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Geplaatst:

Beste Jion,

Bedankt voor uw antwoord. Vooreerst Op deze PC werk ik met Windows 7 - 64 bit, Op mijn tweede PC werk ik met een Up-grade versie van Windows 7 van Vista en dit met 32 bit (Hier draait photoshop 7 op, wat met 64 - bit niet meer mogelijk blijkt te zijn)

Ik had ondertussen ontdekt dat de reden van het niet werken van I.E.10 was doordat er ergens een conflict bestaat tussen Avast Pro en IE.10.

Ik heb hier dan alles afgegooid wat te maken had met Internet-explorer en er de laatste versie van Mozilla Firefox. Tot op heden loopt die goed.

Beste dank evenwel voor uw moeite.

elanto

Geplaatst:

Dag elanto,

Dat je probleem met IE aan Avast lag, had ik al verwacht.

Het was echter eerst mijn bedoeling om als prioriteit je aanwezige malware te verwijderen! (appData\Roaming\SaveSense\UpdateProc\UpdateTask.exe is namelijk beruchte adware).

Daarna zouden we wel gekeken hebben om je IE terug compatibel te maken met Avast.

Dit gezegd zijnde, zou ik je dus toch aanraden om de 3 gevraagde tools uit te voeren en de logs hier te plaatsen. ;-)

Geplaatst:

Beste Jion,

Graag wil ik ingaan op je voorstel.

Hier alvast mijn eerste logje.

# AdwCleaner v3.022 - Report created 17/03/2014 at 16:26:40

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Andreas - PC-ANDREAS

# Running from : C:\Users\Andreas\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

[#] Service Deleted : DefaultTabSearch

Service Deleted : MapsGalaxy_39Service

[#] Service Deleted : savesenselive

[#] Service Deleted : savesenselivem

Service Deleted : winzipersvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\AskPartnerNetwork

Folder Deleted : C:\ProgramData\eSafe

Folder Deleted : C:\ProgramData\ParetoLogic

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\ProgramData\SaveSenseLive

Folder Deleted : C:\ProgramData\Systweak

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper

Folder Deleted : C:\Program Files (x86)\Advanced System Protector

Folder Deleted : C:\Program Files (x86)\Allin1Convert_8h

Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\DefaultTab

Folder Deleted : C:\Program Files (x86)\Desk 365

Folder Deleted : C:\Program Files (x86)\HappyLyrics

Folder Deleted : C:\Program Files (x86)\mapsgalaxy_39

Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Program Files (x86)\Omiga Plus

Folder Deleted : C:\Program Files (x86)\RegClean Pro

Folder Deleted : C:\Program Files (x86)\SaveSenseLive

Folder Deleted : C:\Program Files (x86)\WinZipper

Folder Deleted : C:\Program Files (x86)\Common Files\337

Folder Deleted : C:\Program Files (x86)\Common Files\Spigot

Folder Deleted : C:\Program Files\Babylon

Folder Deleted : C:\Users\Andreas\AppData\Local\Allin1Convert_8h

Folder Deleted : C:\Users\Andreas\AppData\Local\Conduit

Folder Deleted : C:\Users\Andreas\AppData\Local\iac

Folder Deleted : C:\Users\Andreas\AppData\Local\lollipop

Folder Deleted : C:\Users\Andreas\AppData\Local\mapsgalaxy_39

Folder Deleted : C:\Users\Andreas\AppData\Local\NativeMessaging

Folder Deleted : C:\Users\Andreas\AppData\Local\SaveSense

Folder Deleted : C:\Users\Andreas\AppData\Local\SaveSenseLive

Folder Deleted : C:\Users\Andreas\AppData\Local\Slick Savings

Folder Deleted : C:\Users\Andreas\AppData\Local\TBHostSupport

Folder Deleted : C:\Users\Andreas\AppData\Local\WhiteListing

Folder Deleted : C:\Users\Andreas\AppData\Local\Temp\apn

Folder Deleted : C:\Users\Andreas\AppData\LocalLow\Allin1Convert_8h

Folder Deleted : C:\Users\Andreas\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Andreas\AppData\LocalLow\iac

