delta-homes.com verwijderen

[rogerviro]

als ik internet explorer wil of google.be komt altijd delta-homes.com op wil ik dat verwijderen heb ik problemen ,kan ik dat Norton verwijderen zo ja hoe gaat dat te werk

[Asus]

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ...

 

Download  RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

• RSIT 32 bit (RSIT.exe)
• RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

 

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

[rogerviro]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Gebruiker at 2014-12-28 17:20:20
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 471 GB (67%) free of 709 GB
Total RAM: 6127 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:20:28, on 28/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe
Q:\140061.nld\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\trend micro\Gebruiker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmfYdMsk7a-Vib4bZI79lOFQUvdXpc5ICc32EPgj4ZQFFLH4Vn97O9liLSjo3hUt_oFW_5FfojJXwAUwiHX9yNl68RyY9htCpDqiEAphCF-yfuV0Z62MATisoR8dPvLEG-HfQct0fM3wMNQXfF7I7JhjK0YU,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmfYdMsk7a-Vib4bZI79lOFQUvdXpc5ICc32EPgj4ZQFFLH4Vn97O9liLSjo3hUt_oFW_5FfojJXwAUwiHX9yNl68RyY9htCpDqiEAphCF-yfuV0Z62MATisoR8dPvLEG-HfQct0fM3wMNQXfF7I7JhjK0YU,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1406971274&from=cor&uid=ST31500341AS_9VS57NW6&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1406971274&from=cor&uid=ST31500341AS_9VS57NW6&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmfYdMsk7a-Vib4bZI79lOFQUvdXpc5ICc32EPgj4ZQFFLH4Vn97O9liLSjo3hUt_oFW_5FfojJXwAUwiHX9yNl68RyY9htCpDqiEAphCF-yfuV0Z62MATisoR8dPvLEG-HfQct0fM3wMNQXfF7I7JhjK0YU,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmfYdMsk7a-Vib4bZI79lOFQUvdXpc5ICc32EPgj4ZQFFLH4Vn97O9liLSjo3hUt_oFW_5FfojJXwAUwiHX9yNl68RyY9htCpDqiEAphCF-yfuV0Z62MATisoR8dPvLEG-HfQct0fM3wMNQXfF7I7JhjK0YU,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.sweet-page.com/web/?type=ds&ts=1406971274&from=cor&uid=ST31500341AS_9VS57NW6&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.sweet-page.com/web/?type=ds&ts=1406971274&from=cor&uid=ST31500341AS_9VS57NW6&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\coIEPlg.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Allin1Convert EPM Support] "C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe" T8EPMSUP.DLL,S
O4 - HKLM\..\Run: [Allin1Convert Search Scope Monitor] "C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe
O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader 64] C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon64.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Gebruiker\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [HP Photosmart 6520 series (NET)] "C:\Program Files\hp\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2B5355GR05XP:NW" -scfn "HP Photosmart 6520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1988791469-250253527-2888884737-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1988791469-250253527-2888884737-1004\..\Run: [spotify Web Helper] "C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1988791469-250253527-2888884737-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Download Video - {3B54DEAB-C6D4-48a8-8C32-A70558643400} - C:\Program Files (x86)\FinalVideoDownloader\fvdRunner.html
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file:///K:/Program%20Files%20(x86)/AutoCAD%202000i/AcDcToday.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred Control) - file:///K:/Program%20Files%20(x86)/AutoCAD%202000i/InstFred.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///K:/Program%20Files%20(x86)/AutoCAD%202000i/AcPreview.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Allin1ConvertService (Allin1Convert_8hService) - COMPANYVERS_NAME - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Security with Backup (NSBU) - Symantec Corporation - C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update PlurPush - Unknown owner - C:\Program Files (x86)\PlurPush\updatePlurPush.exe
O23 - Service: Util PlurPush - Unknown owner - C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18946 bytes

======Listing Processes======

 

