Ga naar inhoud

istart.webssearches.com heeft mijn browser overgenomen


Aanbevolen berichten

Hoi BoukeM en welkom op PC Helpforum,

Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:

.

  • Log enkel in als beheerder met alle rechten.
  • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
  • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
  • Als je iets niet weet of verstaat, vraag het dan even aub.
  • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
  • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
  • De logs niet als bijlage, noch tussen codetags zetten aub.

.

Opmerking: Alle tools steeds uitvoeren als admin.

De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

Stap 1:

Malware scannen en verwijderen....

Installeer MBAM 2.0 (info & download link)

Start MBAM.

Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.

Kies in het scherm voor de bedreigingsscan en klik vervolgens op de knop Scan nu.

Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn,

indien er een update beschikbaar is, moet je deze eerst laten installeren.

Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijg je hier een overzicht van.

Selecteer om allen in quarantaine te plaatsen.

Bij de melding dat uw computer opnieuw opgestart moet worden klik je op Ja.

Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.

Klik op de Historie knop bovenaan in het menu.

Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek dat je wilt exporteren.

Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).

Selecteer deze om te bekijken.

In een nieuw venster dat zal openen zal je de resultaten van je scan zien.

Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.

Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.

.___________________________________________________________

Stap 2:

Controle op slechte toolbars...

Download AdwCleaner by Xplode naar je Bureaublad.

  • Sluit alle openstaande vensters
  • Start AdwCleaner
  • Klik op Scannen
  • Klik op Verwijderen

Alle icoontjes verdwijnen van het Bureaublad,dit is normaal

Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt

Post deze inhoud hier op het Forum.

Enkel de log na de "Verwijderen" optie heb ik nodig.

Vergeet niet om je "smileys" uit te schakelen.

Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.

Deze word standaard door AdwCleaner terug gezet naar Google.com

___________________________________________________________

Stap 3:

Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het installeren en gebruik van E-Peek.

Dit omdat deze scanners bepaalde componenten die E-Peek gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

Download E-PeekSetup.exe naar je bureaublad.

Dubbelklik erop en volg de instructies.

Op het einde van de installatie, zal E-Peek opstarten.

Klik OK op het eerste scherm en vervolgens "Scan".

Post de log.

___________________________________________________________

In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:

.

  • MBAM
  • AdwCleaner
  • E-Peek

.

Deze logs NIET als bijlage of tussen codetags posten aub.

(Desnoods in meerdere postingen.)

Emphyrio :)

Link naar reactie
Delen op andere sites

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 30-10-2014

Scan Time: 15:50:18

Logfile: malwarelog30-10-14.txt

Administrator: Yes

Version: 2.00.3.1025

Malware Database: v2014.10.30.08

Rootkit Database: v2014.10.22.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: bas

Scan Type: Custom Scan

Result: Completed

Objects Scanned: 642343

Time Elapsed: 2 hr, 31 min, 15 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