Folder Deleted : C:\Users\Andreas\AppData\LocalLow\mapsgalaxy_39

Folder Deleted : C:\Users\Andreas\AppData\Roaming\337

Folder Deleted : C:\Users\Andreas\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Desk 365

Folder Deleted : C:\Users\Andreas\AppData\Roaming\DriverCure

Folder Deleted : C:\Users\Andreas\AppData\Roaming\eIntaller

Folder Deleted : C:\Users\Andreas\AppData\Roaming\eUpdate

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Omiga Plus

Folder Deleted : C:\Users\Andreas\AppData\Roaming\ParetoLogic

Folder Deleted : C:\Users\Andreas\AppData\Roaming\SaveSense

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Systweak

Folder Deleted : C:\Users\Andreas\AppData\Roaming\WinZipper

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

Folder Deleted : C:\Users\Andreas\Documents\Optimizer Pro

Folder Deleted : C:\Users\Andreas\Documents\PC Speed Maximizer

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\mapsgalaxy_39

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}

Folder Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\Extensions\39ffxtbr@MapsGalaxy_39.com

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp

Folder Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mahgaopgbalgbfohkikbdjfmaapiehaf

File Deleted : C:\END

File Deleted : C:\Windows\System32\roboot64.exe

File Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\invalidprefs.js

File Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\searchplugins\ask-web-search.xml

File Deleted : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\user.js

File Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

File Deleted : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

File Deleted : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job

File Deleted : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh

Geplaatst:

Beste Jion,

Hier ben ik dan met de laatste log, deze van RSITx64.

Veel leesgenot toegewenst....

Met vriendelijke groet en beste dank,

elanto

- - - Updated - - -

De log van RSITx64 is als volgt:

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.77 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\extensions\

5effxtbr@TranslationBuddy_5e.com

savingsslider@mybrowserbar.com

C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\2998b0x8.default\searchplugins\

ask-web-search.xml

yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-27 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-09 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-27 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-11 256080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-09 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e91a655-bb4b-4693-a05e-2edebc4c9d89}]

Toolbar BHO - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}]

Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2}]

Search Assistant BHO - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d28b450-b378-448a-a02f-c893bc7ed416}]

Search Assistant BHO - C:\Program Files (x86)\TranslationBuddy_5e\bar\1.bin\5eSrcAs.dll [2014-01-17 140360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-27 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}]

Search Assistant BHO - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dafcc24f-ff8f-4df8-a6d8-c4f8111181df}]

Toolbar BHO - C:\PROGRA~2\TRANSL~2\bar\1.bin\5ebar.dll [2014-01-17 859720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-27 1390368]

{4F524A2D-5637-4300-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll []

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-11 256080]

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-27 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{4F524A2D-5637-4300-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll []

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

{a3c5f699-f046-47e7-8011-06269bc6ed24} - TranslationBuddy - C:\Program Files (x86)\TranslationBuddy_5e\bar\1.bin\5ebar.dll [2014-01-17 859720]

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-27 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-29 13662936]

"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]

"MapsGalaxy Home Page Guard 64 bit"=C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe []

"TranslationBuddy Home Page Guard 64 bit"=C:\PROGRA~2\TRANSL~2\bar\1.bin\AppIntegrator64.exe [2014-01-17 485448]

"Allin1Convert Home Page Guard 64 bit"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-17 39408]

"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-08-13 3093624]

"DriverFinder"=C:\Program Files (x86)\DriverFinder\DriverFinder.exe [2013-07-24 9602720]

"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-02-20 6161176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]

"Application Restart #2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-03-15 859976]

"Uninstall C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]

C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1840720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365]

C:\Program Files (x86)\Desk 365\desk365.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lollipop]

c:\users\andreas\appdata\local\lollipop\lollipop.exe lollipop []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MedionReminder]

C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omiga Plus]

C:\Program Files (x86)\Omiga Plus\omigaplus.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-29 13662936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-17 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebCake Desktop]

C:\Users\Andreas\AppData\Roaming\WebCake\WebCakeDesktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]

C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"MapsGalaxy EPM Support"=C:\PROGRA~2\MAPSGA~2\bar\1.bin\39medint.exe T8EPMSUP.DLL,S []

