Pagina 1 van 3 123 LaatsteLaatste
Weergegeven resultaten: 1 t/m 10 van 22
  1. #1
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts

    traag en overstelpt met popups

    Beste,

    Het is niet meer te doen,
    opduikende schermen, hyperlinks op iedere webpagina die ik open...
    werkt bovendien traag en sloom...

    hieronder de dds log:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 10.55.2
    Run by Kristof&Melissa at 12:44:52 on 2014-09-05
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.12174.7596 [GMT 2:00]
    .
    AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\FBAgent.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    C:\Program Files\Serviio\bin\ServiioService.exe
    C:\Program Files\Serviio\bin\ServiioService.exe
    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\System32\vds.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent\ uTorrent.exe
    C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\SABnzbd\SABnzbd.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Program Files\Serviio\bin\ServiioConsole.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
    C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files\Elantech\ETDGesture.exe
    C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
    C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
    C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe
    C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
    C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
    C:\Program Files (x86)\Nero\Update\NASvc.exe
    C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_14_0_0_145.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Users\Kristof&Melissa\Downloads\vqrwtx1l.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://websearch.greatresults.info/
    uURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
    mWinlogon: Userinit = userinit.exe,
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
    EB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    uRun: [uTorrent] "C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent \uTorrent.exe" /MINIMIZED
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRun: [GBMPro9Agent] C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
    mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    mRun: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
    mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    mRun: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
    mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
    mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
    mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
    mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
    mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
    mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    StartupFolder: C:\Users\KRISTO~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe
    StartupFolder: C:\Users\KRISTO~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\Serviio.lnk - C:\Program Files\Serviio\bin\ServiioConsole.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {5D06ED6E-DA78-4486-A246-B131A2C39807} - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    TCP: NameServer = 195.130.130.130 195.130.131.130
    TCP: Interfaces\{8DC97954-5A0E-40EB-B925-822A0F58C40F} : DHCPNameServer = 195.130.130.130 195.130.131.130
    TCP: Interfaces\{8DC97954-5A0E-40EB-B925-822A0F58C40F}\3554A5D2055524C49434 : DHCPNameServer = 195.130.130.11 195.130.131.11
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\
    FF - prefs.js: browser.search.selectedEngine - Trovi search
    FF - prefs.js: browser.startup.homepage - hxxp://www.trovi.com/?gd=&ctid=CT3330789&octid=EB_ORIGINAL_CTID&ISID=ME F17E71B-454C-4DDD-B00E-0EDC366A5AFE&SearchSource=55&CUI=&UM=6&UP=SPD03F8C 90-9E46-4EEA-8860-876F7A2E14B1&SSPV=&SSPV=&SSPV=
    FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin .dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
    FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
    FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_ 145.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.mixidj.tlbrSrchUrl -
    FF - user.js: extensions.mixidj.id - 247367ff0000000000009cb70d80d2f4
    FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
    FF - user.js: extensions.mixidj.instlDay - 15811
    FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
    FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
    FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.17:53:38
    FF - user.js: extensions.mixidj.prtnrId - mixidj
    FF - user.js: extensions.mixidj.prdct - mixidj
    FF - user.js: extensions.mixidj.aflt - babsst
    FF - user.js: extensions.mixidj_i.smplGrp - none
    FF - user.js: extensions.mixidj.tlbrId - base
    FF - user.js: extensions.mixidj.instlRef - sst
    FF - user.js: extensions.mixidj.dfltLng - en
    FF - user.js: extensions.mixidj_i.excTlbr - false
    FF - user.js: extensions.mixidj.excTlbr - false
    FF - user.js: extensions.mixidj.admin - false
    FF - user.js: extensions.mixidj.autoRvrt - false
    FF - user.js: extensions.mixidj.rvrt - false
    FF - user.js: extensions.mixidj_i.newTab - false
    FF - user.js: extensions.delta.tlbrSrchUrl -
    FF - user.js: extensions.delta.id - 247367ff0000000000009cb70d80d2f4
    FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    FF - user.js: extensions.delta.instlDay - 15961
    FF - user.js: extensions.delta.vrsn - 1.8.24.6
    FF - user.js: extensions.delta.vrsni - 1.8.24.6
    FF - user.js: extensions.delta.vrsnTs - 1.8.24.619:19:55
    FF - user.js: extensions.delta.prtnrId - delta
    FF - user.js: extensions.delta.prdct - delta
    FF - user.js: extensions.delta.aflt - babsst
    FF - user.js: extensions.delta.smplGrp - none
