Omiga-Plus

[Jean Paul]

Dag,

Bij het opstarten van de laptop krijg ik de zoekmachine Omiga-Plus op het scherm.

Nu blijkt dit geen gezonde zoekmachine te zijn en wens ze te verwijderen.

Via configuratie scherm probeer ik deze te verwijderen en er word gevraagd een woord te herhalen vorraleer de "uninstalling" begint. Dan worden gegevens opgezocht en moet eerst een repare worden gedaan voor de

verwijdering (?) Maar dat blijft duren en na meer dan een half uur is die zoeknmachine nog niet weg.

Hoe kan dit worden opgelost aub ?

Jean Paul

[clarkie]

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

[clarkie]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .
  

RSIT Logbestanden plaatsen

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
  
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Bekijk ook de instructievideo.

[Jean Paul]

Goede middag,

Zoals ik eerder schreef met dit onderwerp heb ik getracht het te verwijderen via Configuratiescherm-programma's en onderdelen.

ik heb de pc laten lopen en blijkbaar heeft dit geholpen na enkele pogingen want ik vind dit "Omiga-Plus" nergens meer terug.

De pc start ook normaal op en mijn IE is zoals voorzien Google.

Ik veronderstel dat het is opgelost maar ga voor de zekerheid uw aangeboden hulp bewaren want men weet nooit.

Mag dit probleem hierbij worden afgesloten maar volgens de nieuwe lijn zie ik niet waar ik dat kan doen.

Misschien graag nog een reactie van u ?

Ps : heb wel mijn laptop naar de hersteller moeten doen want Windows startte niet meer op. Kostte mij 120 €. Bij terugkomst zag ik "omiga-plus" wat ik ervoor niet had. Zal eens met de hersteller moeten gaan praten denk ik.

groeten,

Jean Paul

[kape]

Wil je toch de suggestie van Clarkie eens uitvoeren ... dan weten we meteen of die "Omiga-plus" nog op je PC zit (en kennen we meteen ook de "kwaliteit" van je PC-boer). Een logje van RSIT volstaat om dat te kunnen beoordelen.

[Jean Paul]

Waar vind de map  ""C:\rsit"      Hoe kom ik daar ?

[Jean Paul]

Heb alles geselecteerd en hier geplakt . zie bericht hiervoor aub

Logfile of random's system information tool 1.10 (written by random/random)

Run by Pc at 2015-02-05 17:04:59

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 313 GB (51%) free of 610 GB

Total RAM: 6092 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:05:00, on 5/02/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\XTab\cmdshell.exe

C:\Program Files (x86)\XTab\HPNotify.exe

C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe

C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\trend micro\Pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX&q={searchTerms}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX&q={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422899019&from=pcs&uid=HitachiXHTS547564A9E384_J2180053D3EY1CD3EY1CX

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [FilmFanatic AppIntegrator 32-bit] C:\PROGRA~2\FILMFA~2\bar\1.bin\AppIntegrator.exe

O4 - HKLM\..\Run: [FilmFanatic AppIntegrator 64-bit] C:\PROGRA~2\FILMFA~2\bar\1.bin\AppIntegrator64.exe

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 10271 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\Windows\system32\WLANExt.exe 27639824

\??\C:\Windows\system32\conhost.exe "-2029596143-21382772004232770763392225951231233985-2121214056148739237-1644919446

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\AVAST Software\Avast\afwServ.exe"

"C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"

"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui

C:\Windows\splwow64.exe 12288

"C:\Program Files (x86)\XTab\ProtectService.exe"

"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\XTab\cmdshell.exe"

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"

C:\Windows\system32\valWBFPolicyService.exe

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

WLIDSvcM.exe 4064

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

HPNotify.exe -run

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6c3da67c-60e7-40bc-92fb-91411f10bc46 -SystemEventPortName:HostProcess-fd54b494-5fb7-42da-8f7f-c5d19161ef31 -IoCancelEventPortName:HostProcess-3aecdd7c-1e52-45b0-aabc-50bd3c9538f6 -NonStateChangingEventPortName:HostProcess-92b900b5-c896-49b1-9b79-bfda05f9de07 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4af2a3ae-e079-4fcc-8d3b-d9e1023116f6 -DeviceGroupId:

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"

"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"

"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" /handleDdeError Excel /launchResult SFT-3f5166ff-a58f-4aee-80e7-08e0376fd2ed /launch "Microsoft Excel Starter 2010 9014006604090000" /dde

"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0409-0000-0000000FF1CE}

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Skype\Phone\Skype.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2366639599-4099548902-4220582541-100056_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2366639599-4099548902-4220582541-100056 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544

"C:\Users\Pc\Desktop\RSITx64.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe57_ Global\UsGthrCtrlFltPipeMssGthrPipe57 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-04 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-24 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]

Norton Identity Protection - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.3.12\coIEPlg.dll [2014-06-26 917344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-04 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-24 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.3.12\coIEPlg.dll [2014-06-26 917344]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-13 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-13 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 171992]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 399832]

"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"=C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [2011-05-03 487424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-18 113288]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-27 5227112]

"FilmFanatic AppIntegrator 32-bit"=C:\PROGRA~2\FILMFA~2\bar\1.bin\AppIntegrator.exe []

"FilmFanatic AppIntegrator 64-bit"=C:\PROGRA~2\FILMFA~2\bar\1.bin\AppIntegrator64.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-02-05 16:44:05 ----D---- C:\rsit

2015-02-04 11:04:47 ----A---- C:\Windows\system32\javaws.exe

2015-02-04 11:04:38 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll

2015-02-04 11:04:38 ----A---- C:\Windows\system32\javaw.exe

2015-02-04 11:04:38 ----A---- C:\Windows\system32\java.exe

2015-02-04 11:04:34 ----D---- C:\Program Files\Java

2015-02-03 11:01:45 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2015-02-03 11:01:45 ----A---- C:\Windows\system32\DWrite.dll

2015-02-02 18:49:02 ----D---- C:\Program Files (x86)\PC Speed Up

2015-02-02 18:43:54 ----D---- C:\ProgramData\IHProtectUpDate

2015-02-02 18:43:46 ----D---- C:\Program Files (x86)\XTab

2015-02-02 18:43:40 ----D---- C:\ProgramData\WindowsMangerProtect

2015-02-02 18:43:22 ----D---- C:\Users\Pc\AppData\Roaming\omiga-plus

2015-02-02 12:54:35 ----SHD---- C:\$RECYCLE.BIN

2015-02-02 12:49:45 ----D---- C:\AdwCleaner

2015-02-02 12:46:22 ----D---- C:\Windows\temp

2015-02-02 12:38:12 ----A---- C:\Windows\zip.exe

2015-02-02 12:38:12 ----A---- C:\Windows\SWSC.exe

2015-02-02 12:38:12 ----A---- C:\Windows\SWREG.exe

2015-02-02 12:38:12 ----A---- C:\Windows\sed.exe

2015-02-02 12:38:12 ----A---- C:\Windows\PEV.exe

2015-02-02 12:38:12 ----A---- C:\Windows\NIRCMD.exe

2015-02-02 12:38:12 ----A---- C:\Windows\MBR.exe

2015-02-02 12:38:12 ----A---- C:\Windows\grep.exe

2015-02-02 12:38:06 ----D---- C:\ComboFix

2015-02-02 12:37:43 ----D---- C:\Qoobox

2015-02-02 12:37:27 ----D---- C:\Windows\erdnt

2015-01-31 11:02:15 ----A---- C:\Windows\ntbtlog.txt

2015-01-19 11:26:32 ----D---- C:\ProgramData\{91D9791A-C15B-A89C-70DD-D81EA05F0B90}