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files\hp\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2B5355GR05XP:NW" -scfn "HP Photosmart 6520 series (NET)" -AutoStart 1
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe" /s "NSBU" /m "C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\diMaster.dll" /prefetch:1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" /quietlaunch "ONENOTEM 9014006104130000" /tsr
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe"
"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe"
"C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "129177711872596118-2084498109-841613701-20592493101508828301529155271-1122484455
"C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe" /c /a /s UserSession
"C:\Program Files\hp\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4372
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e59bffed-d717-4c7b-8888-c77d8124d5cb -SystemEventPortName:HostProcess-680fa5a3-7985-478f-ac2b-6bdf4ab26027 -IoCancelEventPortName:HostProcess-1f64098b-e11a-4767-bede-0c45fa6b7d64 -NonStateChangingEventPortName:HostProcess-8a763dd7-064a-4a8a-a996-43b5732818e4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c56fac78-7cac-4273-8fc0-e0ec9458c9de -DeviceGroupId:WpdFsGroup
"Q:\140061.nld\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe"  /start IDLE_APP_EVENT_{90140011-0061-0413-0000-0000000FF1CE}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files (x86)\Windows Live\Mail\wlmail.exe"
"C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe" -Embedding
taskeng.exe {77F10E45-CE06-417D-8547-5ACB8FBBE327}
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.malwareremoval.com/images/random/RSITx64.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2728 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S900ZWPI\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe  --auto
C:\Windows\tasks\HPCeeScheduleForGebruiker.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe  HPCeeScheduleForGebruiker (null)
C:\Windows\tasks\Plus-HD-4.9-chromeinstaller.job - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-chromeinstaller.exe  /installcrx /agentregpath='Plus-HD-4.9' /extensionfilepath='C:\Program Files (x86)\Plus-HD-4.9\45918.crx' /appid=45918 /srcid='000934' /subid='0' /zdata='0' /bic=D90ECDBC208A4A02A035C2890AB24962IE /verifier=bdad1d3403a6ad5cd04fc9fbe65db418 /installerversion=1_33_153 /installerfullversion=1.33.153.1 /installationtime=1390241784 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=jjflmfkjppbmejlfbhlpgjnomdoefkfa /extensionversion=1.26.59 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsOTRu7paUms3AYVei3zXFT5PTGGqPKkF1VYLLBwSfExMWGI7Bdm/DqDEZH5FzLf5DRmd8Z92j2jPqiIeIxXDLrC8ZLON8zH4VjNGUKs7mrFmckRTxUc1RNL1kpHFp9wxYUCHIA49dzSNLb0ArYWz9MlBTiL9oiMt/nZP/zPSXNQIDAQAB /defbro=ch /allusers /allprofiles /crxinstalltype=1 /runfrom='task' /externallog=''