# AdwCleaner v3.311 - Rapport aangemaakt 30/10/2014 op 18:36:22

# Laatste Update 30/09/2014 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : bas - BAS-PC

# Gestart vanuit : C:\Users\bas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU0TFAPV\adwcleaner_3.311.exe

# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\END

Bestand Gevonden : C:\Users\bas\AppData\Roaming\LiveSupport.exe_log.txt

Bestand Gevonden : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\user.js

Bestand Gevonden : C:\Users\bas\AppData\Roaming\regsvr32.exe_log.txt

Bestand Gevonden : C:\Users\bas\daemonprocess.txt

Bestand Gevonden : C:\Users\bas\Desktop\AppSafe.lnk

Map Gevonden : C:\Program Files (x86)\AppSafe

Map Gevonden : C:\Program Files (x86)\AskPartnerNetwork

Map Gevonden : C:\Program Files (x86)\FinalTorrent

Map Gevonden : C:\Program Files (x86)\FlvPlayer

Map Gevonden : C:\Program Files (x86)\Movies Toolbar

Map Gevonden : C:\Program Files (x86)\MyPC Backup

Map Gevonden : C:\Program Files (x86)\Settings Manager

Map Gevonden : C:\ProgramData\apn

Map Gevonden : C:\ProgramData\Babylon

Map Gevonden : C:\ProgramData\BitGuard

Map Gevonden : C:\ProgramData\Browser Manager

Map Gevonden : C:\ProgramData\BrowserProtect

Map Gevonden : C:\ProgramData\Computer Updater

Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent

Map Gevonden : C:\ProgramData\Systweak

Map Gevonden : C:\ProgramData\Trusted Publisher

Map Gevonden : C:\ProgramData\wincert

Map Gevonden : C:\ProgramData\WPM

Map Gevonden : C:\Users\Administrator\AppData\Local\Chromatic Browser

Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Administrator\AppData\Local\torch

Map Gevonden : C:\Users\bas\AppData\Local\Astromenda

Map Gevonden : C:\Users\bas\AppData\Local\Chromatic Browser

Map Gevonden : C:\Users\bas\AppData\Local\genienext

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Map Gevonden : C:\Users\bas\AppData\Local\Linkey

Map Gevonden : C:\Users\bas\AppData\Local\Mobogenie

Map Gevonden : C:\Users\bas\AppData\Local\torch

Map Gevonden : C:\Users\bas\AppData\LocalLow\HPAppData

Map Gevonden : C:\Users\bas\AppData\LocalLow\iac

Map Gevonden : C:\Users\bas\AppData\LocalLow\SimplyTech

Map Gevonden : C:\Users\bas\AppData\Roaming\0F1F1C2Y1H1P1C0I0T

Map Gevonden : C:\Users\bas\AppData\Roaming\0V1L2Z2Z1T1I1L1T

Map Gevonden : C:\Users\bas\AppData\Roaming\1H1Q

Map Gevonden : C:\Users\bas\AppData\Roaming\AppCloudUpdater

Map Gevonden : C:\Users\bas\AppData\Roaming\BabSolution

Map Gevonden : C:\Users\bas\AppData\Roaming\FinalTorrent

Map Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppSafe

Map Gevonden : C:\Users\bas\AppData\Roaming\PerformerSoft

Map Gevonden : C:\Users\bas\AppData\Roaming\SecureSearch

Map Gevonden : C:\Users\bas\AppData\Roaming\SimplyTech

Map Gevonden : C:\Users\bas\AppData\Roaming\Systweak

Map Gevonden : C:\Users\bas\Documents\Mobogenie

Map Gevonden : C:\Users\bas\Documents\Optimizer Pro

Map Gevonden : C:\Users\Gast\AppData\Local\Chromatic Browser

Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\Gast\AppData\Local\torch

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\torch

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk

Map Gevonden : C:\Users\UpdatusUser\AppData\Local\torch

***** [ Taken ] *****

Taak Gevonden : AppCloudUpdater

Taak Gevonden : ASP

Taak Gevonden : BitGuard

Taak Gevonden : DealPlyUpdate

Taak Gevonden : FinalTorrent Update Checker

Taak Gevonden : LaunchSignup

***** [ Snelkoppelingen ] *****

Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )

Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )

Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )

Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )

***** [ Register ] *****

Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\mgrldr.dll,

Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll,

Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win64c~1.dll

Sleutel Gevonden : HKCU\Software\AppCloudUpdater

Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Sleutel Gevonden : HKCU\Software\AppSafe