2015-01-16 20:40:11 ----D---- C:\Program Files\7-Zip

2015-01-15 10:38:32 ----A---- C:\Windows\SYSWOW64\nlaapi.dll

2015-01-15 10:38:32 ----A---- C:\Windows\SYSWOW64\ncsi.dll

2015-01-15 10:38:32 ----A---- C:\Windows\system32\nlasvc.dll

2015-01-14 10:00:29 ----A---- C:\Windows\system32\profsvc.dll

2015-01-14 10:00:28 ----A---- C:\Windows\system32\TSWbPrxy.exe

2015-01-14 10:00:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2015-01-14 10:00:21 ----A---- C:\Windows\system32\ntoskrnl.exe

2015-01-14 10:00:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2015-01-14 10:00:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2015-01-14 10:00:18 ----A---- C:\Windows\SYSWOW64\srclient.dll

2015-01-14 10:00:18 ----A---- C:\Windows\system32\srcore.dll

2015-01-14 10:00:18 ----A---- C:\Windows\system32\srclient.dll

2015-01-14 10:00:18 ----A---- C:\Windows\system32\rstrui.exe

2015-01-10 12:04:42 ----D---- C:\Program Files (x86)\7-Zip

2015-01-08 11:24:46 ----D---- C:\Program Files (x86)\WinRAR

2015-01-07 16:28:57 ----D---- C:\Program Files (x86)\ExtractNow

2015-01-07 15:07:57 ----A---- C:\Windows\system32\drivers\aswKbd.sys

2015-01-07 15:07:43 ----A---- C:\Windows\system32\aswBoot.exe

2015-01-07 15:06:10 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys

======List of files/folders modified in the last 1 month======

2015-02-05 17:05:00 ----D---- C:\Program Files\trend micro

2015-02-05 17:02:54 ----D---- C:\Users\Pc\AppData\Roaming\Skype

2015-02-05 16:41:55 ----D---- C:\Windows\SysWOW64

2015-02-05 16:21:21 ----D---- C:\Windows\Prefetch

2015-02-05 10:55:57 ----D---- C:\Windows\system32\config

2015-02-05 10:51:59 ----D---- C:\Users\Pc\AppData\Roaming\SoftGrid Client

2015-02-04 18:45:36 ----D---- C:\Windows\System32

2015-02-04 18:45:36 ----D---- C:\Windows\inf

2015-02-04 18:45:36 ----A---- C:\Windows\system32\PerfStringBackup.INI

2015-02-04 14:51:00 ----RD---- C:\Program Files (x86)

2015-02-04 14:50:59 ----D---- C:\Windows\AppPatch

2015-02-04 14:46:38 ----SHD---- C:\System Volume Information

2015-02-04 12:11:36 ----D---- C:\Windows\system32\drivers

2015-02-04 11:04:47 ----SHD---- C:\Windows\Installer

2015-02-04 11:04:34 ----RD---- C:\Program Files

2015-02-04 10:59:16 ----D---- C:\Windows\system32\Tasks

2015-02-03 11:18:55 ----D---- C:\Windows\winsxs

2015-02-03 10:59:22 ----D---- C:\Windows\system32\catroot2

2015-02-03 10:59:22 ----D---- C:\Windows\system32\catroot

2015-02-03 10:53:19 ----D---- C:\Program Files (x86)\Google

2015-02-02 19:49:23 ----D---- C:\Windows\Tasks

2015-02-02 18:51:45 ----D---- C:\Users\Pc\AppData\Roaming\vlc

2015-02-02 18:43:54 ----D---- C:\ProgramData

2015-02-02 13:51:16 ----D---- C:\Windows

2015-02-02 13:48:55 ----D---- C:\Windows\Minidump

2015-02-02 13:39:29 ----D---- C:\Windows\twain_32

2015-02-02 13:13:49 ----D---- C:\ProgramData\Malwarebytes

2015-02-02 12:46:29 ----A---- C:\Windows\system.ini

2015-02-02 12:46:22 ----D---- C:\Windows\system32\drivers\etc

2015-02-02 12:44:12 ----D---- C:\Windows\SYSWOW64\drivers

2015-02-02 12:44:12 ----D---- C:\Program Files (x86)\Common Files

2015-01-30 12:54:27 ----D---- C:\Windows\system32\wdi

2015-01-28 20:38:47 ----D---- C:\Users\Pc\AppData\Roaming\dvdcss

2015-01-25 10:10:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2015-01-24 09:41:46 ----D---- C:\Program Files (x86)\NortonInstaller