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}]
Plus-HD-4.9 - C:\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-bho64.dll [2014-01-20 973672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.1.0.9\coIEPlg.dll [2014-12-05 886584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-10-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\coIEPlg.dll [2014-12-05 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}]
Search Assistant BHO - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2014-06-02 139336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-10-23 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}]
Toolbar BHO - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll [2014-06-02 872008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-10-23 256456]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.1.0.9\coIEPlg.dll [2014-12-05 886584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{cd1a63ba-a08c-431b-9a34-f240aadc728d} - Allin1Convert - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2014-06-02 872008]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-10-23 194504]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\coIEPlg.dll [2014-12-05 664888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-10-18 1063200]
"Allin1Convert Home Page Guard 64 bit"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe [2014-06-02 485960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-10-23 39408]
"HP Photosmart 6520 series (NET)"=C:\Program Files\hp\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2012-07-02 2736128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [2008-09-30 485208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-21 1514040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
C:\Windows\vVX3000.exe [2010-05-20 762736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop]
C:\Users\Gebruiker\AppData\Roaming\Yontoo\YontooDesktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk]
C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVH.EXE [2013-07-23 3207912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LaunchHPOSIAPP"=C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe [2009-04-04 385024]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"Allin1Convert EPM Support"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe [2014-06-02 12872]
"Allin1Convert Search Scope Monitor"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe [2014-06-02 55368]
"Allin1Convert_8h Browser Plugin Loader"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe [2014-06-02 61512]
"Allin1Convert_8h Browser Plugin Loader 64"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon64.exe [2014-06-02 71752]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="   "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-28 17:20:21 ----D---- C:\Program Files\trend micro
2014-12-28 17:20:20 ----D---- C:\rsit
2014-12-25 17:40:09 ----D---- C:\NPE
2014-12-19 09:41:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-12-19 09:41:00 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2014-12-19 09:38:47 ----D---- C:\Windows\system32\drivers\NSBUx64
2014-12-19 09:38:44 ----D---- C:\Program Files (x86)\Norton Security with Backup
2014-12-19 09:31:56 ----D---- C:\ProgramData\PCSettings
2014-12-18 09:15:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 09:15:58 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 20:00:34 ----D---- C:\Windows\system32\appraiser
2014-12-10 19:51:32 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 19:51:32 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 19:51:32 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 19:51:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 19:51:32 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 19:51:32 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 19:51:32 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 19:51:32 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 19:51:32 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 19:51:31 ----A---- C:\Windows\system32\mf.dll
2014-12-10 09:34:06 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 09:34:06 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 09:34:06 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 09:34:06 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 09:34:06 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 09:34:05 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 09:34:05 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 09:34:04 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 09:33:54 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 09:33:54 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 09:33:51 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 09:33:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 09:33:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 09:33:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 09:33:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 09:33:43 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 09:33:43 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 09:33:43 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 09:33:43 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 09:33:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 09:33:42 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 09:33:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 09:33:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 09:33:42 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 09:33:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 09:33:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 09:33:41 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 09:33:41 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 09:33:41 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 09:33:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 09:33:39 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 09:33:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 09:33:38 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 09:33:38 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 09:33:38 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 09:33:37 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 09:33:36 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 09:33:36 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 09:33:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 09:33:36 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 09:33:15 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 09:33:15 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 09:33:15 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 09:33:15 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 09:33:14 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 09:33:14 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 09:33:14 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 09:33:14 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 09:33:14 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 09:33:14 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 09:33:14 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 09:33:14 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 09:33:13 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 09:33:13 ----A---- C:\Windows\system32\tzres.dll
2014-12-02 14:14:09 ----N---- C:\Windows\system32\HPDiscoPMAF11.dll

