 
        BoukeM
Lid- 
                Items7
- 
                Registratiedatum
- 
                Laatst bezocht
BoukeM's prestaties
- 
	istart.webssearches.com heeft mijn browser overgenomenBoukeM reageerde op BoukeM's topic in Archief Bestrijding malware & virussen Emphyrio, Ik zal de problemen op opgelost zetten maar niet nadat ik u heel hartelijk wil bedanken. Jullie doen goed werk. groet Bas Meester
- 
	istart.webssearches.com heeft mijn browser overgenomenBoukeM reageerde op BoukeM's topic in Archief Bestrijding malware & virussen E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ E Dev Run at do 30 okt 2014 22:33 . Windows 7 Home Premium SP 1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Internet Explorer Boot mode: Normal boot User logged in: bas . Java x86: n/a Java x64: n/a . AV : AVG Internet Security 2015 [updated - Not Running] AS : Windows Defender [updated - Running] AS : AVG Internet Security 2015 [updated - Not Running] FW : FW : AVG Internet Security 2015 [updated - Running] . ==================== Files and Folders history ================================= Folders Created Last 7 days : 30-10-2014 ##### r-h-s-d+a- C:\rsit 30-10-2014 ##### r-h-s-d+a- C:\ProgramData\Brother 30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner 30-10-2014 ##### r-h+s+d+a- C:\Config.Msi 30-10-2014 ##### r+h-s-d+a- C:\Users\bas\AppData\Roaming\Brother 29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB} 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG 28-10-2014 ##### r-h+s-d+a- C:\$AVG 25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo 24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217} 24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB} Files Modified Last 7 days : 30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 30-10-2014 00352176 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT 30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe 30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt 30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt 28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe 28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini 28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini Files Created Last 7 days : 30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll 30-10-2014 00006257 r-h-s-d-a+ C:\ProgramData\hpzinstall.log 30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt 30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 28-10-2014 05666024 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db 25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol ==================== RUNNING PROCESSES ========================================= [ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK) [ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS) [ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.) [AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations) [ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - () [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS) [AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS) [Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros) [AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations) [ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS) [avgfws] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS) [btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation) [DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS) [dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation) [E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.) [explorer] -bas- C:\Windows\Explorer.EXE - (Microsoft Corporation) [FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.) [FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider) [GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS) [GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.) [GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.) [HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS) [hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation) [iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation) [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation) [nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation) [PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation) [psi_tray] -bas- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe - (Secunia) [psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia) [RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor) [RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor) [searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation) [smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS) [smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation) [sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia) [taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation) [TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation) [uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation) [VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - () [VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - () [wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - () [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.) [WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/ IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/ IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Windows Host File ========================================= 127.0.0.1 localhost ==================== BHO ======================================================= BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} = ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation ==================== Protocol Hijackers - PH =================================== PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff] PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== Automatic Started DLL's (AS) ============================== AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe SERV - R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe *** Win32ShareProcess *** SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==================== SvcHost - White Listed ==================================== All Ok WOW - All Ok ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at do 30 okt 2014 22:34 (1 Min 7 Sec ) ======= - - - Updated - - - Ik word steeds blijer, ik denk ook dat mijn twee problemen in een keer worden opgelost. Het geen meldingen meer van kapotte of ontbrekende .dll files meer.