Sleutel Gevonden : HKCU\Software\BRS

Sleutel Gevonden : HKCU\Software\Conduit

Sleutel Gevonden : HKCU\Software\ilivid

Sleutel Gevonden : HKCU\Software\Linkey

Sleutel Gevonden : HKCU\Software\LiveSupport

Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F}

Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppCloudUpdater

Sleutel Gevonden : HKCU\Software\Optimizer Pro

Sleutel Gevonden : HKCU\Software\qtrax

Sleutel Gevonden : HKCU\Software\RegisteredApplicationsEx

Sleutel Gevonden : HKCU\Software\simplytech

Sleutel Gevonden : HKCU\Software\Vittalia

Sleutel Gevonden : HKCU\Software\VuuPC

Sleutel Gevonden : HKCU\Software\WSE Rocket

Sleutel Gevonden : [x64] HKCU\Software\AppCloudUpdater

Sleutel Gevonden : [x64] HKCU\Software\AppSafe

Sleutel Gevonden : [x64] HKCU\Software\BRS

Sleutel Gevonden : [x64] HKCU\Software\Conduit

Sleutel Gevonden : [x64] HKCU\Software\ilivid

Sleutel Gevonden : [x64] HKCU\Software\Linkey

Sleutel Gevonden : [x64] HKCU\Software\LiveSupport

Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

Sleutel Gevonden : [x64] HKCU\Software\Optimizer Pro

Sleutel Gevonden : [x64] HKCU\Software\qtrax

Sleutel Gevonden : [x64] HKCU\Software\RegisteredApplicationsEx

Sleutel Gevonden : [x64] HKCU\Software\simplytech

Sleutel Gevonden : [x64] HKCU\Software\Vittalia

Sleutel Gevonden : [x64] HKCU\Software\VuuPC

Sleutel Gevonden : [x64] HKCU\Software\WSE Rocket

Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Sleutel Gevonden : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}

Sleutel Gevonden : HKLM\SOFTWARE\AppSafe

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7}

Sleutel Gevonden : HKLM\SOFTWARE\Conduit

Sleutel Gevonden : HKLM\SOFTWARE\InstallCore

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppSafe

Sleutel Gevonden : HKLM\SOFTWARE\systweak

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{2A836234-186C-41A0-9863-40BECDEDED9F}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Conduit

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Speedchecker Limited

Waarde Gevonden : HKCU\Software\Mozilla\Firefox\Extensions [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}]

Waarde Gevonden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]

Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]

Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v

[ Bestand : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\prefs.js ]

Regel gevonden : user_pref("browser.search.defaultengine", "Web Search");

Regel gevonden : user_pref("browser.search.defaultenginename", "Web Search");

Regel gevonden : user_pref("browser.search.order.1", "Web Search");

Regel gevonden : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v

[ Bestand : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gevonden [search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=NL&ver=21&locale=nl_NL&gct=sb&qsrc=2869

Gevonden [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk

Gevonden [Extension] : llanodmhmembedcjcjilamalmphmjflk

*************************

AdwCleaner[R0].txt - [27946 octets] - [30/10/2014 18:36:22]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [28007 octets] ##########

E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014

Downloaded @ E Dev

Run at do 30 okt 2014 20:12

.

Windows 7 Home Premium SP 1 (64 bits)

C:\Windows [NTFS - Fixed]

Default Browser: Internet Explorer

Boot mode: Normal boot

User logged in: bas

.

Java x86: 1.7.0_71

Java x64: 1.7.0_65

.

AV : AVG Internet Security 2015 [updated - Not Running]

AS : Windows Defender [updated - Not Running]

AS : AVG Internet Security 2015 [updated - Not Running]

FW : FW : AVG Internet Security 2015 [updated - Not Running]

.

==================== Files and Folders history =================================

Folders Created Last 7 days :

30-10-2014 ##### r-h-s-d+a- C:\rsit

30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev

30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner

29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB}

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG

28-10-2014 ##### r-h+s-d+a- C:\$AVG

25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo

24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217}

24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB}

Files Modified Last 7 days :

30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI

30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat

30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat

30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat

30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat

30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe

30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt

28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe

28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini

28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini

Files Created Last 7 days :

30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll

30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

28-10-2014 05020177 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db

25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol

==================== RUNNING PROCESSES =========================================

[ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK)

[ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS)

[ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.)

[AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations)

[ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ()

[armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)

[AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS)

[AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS)

[Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros)

[AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations)

[ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS)

[avgui] -bas- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.)

[avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)

[batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS)

[btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications)

[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)

[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)

[ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation)

[DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS)

[dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation)

[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)

[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)

[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)

[ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.)

[explorer] -bas- C:\Windows\explorer.exe - (Microsoft Corporation)

[FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.)

[FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider)

[GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS)

[GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.)

[GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.)

[HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS)

[hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation)

[HpqSRmon] -bas- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe - (Hewlett-Packard)

[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)

[igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation)

[igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation)

[LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation)

[lpksetup] -SYSTEM- C:\Windows\System32\lpksetup.exe - (Microsoft Corporation)

[lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)

[lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation)

[mbam] -bas- C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbam.exe - (Malwarebytes Corporation)

[MsSpellCheckingFacility] -bas- C:\Windows\System32\MsSpellCheckingFacility.exe - (Microsoft Corporation)

[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)

[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)

[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)

[notepad] -bas- C:\Windows\System32\notepad.exe - (Microsoft Corporation)

[nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation)

[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)

[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)

[NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation)

[PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)

[psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia)

[RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor)

[RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)

[searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation)

[services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation)

[sIGNAL~1] -bas- C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe - (Intel® Corporation)

[smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS)

[smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation)

[sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus)

[spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)

[sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia)

[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)

[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)

[taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)

[taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation)

[TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation)

[uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation)

[VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - ()

[VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - ()

[wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ()

[wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)

[winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation)

[WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.)

[WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.)

[WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)

[wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)

[WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)

==================== IE PAGES ==================================================

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE04 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb

IE04 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}

IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com

IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE10 - HKLM\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}

IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE04 x64 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb

IE04 x64 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}

IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com

IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

==================== Auto Load =================================================

AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,

AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,

AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

==================== Windows Host File =========================================

127.0.0.1 localhost

==================== BHO =======================================================

BHO - [HP Print Enhancer] - {0347C33E-8762-4905-BF09-768834316C61} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO - [HP Smart BHO Class] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO x64 - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files\Java\jre7\bin\ssv.dll

BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

BHO x64 - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll

==================== Auto Start Programs =======================================

ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S

ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

ASP01 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe

ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe

ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S

ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

ASP01 x64 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe

ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe

ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk

ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==================== Extra Items IE ============================================

EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics

EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility

EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing

EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security

EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings

EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International

EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

EI04 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files (x86)\Java\jre7\bin\ssv.dll

EI04 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files\Java\jre7\bin\ssv.dll

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files\Java\jre7\bin\jp2ssv.dll

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} =

==================== Internet Default Prefix ===================================

IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://

IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://

IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

==================== Default Settings IE - DSIE ================================

DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation

DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation

==================== Protocol Hijackers - PH ===================================

PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff]

PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

==================== Automatic Started DLL's (AS) ==============================

AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll

AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll

==================== ShellServiceObjectDelayLoad - SSODL =======================

SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

==================== Extra items - EXT (Torpig/ConduitSearch) ==================

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

==================== DRIVERS and SERVICES ======================================

*** Win32OwnProcess ***

SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe

SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe

SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe

SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe

SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe

SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe

SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe

SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe

SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe

SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe

SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe

SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe

SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe

SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe

SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe

SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe

SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe

SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe

SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe

SERV - S2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe

SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe

SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe

SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe

SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe

SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe

SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe

SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe

SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe

SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe

SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe

SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe

SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe

SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe

SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe

SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe

SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe

SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe

SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe

SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe

SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe

SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe

SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe

SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe

SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe

SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe

SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe

SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe

SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe

SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe

SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe

SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe

SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe

*** Win32ShareProcess ***

SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe

SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe

SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe

SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe

SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe

SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe

SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe

SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

*** Others ***

SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe

SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe

SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

*** File System Driver ***

DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys

DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys

DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys

DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys

DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys

DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys

DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys

DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys

DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys

DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys

*** Kernel Driver ***

DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys

DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys

DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys

DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]

DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys

DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys

DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys

DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys

DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys

DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys

DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys

DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys

DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys

DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys

DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys

DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys

DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys

DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys

DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys

DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys

DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys

DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys

DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys

DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys

DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys

DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys

DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys

DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys

DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys

DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys

DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys

DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys

DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==================== SvcHost - White Listed ====================================

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt

hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390]

hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt

hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390]

hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685]

==================== SigCheck x86 Fast =========================================

Fast Scan All ok

==================== SigCheck x64 Fast =========================================

Fast Scan All ok

==================== Job tasks =================================================

There are no .job files found.