2015-01-24 09:39:09 ----D---- C:\ProgramData\Norton

2015-01-24 09:37:38 ----D---- C:\Program Files\Common Files

2015-01-22 10:36:33 ----D---- C:\Windows\Microsoft.NET

2015-01-21 18:40:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2015-01-19 11:26:29 ----D---- C:\Program Files (x86)\FrostWire 6

2015-01-15 11:06:33 ----D---- C:\Users\Pc\AppData\Roaming\Adobe

2015-01-14 17:13:30 ----D---- C:\Windows\system32\MRT

2015-01-14 17:10:53 ----A---- C:\Windows\system32\MRT.exe

2015-01-14 11:40:47 ----D---- C:\ProgramData\Skype

2015-01-14 11:40:41 ----RD---- C:\Program Files (x86)\Skype

2015-01-10 18:56:17 ----D---- C:\Windows\system32\wfp

2015-01-10 18:56:15 ----D---- C:\Windows\system32\wbem

2015-01-10 18:54:58 ----D---- C:\Windows\system32\DriverStore

2015-01-10 18:54:57 ----HD---- C:\Windows\system32\WLANProfiles

2015-01-10 18:54:57 ----D---- C:\Windows\system32\NDF

2015-01-10 18:54:57 ----D---- C:\Windows\system32\CodeIntegrity

2015-01-10 18:54:25 ----D---- C:\Windows\registration

2015-01-10 18:54:18 ----D---- C:\Windows\AppCompat

2015-01-10 12:41:10 ----D---- C:\Program Files (x86)\PIXresizer

2015-01-10 12:03:02 ----D---- C:\Program Files\WinRAR

2015-01-07 12:00:08 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-01-07 449936]

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-24 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-24 267632]

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-01-07 28184]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-24 93568]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-24 1050432]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-24 436624]

R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DE07030.00C\ccSetx64.sys [2013-09-27 162392]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-24 29208]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-24 83280]

R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-24 116728]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]

R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-02-20 11471872]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-11 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-11 181248]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys [2013-06-26 768680]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirwin7.sys [2013-06-26 29352]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys [2013-06-26 23208]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS [2010-04-12 35840]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]

S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-24 50344]

R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-01-07 104416]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]

R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]

R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-01-16 158896]

R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe [2014-06-26 130104]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]

R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-30 35328]

R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-02-02 464384]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2011-04-05 4925184]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17 116648]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-13 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2011-04-05 149352]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-17 1255736]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[kape]

Je PC-boer is alvast gebuisd ... niet alleen is je JAVA niet geupdate, maar alle malware (Omiga inbegrepen) zit nog steeds op de PC ... foei

 

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
• Herhaal dit tot alle oudere versies verdwenen zijn.
• Na het verwijderen van alle oudere versies, herstart je pc.
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.

[kape]

En nu gaan we het "vergeten werk" van de PC-boer even aanpakken ... de malware op de PC.

 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C};c
FilmFanatic AppIntegrator 32-bit:s
FilmFanatic AppIntegrator 64-bit;s
WindowsMangerProtect;s
C:\ProgramData\WindowsMangerProtect;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}];r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"FilmFanatic AppIntegrator 32-bit"=-;r64
"FilmFanatic AppIntegrator 64-bit"=-;r64
C:\Program Files (x86)\PC Speed Up;fs
C:\ProgramData\IHProtectUpDate;fs
C:\Program Files (x86)\XTab;fs
C:\Users\Pc\AppData\Roaming\omiga-plus;fs
C:\ComboFix;fs
C:\Qoobox;fs
C:\ProgramData\{91D9791A-C15B-A89C-70DD-D81EA05F0B90};fs
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
• Do a Deep Scan
• Auto Clean
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[Jean Paul]

dag

wat betreft de JAVA software :

u zegt : ga naar start-configuratie-software

 

Hierbij het configuratiescherm, waaronder  vind ik java Runtime Environnement   enz...   ?