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-27 3767096]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"TranslationBuddy EPM Support"=C:\PROGRA~2\TRANSL~2\bar\1.bin\5emedint.exe [2014-01-17 12872]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"Allin1Convert EPM Support"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=emYUV.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-18 14:57:39 ----D---- C:\Program Files\trend micro

2014-03-18 14:57:38 ----D---- C:\rsit

2014-03-17 16:52:04 ----D---- C:\Users\Andreas\AppData\Roaming\Malwarebytes

2014-03-17 16:51:55 ----D---- C:\ProgramData\Malwarebytes

2014-03-17 16:51:54 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-17 16:51:54 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-03-17 16:25:12 ----D---- C:\AdwCleaner

2014-03-15 13:56:15 ----A---- C:\Windows\system32\wwansvc.dll

2014-03-15 13:56:14 ----A---- C:\Windows\SYSWOW64\wer.dll

2014-03-15 13:56:14 ----A---- C:\Windows\system32\wer.dll

2014-03-15 13:56:13 ----A---- C:\Windows\system32\win32k.sys

2014-03-15 13:56:11 ----A---- C:\Windows\system32\mshtml.dll

2014-03-15 13:56:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-03-15 13:56:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-03-15 13:56:06 ----A---- C:\Windows\system32\ieframe.dll

2014-03-15 13:56:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-03-15 13:56:05 ----A---- C:\Windows\system32\urlmon.dll

2014-03-15 13:56:04 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-03-15 13:56:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-03-15 13:56:04 ----A---- C:\Windows\system32\wininet.dll

2014-03-15 13:56:04 ----A---- C:\Windows\system32\msfeeds.dll

2014-03-15 13:56:03 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-03-15 13:56:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-03-15 13:56:03 ----A---- C:\Windows\system32\mshtmled.dll

2014-03-15 13:56:03 ----A---- C:\Windows\system32\ieui.dll

2014-03-15 13:56:03 ----A---- C:\Windows\system32\iertutil.dll

2014-03-15 13:56:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-03-15 13:56:00 ----A---- C:\Windows\SYSWOW64\url.dll

2014-03-15 13:56:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-03-15 13:56:00 ----A---- C:\Windows\system32\url.dll

2014-03-15 13:56:00 ----A---- C:\Windows\system32\jsproxy.dll

2014-03-15 13:55:58 ----A---- C:\Windows\SYSWOW64\qedit.dll

2014-03-15 13:55:58 ----A---- C:\Windows\system32\qedit.dll

2014-03-15 13:55:57 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll

2014-03-15 13:55:57 ----A---- C:\Windows\system32\WindowsCodecs.dll

2014-03-09 17:44:45 ----D---- C:\Program Files (x86)\iZotope

2014-03-09 15:07:48 ----D---- C:\Program Files (x86)\LooksBuilderSE

2014-03-08 15:46:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-08 15:33:39 ----A---- C:\Windows\system32\vbscript.dll

2014-03-08 15:33:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\wamregps.dll

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\iisRtl.dll

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\iisrstap.dll

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\iisreset.exe

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\ahadmin.dll

2014-03-07 14:22:27 ----A---- C:\Windows\SYSWOW64\admwprox.dll

2014-03-07 14:22:25 ----A---- C:\Windows\system32\wamregps.dll

2014-03-07 14:22:25 ----A---- C:\Windows\system32\iisRtl.dll

2014-03-07 14:22:25 ----A---- C:\Windows\system32\iisrstap.dll

2014-03-07 14:22:25 ----A---- C:\Windows\system32\iisreset.exe

2014-03-07 14:22:24 ----A---- C:\Windows\system32\ahadmin.dll

2014-03-07 14:22:24 ----A---- C:\Windows\system32\admwprox.dll

2014-03-05 15:58:21 ----D---- C:\Windows\SYSWOW64\BestPractices

2014-03-05 15:58:18 ----D---- C:\Windows\system32\BestPractices

2014-03-05 15:58:16 ----D---- C:\inetpub

2014-02-25 16:24:26 ----D---- C:\Windows\Migration

2014-02-23 14:04:30 ----D---- C:\Program Files\Recuva

2014-02-22 14:56:07 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-02-22 14:56:07 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-02-22 14:56:07 ----A---- C:\Windows\system32\msxml3r.dll