======List of files/folders modified in the last 1 month======

2014-12-28 17:20:28 ----D---- C:\Windows\Prefetch
2014-12-28 17:20:21 ----RD---- C:\Program Files
2014-12-28 17:12:50 ----D---- C:\Windows\Temp
2014-12-28 08:30:31 ----D---- C:\ProgramData\WindowsMangerProtect
2014-12-28 08:25:17 ----D---- C:\Windows\system32\config
2014-12-28 08:08:29 ----D---- C:\Users\Gebruiker\AppData\Roaming\newnext.me
2014-12-28 08:07:48 ----AD---- C:\Windows
2014-12-28 08:07:18 ----SHD---- C:\System Volume Information
2014-12-27 18:52:48 ----D---- C:\Users\Gebruiker\AppData\Roaming\SoftGrid Client
2014-12-26 19:51:40 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent
2014-12-26 19:51:37 ----D---- C:\Windows\inf
2014-12-26 17:43:16 ----D---- C:\Windows\system32\Tasks
2014-12-26 17:43:01 ----D---- C:\Windows\system32\drivers
2014-12-25 17:52:35 ----HD---- C:\ProgramData
2014-12-25 17:17:43 ----D---- C:\Program Files (x86)\WinZipper
2014-12-19 19:56:52 ----D---- C:\Program Files (x86)\Steam
2014-12-19 09:42:33 ----D---- C:\ProgramData\Norton
2014-12-19 09:41:47 ----D---- C:\Users\Gebruiker\AppData\Roaming\Skype
2014-12-19 09:41:00 ----D---- C:\Program Files\Common Files
2014-12-19 09:40:28 ----D---- C:\Users\Gebruiker\AppData\Roaming\Spotify
2014-12-19 09:40:18 ----SHD---- C:\Windows\Installer
2014-12-19 09:40:18 ----HD---- C:\Config.Msi
2014-12-19 09:38:44 ----RD---- C:\Program Files (x86)
2014-12-19 09:37:13 ----D---- C:\Program Files (x86)\NortonInstaller
2014-12-18 19:00:03 ----D---- C:\Windows\winsxs
2014-12-18 18:59:53 ----D---- C:\Windows\System32
2014-12-18 18:59:53 ----AD---- C:\Windows\SysWOW64
2014-12-18 17:20:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-18 09:13:57 ----D---- C:\Windows\system32\catroot
2014-12-14 08:17:25 ----D---- C:\Windows\system32\wdi
2014-12-13 17:33:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-13 11:30:32 ----D---- C:\Windows\rescache
2014-12-13 10:41:16 ----D---- C:\Windows\system32\catroot2
2014-12-13 10:17:36 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-12-13 10:17:36 ----D---- C:\Windows\system32\nl-NL
2014-12-11 18:44:11 ----D---- C:\Windows\debug
2014-12-10 20:00:35 ----D---- C:\Windows\AppCompat
2014-12-10 20:00:34 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 20:00:34 ----SD---- C:\ProgramData\Microsoft
2014-12-10 20:00:31 ----D---- C:\Program Files\Internet Explorer
2014-12-10 20:00:30 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 20:00:29 ----D---- C:\Windows\system32\en-US
2014-12-10 20:00:29 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 20:00:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 19:59:23 ----D---- C:\ProgramData\Microsoft Help
2014-12-10 19:57:54 ----D---- C:\Windows\system32\MRT
2014-12-10 19:52:58 ----A---- C:\Windows\system32\MRT.exe
2014-12-09 18:22:05 ----D---- C:\Program Files\CCleaner
2014-12-02 14:14:03 ----D---- C:\Windows\system32\DriverStore
2014-12-02 14:14:00 ----D---- C:\Windows\twain_32
2014-12-02 14:14:00 ----D---- C:\ProgramData\HP
2014-12-02 14:14:00 ----D---- C:\Program Files\hp
2014-12-02 14:14:00 ----D---- C:\Program Files (x86)\Hp
2014-12-02 13:31:17 ----D---- C:\Users\Gebruiker\AppData\Roaming\HpUpdate
2014-12-02 13:29:12 ----D---- C:\Windows\system32\NDF
2014-12-02 10:51:36 ----D---- C:\Windows\Tasks
2014-12-02 10:51:36 ----D---- C:\Windows\system32\wfp
2014-12-02 10:51:33 ----D---- C:\Windows\system32\wbem
2014-12-02 10:50:13 ----D---- C:\Windows\registration
2014-12-01 18:28:03 ----SD---- C:\Users\Gebruiker\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NSBUx64\1601000.009\SYMDS64.SYS [2014-09-09 490712]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NSBUx64\1601000.009\SYMEFA64.SYS [2014-09-09 1151704]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-09 1587416]
R1 ccSet_NSBU;NSBU Settings Manager; C:\Windows\system32\drivers\NSBUx64\1601000.009\ccSetx64.sys [2014-09-09 165080]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-11-25 487216]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\IPSDefs\20141226.001\IDSvia64.sys [2014-12-18 637656]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NSBUx64\1601000.009\SRTSP64.SYS [2014-12-02 914648]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NSBUx64\1601000.009\SRTSPX64.SYS [2014-12-02 42200]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NSBUx64\1601000.009\Ironx64.SYS [2014-09-09 271576]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NSBUx64\1601000.009\SYMNETS.SYS [2014-09-09 565464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 cxbu0x64;SmartBoard XX44; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-03-22 186880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-11-25 142640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20141227.007\ENG64.SYS [2014-08-11 129752]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.1.0.9\Definitions\VirusDefs\20141227.007\EX64.SYS [2014-08-11 2137304]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-09-28 39200]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-12-19 102616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys [2010-05-20 2060144]
S3 DlinkUDSMBus;DlinkUDSMBus; SysWOW64\Drivers\DlinkUDSMBus.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 GrabsterSeries.AV250.X64;GRABSTER SERIES, AV250 X64 Service; C:\Windows\SYSTEM32\DRIVERS\GrabsterSeries.X64.SYS [2010-01-22 377152]
S3 GrabsterSeries.C64;GRABSTER SERIES, Service C64; C:\Windows\SYSTEM32\DRIVERS\GrabsterSeries.C64.SYS [2010-01-22 262208]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 Allin1Convert_8hService;Allin1ConvertService; C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe [2014-06-02 88648]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-07-07 72992]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-01-27 773968]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NSBU;Norton Security with Backup; C:\Program Files (x86)\Norton Security with Backup\Engine\22.1.0.9\NSBU.exe [2014-12-10 282528]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-18 15122208]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-22 472064]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update PlurPush;Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [2014-04-21 350488]
S2 Util PlurPush;Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [2014-04-21 350488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-10-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-29 1255736]
S4 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
S4 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-02-13 77944]
S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 Boonty Games;Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [2012-01-02 69120]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-01 1432400]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S4 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2012-06-27 73728]
S4 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
S4 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S4 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S4 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