    FF - user.js: extensions.delta.tlbrId - base
    FF - user.js: extensions.delta.instlRef - sst
    FF - user.js: extensions.delta.dfltLng - nl
    FF - user.js: extensions.delta.excTlbr - false
    FF - user.js: extensions.delta.ffxUnstlRst - true
    FF - user.js: extensions.delta.admin - false
    FF - user.js: extensions.delta_i.babTrack - affID=119293&tsp=5004
    FF - user.js: extensions.delta_i.babExt -
    FF - user.js: extensions.delta_i.srcExt - ss
    FF - user.js: extensions.delta.autoRvrt - false
    FF - user.js: extensions.delta.rvrt - false
    FF - user.js: extensions.delta.newTab - false
    .
    .
    .
    .
    .
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgi dsha.sys [2014-6-17 190744]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
    R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubaku p.sys [2014-8-26 58952]
    R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMO N.sys [2014-8-26 48200]
    R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2014-8-26 116000]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-19 16152]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpc iflt.sys [2013-3-25 30496]
    R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2014-8-26 1120032]
    R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sy s [2014-8-26 198432]
    R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2014-8-26 161568]
    R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2014-8-26 117024]
    R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2013-9-6 26176]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-17 153368]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\driv ers\avgidsdrivera.sys [2014-6-17 242968]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
    R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\euds kacs.sys [2014-8-26 18504]
    R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFd Disk.sys [2014-8-26 189000]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152]
    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-10-30 379520]
    R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-8-26 3873784]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-2-17 277120]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-12-30 106144]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
    R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [2014-8-26 68168]
    R2 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EASEUS\Todo Backup\bin\GuardAgent.exe [2014-8-26 23624]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-30 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-10-30 161560]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-5 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-5 860472]
    R2 MemeoBackgroundService;MemeoBackgroundService;C:\P rogram Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-7-26 25824]
    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
    R2 SamsungAllShareV2.0;Samsung AllShare PC;C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-3-2 25504]
    R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-2 14088]
    R2 Serviio;Serviio;C:\Program Files\Serviio\bin\ServiioService.exe [2013-8-8 359936]
    R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
    R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2014-2-4 7142320]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-30 363800]
    R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-30 158880]
    R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2014-8-26 367200]
    R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-10-30 17152]
    R3 AsusVBus;AsusVBus;C:\Windows\System32\drivers\Asus VBus.sys [2011-12-21 35968]
    R3 AsusVTouch;AsusVTouch;C:\Windows\System32\drivers\ AsusVTouch.sys [2011-11-8 16512]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-12-30 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-12-30 338592]
    R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-12-30 110752]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-12-30 30368]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-12-30 167584]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-12-30 68256]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-12-30 280992]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfi lter.sys [2011-12-30 548000]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-3-19 200488]
    R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-3-26 169752]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-19 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-19 788760]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\dr ivers\mbam.sys [2013-9-4 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\dr ivers\MBAMSwissArmy.sys [2014-9-5 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windo ws\System32\drivers\mwac.sys [2014-9-5 63704]
    R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-10-30 313960]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-30 646248]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
    S2 BrowserProtect;BrowserProtect;C:\ProgramData\Brows erProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe --> C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1c cb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 A38CCID;CCID USB Smart Card Reader;C:\Windows\System32\drivers\a38ccid.sys [2014-3-24 62592]
    S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2013-9-6 57024]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssflt r.sys [2011-10-19 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-17 111616]