2014-02-22 14:56:07 ----A---- C:\Windows\system32\msxml3.dll

2014-02-22 14:55:30 ----A---- C:\Windows\system32\RMActivate_isv.exe

2014-02-22 14:55:29 ----A---- C:\Windows\system32\RMActivate.exe

2014-02-22 14:55:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe

2014-02-22 14:55:28 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe

2014-02-22 14:55:28 ----A---- C:\Windows\SYSWOW64\RMActivate.exe

2014-02-22 14:55:28 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-22 14:55:27 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll

2014-02-22 14:55:27 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe

2014-02-22 14:55:27 ----A---- C:\Windows\system32\secproc_isv.dll

2014-02-22 14:55:27 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2014-02-22 14:55:26 ----A---- C:\Windows\SYSWOW64\secproc.dll

2014-02-22 14:55:26 ----A---- C:\Windows\SYSWOW64\msdrm.dll

2014-02-22 14:55:26 ----A---- C:\Windows\system32\secproc_ssp.dll

2014-02-22 14:55:26 ----A---- C:\Windows\system32\secproc.dll

2014-02-22 14:55:26 ----A---- C:\Windows\system32\msdrm.dll

2014-02-22 14:55:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll

2014-02-22 14:55:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll

2014-02-22 14:55:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2014-02-22 14:55:04 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-02-22 14:55:04 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-22 14:55:04 ----A---- C:\Windows\system32\d2d1.dll

2014-02-22 14:55:03 ----A---- C:\Windows\SYSWOW64\d2d1.dll

======List of files/folders modified in the last 1 month======

2014-03-18 14:57:39 ----RD---- C:\Program Files

2014-03-18 12:24:51 ----D---- C:\Windows\system32\config

2014-03-18 12:14:57 ----D---- C:\Windows\Temp

2014-03-18 10:10:50 ----D---- C:\ProgramData\NVIDIA

2014-03-17 17:14:55 ----D---- C:\Windows

2014-03-17 17:11:08 ----D---- C:\Windows\Tasks

2014-03-17 16:51:55 ----HD---- C:\ProgramData

2014-03-17 16:51:54 ----RD---- C:\Program Files (x86)

2014-03-17 16:51:54 ----D---- C:\Windows\system32\drivers

2014-03-17 16:27:40 ----D---- C:\Windows\system32\Tasks

2014-03-17 16:27:40 ----D---- C:\Windows\System32

2014-03-17 16:26:57 ----D---- C:\Program Files (x86)\Common Files

2014-03-17 16:23:28 ----SHD---- C:\System Volume Information

2014-03-16 15:21:49 ----A---- C:\Users\Andreas\AppData\Roaming\PC-ANDREAS.MTBF.txt

2014-03-16 13:45:15 ----D---- C:\Windows\winsxs

2014-03-16 13:43:10 ----D---- C:\Windows\SysWOW64

2014-03-16 13:43:09 ----D---- C:\Program Files (x86)\Internet Explorer

2014-03-16 13:43:08 ----D---- C:\Windows\SYSWOW64\migration

2014-03-16 13:43:07 ----D---- C:\Windows\system32\migration

2014-03-16 13:43:06 ----D---- C:\Program Files\Internet Explorer

2014-03-16 13:43:01 ----D---- C:\Program Files\Microsoft Silverlight

2014-03-16 13:43:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2014-03-15 16:05:35 ----SHD---- C:\Windows\Installer

2014-03-15 16:05:34 ----SHD---- C:\Config.Msi

2014-03-15 16:05:34 ----D---- C:\ProgramData\Microsoft Help

2014-03-15 14:18:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-03-15 14:02:10 ----D---- C:\Windows\Panther

2014-03-15 14:02:10 ----D---- C:\Windows\inf

2014-03-15 14:02:07 ----D---- C:\Windows\Logs

2014-03-15 13:55:52 ----D---- C:\Windows\system32\catroot

2014-03-15 13:55:16 ----D---- C:\Windows\system32\catroot2

2014-03-15 13:46:31 ----D---- C:\ProgramData\IObit

2014-03-09 15:10:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-03-09 14:52:11 ----D---- C:\Windows\system32\DriverStore