- 
	istart.webssearches.com heeft mijn browser overgenomenBoukeM reageerde op BoukeM's topic in Archief Bestrijding malware & virussen Log van del.bat Deleting Registry Keys "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" deleted successfully "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully "HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted "HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" not deleted "HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted "HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully
- 
	istart.webssearches.com heeft mijn browser overgenomenBoukeM reageerde op BoukeM's topic in Archief Bestrijding malware & virussen Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 30-10-2014 Scan Time: 15:50:18 Logfile: malwarelog30-10-14.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.10.30.08 Rootkit Database: v2014.10.22.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: bas Scan Type: Custom Scan Result: Completed Objects Scanned: 642343 Time Elapsed: 2 hr, 31 min, 15 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) # AdwCleaner v3.311 - Rapport aangemaakt 30/10/2014 op 18:36:22 # Laatste Update 30/09/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : bas - BAS-PC # Gestart vanuit : C:\Users\bas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU0TFAPV\adwcleaner_3.311.exe # Optie : Scannen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Bestand Gevonden : C:\END Bestand Gevonden : C:\Users\bas\AppData\Roaming\LiveSupport.exe_log.txt Bestand Gevonden : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\user.js Bestand Gevonden : C:\Users\bas\AppData\Roaming\regsvr32.exe_log.txt Bestand Gevonden : C:\Users\bas\daemonprocess.txt Bestand Gevonden : C:\Users\bas\Desktop\AppSafe.lnk Map Gevonden : C:\Program Files (x86)\AppSafe Map Gevonden : C:\Program Files (x86)\AskPartnerNetwork Map Gevonden : C:\Program Files (x86)\FinalTorrent Map Gevonden : C:\Program Files (x86)\FlvPlayer Map Gevonden : C:\Program Files (x86)\Movies Toolbar Map Gevonden : C:\Program Files (x86)\MyPC Backup Map Gevonden : C:\Program Files (x86)\Settings Manager Map Gevonden : C:\ProgramData\apn Map Gevonden : C:\ProgramData\Babylon Map Gevonden : C:\ProgramData\BitGuard Map Gevonden : C:\ProgramData\Browser Manager Map Gevonden : C:\ProgramData\BrowserProtect Map Gevonden : C:\ProgramData\Computer Updater Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent Map Gevonden : C:\ProgramData\Systweak Map Gevonden : C:\ProgramData\Trusted Publisher Map Gevonden : C:\ProgramData\wincert Map Gevonden : C:\ProgramData\WPM Map Gevonden : C:\Users\Administrator\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Administrator\AppData\Local\torch Map Gevonden : C:\Users\bas\AppData\Local\Astromenda Map Gevonden : C:\Users\bas\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\bas\AppData\Local\genienext Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Map Gevonden : C:\Users\bas\AppData\Local\Linkey Map Gevonden : C:\Users\bas\AppData\Local\Mobogenie Map Gevonden : C:\Users\bas\AppData\Local\torch Map Gevonden : C:\Users\bas\AppData\LocalLow\HPAppData Map Gevonden : C:\Users\bas\AppData\LocalLow\iac Map Gevonden : C:\Users\bas\AppData\LocalLow\SimplyTech Map Gevonden : C:\Users\bas\AppData\Roaming\0F1F1C2Y1H1P1C0I0T Map Gevonden : C:\Users\bas\AppData\Roaming\0V1L2Z2Z1T1I1L1T Map Gevonden : C:\Users\bas\AppData\Roaming\1H1Q Map Gevonden : C:\Users\bas\AppData\Roaming\AppCloudUpdater Map Gevonden : C:\Users\bas\AppData\Roaming\BabSolution Map Gevonden : C:\Users\bas\AppData\Roaming\FinalTorrent Map Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppSafe Map Gevonden : C:\Users\bas\AppData\Roaming\PerformerSoft Map Gevonden : C:\Users\bas\AppData\Roaming\SecureSearch Map Gevonden : C:\Users\bas\AppData\Roaming\SimplyTech Map Gevonden : C:\Users\bas\AppData\Roaming\Systweak Map Gevonden : C:\Users\bas\Documents\Mobogenie Map Gevonden : C:\Users\bas\Documents\Optimizer Pro Map Gevonden : C:\Users\Gast\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\Gast\AppData\Local\torch Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\torch Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk Map Gevonden : C:\Users\UpdatusUser\AppData\Local\torch ***** [ Taken ] ***** Taak Gevonden : AppCloudUpdater Taak Gevonden : ASP Taak Gevonden : BitGuard Taak Gevonden : DealPlyUpdate Taak Gevonden : FinalTorrent Update Checker Taak Gevonden : LaunchSignup ***** [ Snelkoppelingen ] ***** Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB ) Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB ) Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB ) Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB ) ***** [ Register ] ***** Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\mgrldr.dll, Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll, Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win64c~1.dll Sleutel Gevonden : HKCU\Software\AppCloudUpdater Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Gevonden : HKCU\Software\AppSafe Sleutel Gevonden : HKCU\Software\BRS Sleutel Gevonden : HKCU\Software\Conduit Sleutel Gevonden : HKCU\Software\ilivid Sleutel Gevonden : HKCU\Software\Linkey Sleutel Gevonden : HKCU\Software\LiveSupport Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F} Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppCloudUpdater Sleutel Gevonden : HKCU\Software\Optimizer Pro Sleutel Gevonden : HKCU\Software\qtrax Sleutel Gevonden : HKCU\Software\RegisteredApplicationsEx Sleutel Gevonden : HKCU\Software\simplytech Sleutel Gevonden : HKCU\Software\Vittalia Sleutel Gevonden : HKCU\Software\VuuPC Sleutel Gevonden : HKCU\Software\WSE Rocket Sleutel Gevonden : [x64] HKCU\Software\AppCloudUpdater Sleutel Gevonden : [x64] HKCU\Software\AppSafe Sleutel Gevonden : [x64] HKCU\Software\BRS Sleutel Gevonden : [x64] HKCU\Software\Conduit Sleutel Gevonden : [x64] HKCU\Software\ilivid Sleutel Gevonden : [x64] HKCU\Software\Linkey Sleutel Gevonden : [x64] HKCU\Software\LiveSupport Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Sleutel Gevonden : [x64] HKCU\Software\Optimizer Pro Sleutel Gevonden : [x64] HKCU\Software\qtrax Sleutel Gevonden : [x64] HKCU\Software\RegisteredApplicationsEx Sleutel Gevonden : [x64] HKCU\Software\simplytech Sleutel Gevonden : [x64] HKCU\Software\Vittalia Sleutel Gevonden : [x64] HKCU\Software\VuuPC Sleutel Gevonden : [x64] HKCU\Software\WSE Rocket Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Sleutel Gevonden : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Sleutel Gevonden : HKLM\SOFTWARE\AppSafe Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1} Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521} Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25} Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7} Sleutel Gevonden : HKLM\SOFTWARE\Conduit Sleutel Gevonden : HKLM\SOFTWARE\InstallCore Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppSafe Sleutel Gevonden : HKLM\SOFTWARE\systweak Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{2A836234-186C-41A0-9863-40BECDEDED9F} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Conduit Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F} Sleutel Gevonden : [x64] HKLM\SOFTWARE\Speedchecker Limited Waarde Gevonden : HKCU\Software\Mozilla\Firefox\Extensions [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] Waarde Gevonden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64] Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v [ Bestand : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\prefs.js ] Regel gevonden : user_pref("browser.search.defaultengine", "Web Search"); Regel gevonden : user_pref("browser.search.defaultenginename", "Web Search"); Regel gevonden : user_pref("browser.search.order.1", "Web Search"); Regel gevonden : user_pref("browser.search.selectedEngine", "Web Search"); -\\ Google Chrome v [ Bestand : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gevonden [search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=NL&ver=21&locale=nl_NL&gct=sb&qsrc=2869 Gevonden [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk Gevonden [Extension] : llanodmhmembedcjcjilamalmphmjflk ************************* AdwCleaner[R0].txt - [27946 octets] - [30/10/2014 18:36:22] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [28007 octets] ########## E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ E Dev Run at do 30 okt 2014 20:12 . Windows 7 Home Premium SP 1 (64 bits) C:\Windows [NTFS - Fixed] Default Browser: Internet Explorer Boot mode: Normal boot User logged in: bas . Java x86: 1.7.0_71 Java x64: 1.7.0_65 . AV : AVG Internet Security 2015 [updated - Not Running] AS : Windows Defender [updated - Not Running] AS : AVG Internet Security 2015 [updated - Not Running] FW : FW : AVG Internet Security 2015 [updated - Not Running] . ==================== Files and Folders history ================================= Folders Created Last 7 days : 30-10-2014 ##### r-h-s-d+a- C:\rsit 30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2 30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev 30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner 29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB} 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg 28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015 28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG 28-10-2014 ##### r-h+s-d+a- C:\$AVG 25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo 24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217} 24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB} Files Modified Last 7 days : 30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI 30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat 30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat 30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat 30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat 30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe 30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt 28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe 28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini 28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini Files Created Last 7 days : 30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll 30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 28-10-2014 05020177 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db 25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol ==================== RUNNING PROCESSES ========================================= [ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK) [ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS) [ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.) [AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations) [ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - () [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated) [AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS) [AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS) [Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros) [AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations) [ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS) [avgui] -bas- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.) [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.) [batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS) [btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation) [ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation) [DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS) [dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation) [E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev) [ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.) [explorer] -bas- C:\Windows\explorer.exe - (Microsoft