    S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 SimpleSlideShowServer;SimpleSlideShowServer;C:\Pro gram Files (x86)\Samsung\AllShare\AllShareSlideShowService.ex e [2012-3-2 27584]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2011-2-18 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-1 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2011-2-16 14464]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2014-09-05 08:32:39 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-09-05 08:32:12 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-09-05 08:32:12 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-09-05 08:32:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-05 06:31:06 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E0FD82C3-D0CA-431A-ADED-01A8C5303A11}\mpengine.dll
    2014-09-03 16:14:02 11319192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2014-08-29 06:28:43 1169712 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3AED265A-44DA-4C35-9BE8-9011A2E925A6}\gapaengine.dll
    2014-08-28 01:27:19 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2014-08-28 01:27:19 3163648 ----a-w- C:\Windows\System32\win32k.sys
    2014-08-28 01:27:19 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-08-26 12:21:32 -------- d-----w- C:\Windows\xxclone.arc
    2014-08-26 12:21:25 -------- d-----w- C:\Program Files\XXCLONE
    2014-08-26 11:34:37 -------- d-----w- C:\Users\Kristof&Melissa\AppData\Roaming\Genie-Soft
    2014-08-26 11:33:58 -------- d-----w- C:\Program Files\Genie9
    2014-08-26 11:22:02 -------- d-----w- C:\Program Files (x86)\Common Files\Memeo
    2014-08-26 11:21:56 -------- d-----w- C:\Program Files (x86)\Memeo
    2014-08-26 10:35:51 58952 ----a-w- C:\Windows\System32\drivers\eubakup.sys
    2014-08-26 10:35:51 48200 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys
    2014-08-26 10:35:51 189000 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys
    2014-08-26 10:35:51 18504 ----a-w- C:\Windows\System32\drivers\eudskacs.sys
    2014-08-26 10:24:40 24136 ----a-w- C:\Windows\System32\fbnative.exe
    2014-08-26 10:15:27 -------- d-----w- C:\Windows\Downloaded Installations
    2014-08-26 10:14:35 -------- d-----w- C:\Windows\SysWow64\URTTEMP
    2014-08-26 09:38:21 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys
    2014-08-26 09:38:15 1464096 ----a-w- C:\Windows\System32\drivers\tdrpman.sys
    2014-08-26 09:38:13 198432 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys
    2014-08-26 09:38:12 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys
    2014-08-26 09:38:10 161568 ----a-w- C:\Windows\System32\drivers\vididr.sys
    2014-08-26 09:38:09 117024 ----a-w- C:\Windows\System32\drivers\vidsflt.sys
    2014-08-26 09:38:08 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys
    2014-08-26 09:38:07 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
    2014-08-22 10:00:51 2620928 ----a-w- C:\Windows\System32\wucltux.dll
    2014-08-22 10:00:17 97792 ----a-w- C:\Windows\System32\wudriver.dll
    2014-08-22 10:00:17 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2014-08-22 09:59:53 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2014-08-22 09:59:52 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2014-08-22 09:59:52 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2014-08-22 09:59:52 198600 ----a-w- C:\Windows\System32\wuwebv.dll
    2014-08-21 18:03:34 -------- d-sh--w- C:\Users\Kristof&Melissa\AppData\Local\EmieUserLis t
    2014-08-21 18:03:34 -------- d-sh--w- C:\Users\Kristof&Melissa\AppData\Local\EmieSiteLis t
    2014-08-21 11:25:24 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
    2014-08-21 11:25:24 171160 ----a-w- C:\Windows\System32\infocardapi.dll
    2014-08-21 11:25:23 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
    2014-08-21 11:25:23 1389208 ----a-w- C:\Windows\System32\icardagt.exe
    2014-08-21 11:25:19 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
    2014-08-21 11:25:19 8856 ----a-w- C:\Windows\System32\icardres.dll
    2014-08-21 11:24:43 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
    2014-08-21 11:24:43 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
    2014-08-17 18:36:58 10747904 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
    2014-08-17 18:36:50 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-08-17 18:36:50 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
    2014-08-17 18:36:49 529920 ----a-w- C:\Windows\System32\aepdu.dll
    2014-08-17 18:36:48 424448 ----a-w- C:\Windows\System32\aeinv.dll
    2014-08-12 23:00:10 4575232 ----a-w- C:\Windows\SysWow64\GPhotos.scr
    .
    ==================== Find3M ====================
    .
    2014-09-05 10:37:21 380 ----a-w- C:\Users\Kristof&Melissa\AppData\Roaming\sp_data.s ys
    2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
    2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
    2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
    2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-07-09 15:51:32 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-09 15:51:32 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-07-01 23:29:10 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
    2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
    2014-06-17 14:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2014-06-17 14:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
    2014-06-17 14:06:58 269080 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2014-06-17 14:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2014-06-17 14:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2014-06-17 14:06:22 153368 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
    2014-06-17 14:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
    2014-06-17 14:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2014-06-10 02:00:05 2684256 ----a-w- C:\Windows\System32\xxclone.exe
    .
    ============= FINISH: 12:46:05,89 ===============