2014-03-09 14:52:05 ----D---- C:\Program Files (x86)\Pinnacle

2014-03-08 16:43:26 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-08 15:46:51 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-03-07 23:15:23 ----D---- C:\Windows\system32\wfp

2014-03-07 23:14:24 ----D---- C:\Windows\system32\CodeIntegrity

2014-03-07 23:14:14 ----D---- C:\Program Files\Common Files\Microsoft Shared

2014-03-07 23:13:54 ----D---- C:\Windows\registration

2014-03-07 15:57:25 ----D---- C:\Windows\SYSWOW64\inetsrv

2014-03-07 15:57:24 ----D---- C:\Windows\system32\inetsrv

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\wbem

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\tr-TR

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\sl-SI

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\pt-PT

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\pl-PL

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\it-IT

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\hu-HU

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\es-ES

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\en-US

2014-03-07 15:17:11 ----D---- C:\Windows\SYSWOW64\el-GR

2014-03-07 15:17:11 ----D---- C:\Windows\system32\wbem

2014-03-07 15:17:11 ----D---- C:\Windows\system32\tr-TR

2014-03-07 15:17:11 ----D---- C:\Windows\system32\sl-SI

2014-03-07 15:17:11 ----D---- C:\Windows\system32\pt-PT

2014-03-07 15:17:11 ----D---- C:\Windows\system32\pl-PL

2014-03-07 15:17:11 ----D---- C:\Windows\system32\nl-NL

2014-03-07 15:17:11 ----D---- C:\Windows\system32\it-IT

2014-03-07 15:17:11 ----D---- C:\Windows\system32\hu-HU

2014-03-07 15:17:11 ----D---- C:\Windows\system32\es-ES

2014-03-07 15:17:11 ----D---- C:\Windows\system32\en-US

2014-03-07 15:17:11 ----D---- C:\Windows\system32\el-GR

2014-03-07 15:17:11 ----D---- C:\Windows\PolicyDefinitions

2014-03-07 14:32:18 ----RSD---- C:\Windows\assembly

2014-03-07 14:32:18 ----D---- C:\Windows\Microsoft.NET

2014-03-05 16:24:25 ----HD---- C:\Windows\msdownld.tmp

2014-03-04 16:45:45 ----D---- C:\Program Files\CCleaner

2014-03-02 15:29:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-02-25 16:24:26 ----SD---- C:\ProgramData\Microsoft

2014-02-23 14:31:16 ----D---- C:\Windows\debug

2014-02-22 23:28:27 ----D---- C:\Windows\system32\Macromed

2014-02-22 14:49:50 ----D---- C:\Windows\system32\MRT

2014-02-22 14:49:44 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-07-29 35936]

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-01 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-29 207904]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-29 644968]

R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-29 28008]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2013-12-01 28184]

R1 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-02-22 440672]

R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-01 92544]

R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-27 1038072]

R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-27 421704]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-27 78648]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]

R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2013-07-29 139592]

R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2013-07-29 418632]

R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-27 80184]

R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-18 26136]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-29 3707864]

R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-08-05 100312]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-11-29 39200]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-11-29 264408]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-06 883928]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2012-05-22 694416]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]

S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []

S3 DCamUSBEMPIA;Dazzle DVC100 Video; C:\Windows\system32\DRIVERS\emDevice64.sys [2007-06-21 215808]

S3 emAudio;Dazzle DVC100 Audio Device; C:\Windows\system32\drivers\emAudio64.sys [2007-08-31 79872]

S3 FiltUSBEMPIA;USB Device Lower Filter; C:\Windows\system32\DRIVERS\emFilter64.sys [2007-06-21 6400]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]

S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\Windows\system32\DRIVERS\emScan64.sys [2007-06-21 6144]

S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-05 34544]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

S3 wsvd;wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-27 50344]

R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-01-27 113704]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]

R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-25 2151200]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-05-09 368600]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14997280]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]

R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]

R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-17 136176]

S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15 257928]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-17 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-17 194032]

S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-18 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Geplaatst:

Dit is slechts een half log van RSIT.

Voer eerst onderstaande nog uit en plaats daar na een nieuw RSIT log in Bijlage.

Download 51a46ae42d560-malwarebytes_anti_malware.pngMalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:


  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.


  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log in het volgende bericht.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.