Corporation) [FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.) [FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider) [GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS) [GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.) [GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.) [HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS) [hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation) [HpqSRmon] -bas- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe - (Hewlett-Packard) [iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation) [iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation) [igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation) [igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation) [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation) [lpksetup] -SYSTEM- C:\Windows\System32\lpksetup.exe - (Microsoft Corporation) [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation) [lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation) [mbam] -bas- C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbam.exe - (Malwarebytes Corporation) [MsSpellCheckingFacility] -bas- C:\Windows\System32\MsSpellCheckingFacility.exe - (Microsoft Corporation) [notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation) [notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation) [notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation) [notepad] -bas- C:\Windows\System32\notepad.exe - (Microsoft Corporation) [nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation) [NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation) [PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation) [psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia) [RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor) [RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor) [searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation) [services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation) [sIGNAL~1] -bas- C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe - (Intel® Corporation) [smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS) [smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation) [sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus) [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation) [sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia) [taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation) [taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation) [TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation) [uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation) [VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - () [VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - () [wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - () [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation) [WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.) [WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.) [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation) [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation) [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/ IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE04 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb IE04 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms} IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE10 - HKLM\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms} IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/ IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE04 x64 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb IE04 x64 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms} IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Windows Host File ========================================= 127.0.0.1 localhost ==================== BHO ======================================================= BHO - [HP Print Enhancer] - {0347C33E-8762-4905-BF09-768834316C61} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO - [HP Smart BHO Class] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO x64 - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files\Java\jre7\bin\ssv.dll BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL BHO x64 - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe ASP01 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe ASP01 x64 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files (x86)\Java\jre7\bin\ssv.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files\Java\jre7\bin\ssv.dll EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} = EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files\Java\jre7\bin\jp2ssv.dll EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} = ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation ==================== Protocol Hijackers - PH =================================== PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff] PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== Automatic Started DLL's (AS) ============================== AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe SERV - S2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe *** Win32ShareProcess *** SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x] DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys ==================== SvcHost - White Listed ==================================== HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390] hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390] hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685] ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== SigCheck x64 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at do 30 okt 2014 20:13 (0 Min 18 Sec ) ======
- 
	Hallo Sinds een poosje krijg ik bij het starten van mijn pc een aantal venstermededelingen dat het betrokken opstartbestand ongeldig is of een fout bevat. bijvoorbeeld het bestand iexplore.exe. De win64~-1.dll zou niet goed zijn. Windows verkenner werkt maar even en dan geeft ie er de brui aan. Iemand een idee wat dit kan zijn en hoe ik dit kan verhelpen. graag reactie groet bas Meester
 
			OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!
 
		