==================== End scanning at do 30 okt 2014 20:13 (0 Min 18 Sec ) ======

Link naar reactie
Delen op andere sites

Verwijder Java van je pc. Zowel de 32 als 64 bits.

Je kan die later (na de cleaning) herinstalleren. Info: Java


Open een kladblokbestand.

Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

@ECHO Deleting Registry Keys>>log.txt
FOR %%j in (
"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}"
"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}"
"HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}"
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}"
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}"
) DO (
REG.EXE DELETE %%j /f
IF NOT ERRORLEVEL 1 ECHO %%j deleted successfully>>log.txt
IF ERRORLEVEL 1 ECHO %%j not deleted>>log.txt)
START NOTEPAD.EXE log.txt
DEL %0

Ga naar Bestand - Opslaan als.

Bij "Opslaan in" kies je: Bureaublad

Bij "Bestandsnaam" zet je: del.bat

Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).

Klik op de knop Opslaan.

Rechtsklikken op del.bat en Uitvoeren als Administrator.

Post de inhoud van de logfile die opent.


Herstart je pc.


Download of Update Ccleaner

Start CCleaner op.

  • Run Ccleaner en klik in de linkse kolom op Opties
  • Selecteer het tabblad Geavanceerd
  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
  • Selecteer het tabblad Instellingen
  • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
  • Klik in de linkse kolom op Cleaner.
  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
  • Klik vervolgens in de linkse kolom op Register
  • Klik op Scan naar problemen.
  • Op de vraag of je een backup wil maken van het register, klik je "Ja".
  • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK


Post een verse E-Peek log.

Link naar reactie
Delen op andere sites

Log van del.bat

Deleting Registry Keys

"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" deleted successfully

"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully

"HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted

"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" not deleted

"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted

"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully

Link naar reactie
Delen op andere sites

E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014

Downloaded @ E Dev

Run at do 30 okt 2014 22:33

.

Windows 7 Home Premium SP 1 (64 bits)

C:\Windows [NTFS - Fixed]

Default Browser: Internet Explorer

Boot mode: Normal boot

User logged in: bas

.

Java x86: n/a

Java x64: n/a

.

AV : AVG Internet Security 2015 [updated - Not Running]

AS : Windows Defender [updated - Running]

AS : AVG Internet Security 2015 [updated - Not Running]

FW : FW : AVG Internet Security 2015 [updated - Running]

.

==================== Files and Folders history =================================

Folders Created Last 7 days :

30-10-2014 ##### r-h-s-d+a- C:\rsit

30-10-2014 ##### r-h-s-d+a- C:\ProgramData\Brother

30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2

30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev

30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner

30-10-2014 ##### r-h+s+d+a- C:\Config.Msi

30-10-2014 ##### r+h-s-d+a- C:\Users\bas\AppData\Roaming\Brother

29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB}

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg

28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015

28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG

28-10-2014 ##### r-h+s-d+a- C:\$AVG

25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo

24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217}

24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB}

Files Modified Last 7 days :

30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI

30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat

30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat

30-10-2014 00352176 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT

30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat

30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat

30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe

30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt

30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt

28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe

28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini

28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini

Files Created Last 7 days :

30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll

30-10-2014 00006257 r-h-s-d-a+ C:\ProgramData\hpzinstall.log

30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt

30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

28-10-2014 05666024 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db

25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol

==================== RUNNING PROCESSES =========================================

[ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK)

[ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS)

[ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.)

[AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations)

[ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ()

[armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)

[AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS)

[AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS)

[Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros)

[AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations)

[ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS)

[avgfws] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe - (AVG Technologies CZ, s.r.o.)

[avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)

[batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS)

[btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications)

[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)

[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)

[ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation)

[DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS)

[dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation)

[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)

[ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.)

[explorer] -bas- C:\Windows\Explorer.EXE - (Microsoft Corporation)

[FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.)

[FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider)

[GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS)

[GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.)

[GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.)

[HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS)

[hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation)

[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)

[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)

[igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation)

[igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation)

[LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation)

[lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)

[lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation)

[nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation)

[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)

[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)

[NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation)

[PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)

[psi_tray] -bas- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe - (Secunia)

[psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia)

[RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor)

[RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)

[searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation)

[services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation)

[smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS)

[smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation)

[sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus)

[spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)

[sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia)

[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)

[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)

[taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation)

[TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation)

[uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation)

[VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - ()

[VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - ()

[wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ()

[wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)

[winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation)

[WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.)

[WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.)

[WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)

[wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)

[WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)

==================== IE PAGES ==================================================

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com

IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com

IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com

IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com

IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE

==================== Auto Load =================================================

AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,

AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,

AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

==================== Windows Host File =========================================

127.0.0.1 localhost

==================== BHO =======================================================

BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

==================== Auto Start Programs =======================================

ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S

ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe

ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe

ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S

ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY

ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"

ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe

ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe

ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk

ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==================== Extra Items IE ============================================

EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics

EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility

EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing

EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security

EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings

EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International

EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International

EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} =

EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} =

==================== Internet Default Prefix ===================================

IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://

IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://

IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

==================== Default Settings IE - DSIE ================================

DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation

DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation

==================== Protocol Hijackers - PH ===================================

PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff]

PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

==================== Automatic Started DLL's (AS) ==============================

AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll

AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll

==================== ShellServiceObjectDelayLoad - SSODL =======================

SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

==================== Extra items - EXT (Torpig/ConduitSearch) ==================

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft

EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll

EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft

EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll

EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

==================== DRIVERS and SERVICES ======================================

*** Win32OwnProcess ***

SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe

SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe

SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe

SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe

SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe

SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe

SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe

SERV - R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe

SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe

SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe

SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe

SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe

SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe

SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe

SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe

SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe

SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe

SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe

SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe

SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe

SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe

SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe

SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe

SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe

SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe

SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe

SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe

SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe

SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe

SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe

SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe

SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe

SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe

SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe

SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe

SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe

SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe

SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe

SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe

SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe

SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe

SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe

SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe

SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe

SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe

SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe

SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe

SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe

SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe

SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe

SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe

SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe

*** Win32ShareProcess ***

SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe

SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe

SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe

SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe

SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe

SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe

SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe

SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

*** Others ***

SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe

SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe

SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

*** File System Driver ***

DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys

DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys

DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys

DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys

DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys

DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys

DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys

DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys

DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys

DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys

*** Kernel Driver ***

DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys

DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys

DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys

DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]

DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys

DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys

DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys

DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys

DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys

DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys

DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys

DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys

DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys

DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys

DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys

DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys

DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys

DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys

DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys

DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys

DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys

DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys

DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys

DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys

DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys

DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys

DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys

DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys

DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys

DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys

DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys

DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys

DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==================== SvcHost - White Listed ====================================

All Ok

WOW - All Ok

==================== SigCheck x86 Fast =========================================

Fast Scan All ok

==================== SigCheck x64 Fast =========================================

Fast Scan All ok

==================== Job tasks =================================================

There are no .job files found.

==================== End scanning at do 30 okt 2014 22:34 (1 Min 7 Sec ) =======

- - - Updated - - -

Ik word steeds blijer, ik denk ook dat mijn twee problemen in een keer worden opgelost.

Het geen meldingen meer van kapotte of ontbrekende .dll files meer.

Link naar reactie
Delen op andere sites

Idd, je logs zien er prima uit :top:

1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

Hoe VERMIJD ik virussen ??? en Hoe voorkom ik een nieuwe infectie?

3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Computer Traag : Wat nu ?

4) Allerlei tips en hints kan je hier raadplegen.

Je mag het topic op "Opgelost" zetten.

Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan PC Helpforum :)

Emphyrio :-)

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.