-----------------EOF-----------------

[rogerviro]

hopend met deze van dienst kunnen zijn

[kape]

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4};c
C:\Program Files (x86)\Allin1Convert_8h;fs
{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c
{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797};c
{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d};c
{ae07101b-46d4-4a98-af68-0333ea26e113};c
{cd1a63ba-a08c-431b-9a34-f240aadc728d};c
Allin1Convert EPM Support;s
Allin1Convert Search Scope Monitor;s
Allin1Convert_8h Browser Plugin Loader;s
Allin1Convert_8h Browser Plugin Loader 64;s
NextLive;s
C:\Users\Gebruiker\AppData\Roaming\newnext.me;fs
Allin1Convert_8hService;s
Update PlurPush;s
Util PlurPush;s
C:\Program Files (x86)\PlurPush;fs
WindowsMangerProtect;s
C:\ProgramData\WindowsMangerProtect;fs
C:\Windows\tasks\Plus-HD-4.9-chromeinstaller.job;f
C:\Program Files (x86)\Plus-HD-4.9;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411591118}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}];r64
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r64
"Allin1Convert Home Page Guard 64 bit"=-;r64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
"NextLive"=-;r64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR];r64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop];r64
C:\Users\Gebruiker\AppData\Roaming\Yontoo;fs
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"Allin1Convert EPM Support"=-;r64
"Allin1Convert Search Scope Monitor"=;r64
"Allin1Convert_8h Browser Plugin Loader"=-;r64
"Allin1Convert_8h Browser Plugin Loader 64"=-;r64
""=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r64
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
• Do a Deep Scan
• Auto Clean
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[rogerviro]

ik heb Norton security  en heb mijn probleem naar Norton doorgestuurd , die hebben onmiddellijk als chat met mijn contact genomen en hebben mijn pc overgenomen en het probleem opgelost.

ik wet het kost jaarlijks 69€ maar ik krijg toch een goede service  

zodat het probleem opgelost is

[kape]

Hebben ze bij Norton ook een verklaring gegeven hoe al die malware - ondanks NIS - toch op je PC terechtgekomen is ? Niet dat dit nog erg belangrijk is, maar ofwel heeft het AV-programma zijn werk niet helemaal goed gedaan, ofwel is het natuurlijk de gebruiker die in de fout is gegaan.

 

Maar eind goed, al goed ... dan kunnen we dit topic afsluiten