  2. #2
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts
    en de gmer:

    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-09-05 12:53:24
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.JC45 931,51GB
    Running: vqrwtx1l.exe; Driver: C:\Users\KRISTO~1\AppData\Local\Temp\uwaoyaow.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text C:\Windows\system32\drivers\USBPORT.SYS!DllUnload fffff88006c3ad8c 12 bytes {MOV RAX, 0xfffffa800d7192a0; JMP RAX}

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2096] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\SYSTEM32\d3d9.dll!Direct3DCreate9Ex 000007fef7452460 5 bytes JMP 000007fefc6402d0
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2144] C:\Windows\SYSTEM32\d3d9.dll!Direct3DCreate9 000007fef74896b0 6 bytes JMP 000007fefc640298
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[2832] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\SYSTEM32\d3d9.dll!Direct3DCreate9Ex 000007fef7452460 5 bytes JMP 000007fefc6402d0
    .text C:\Windows\SYSTEM32\WISPTIS.EXE[2904] C:\Windows\SYSTEM32\d3d9.dll!Direct3DCreate9 000007fef74896b0 6 bytes JMP 000007fefc640298
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[2924] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fef606dc88 5 bytes JMP 000007fff5e600d8
    .text C:\Windows\system32\Dwm.exe[3044] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fef606de10 5 bytes JMP 000007fff5e60110
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Windows\system32\taskeng.exe[3536] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe[3620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe[3620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[3772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[3836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Windows\system32\taskeng.exe[3888] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Windows\AsScrPro.exe[4812] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Windows\AsScrPro.exe[4812] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1064] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[1892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[1892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[200] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016ffa0148
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016ffa00d8
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016ffa0180
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016ffa0110
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016ffa01b8
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7584] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016ffa0148
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016ffa00d8
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016ffa0180
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016ffa0110
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016ffa01b8
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[7628] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\Elantech\ETDCtrl.exe[7752] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Windows\System32\igfxpers.exe[8136] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Steam\Steam.exe[7416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Steam\Steam.exe[7416] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe[7708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe[7708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent\ uTorrent.exe[7860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent\ uTorrent.exe[7860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe[6720] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files (x86)\SABnzbd\SABnzbd.exe[6512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\SABnzbd\SABnzbd.exe[6512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\Serviio\bin\ServiioConsole.exe[8088] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe[8032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe[8032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[9176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe[9176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe[8920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe[8920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Elantech\ETDCtrlHelper.exe[8128] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\kernel32.dll!K32GetMappedFileN ameW 00000000773ef2e0 5 bytes JMP 000000016fff0148
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\kernel32.dll!K32EnumProcessMod ulesEx 0000000077419a30 7 bytes JMP 000000016fff00d8
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\kernel32.dll!K32GetModuleInfor mation 00000000774294c0 5 bytes JMP 000000016fff0180
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\kernel32.dll!K32GetModuleFileN ameExW 0000000077429630 5 bytes JMP 000000016fff0110
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000774487e0 7 bytes JMP 000000016fff01b8
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefc672db0 5 bytes JMP 000007fffc640180
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle W 000007fefc6737d0 7 bytes JMP 000007fffc6400d8
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefc678ef0 6 bytes JMP 000007fffc640148
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\KERNELBASE.dll!GetModuleHandle ExW 000007fefc68af60 5 bytes JMP 000007fffc640110
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 000007fefc6e89f0 8 bytes JMP 000007fffc6401f0
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayMode List 000007fefc6ebe50 8 bytes JMP 000007fffc6401b8
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefc887490 11 bytes JMP 000007fffc640228
    .text C:\Program Files\Elantech\ETDGesture.exe[5364] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefc89bf00 7 bytes JMP 000007fffc640260
    .text C:\Program Files (x86)\Mobogenie\DaemonProcess.exe[9136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Mobogenie\DaemonProcess.exe[9136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe[1008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe[1008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[10088] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[10088] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2
    .text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[11256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076eb1465 2 bytes {JMP 0x78}
    .text C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe[11256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076eb14bb 2 bytes {JMP 0x78}
    .text ... * 2

    ---- Kernel IAT/EAT - GMER 2.1 ----

    IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [fffff88001077770] \SystemRoot\System32\Drivers\spau.sys [unknown section]
    IAT C:\Windows\system32\drivers\pci.sys[ntoskrnl.exe!IoDetachDevice] [fffff880010776fc] \SystemRoot\System32\Drivers\spau.sys [unknown section]
    IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff8800103c35c] \SystemRoot\System32\Drivers\spau.sys [unknown section]
    IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff8800103c224] \SystemRoot\System32\Drivers\spau.sys [unknown section]
    IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff8800103ca24] \SystemRoot\System32\Drivers\spau.sys [unknown section]
    IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff8800103cba0] \SystemRoot\System32\Drivers\spau.sys [unknown section]

    ---- Devices - GMER 2.1 ----

    Device \Driver\adlmud68 \Device\Scsi\adlmud681Port1Path0Target0Lun0 fffffa800d9b82c0
    Device \Driver\adlmud68 \Device\Scsi\adlmud681 fffffa800d9b82c0
    Device \FileSystem\Ntfs \Ntfs fffffa800a7c62c0
    Device \FileSystem\fastfat \Fat fffffa800f2dd2c0
    Device \Driver\usbehci \Device\USBPDO-1 fffffa800d8ff2c0
    Device \Driver\cdrom \Device\CdRom0 fffffa800ad5d2c0
    Device \Driver\cdrom \Device\CdRom1 fffffa800ad5d2c0
    Device \Driver\NetBT \Device\NetBT_Tcpip_{8DC97954-5A0E-40EB-B925-822A0F58C40F} fffffa800ae9d2c0
    Device \Driver\usbehci \Device\USBFDO-0 fffffa800d8ff2c0
    Device \Driver\NetBT \Device\NetBT_Tcpip_{131AA945-E440-4E22-B747-6520E11C3E25} fffffa800ae9d2c0
    Device \Driver\usbehci \Device\USBFDO-1 fffffa800d8ff2c0
    Device \Driver\volmgr \Device\HarddiskVolume1 fffffa800a7ba2c0
    Device \Driver\volmgr \Device\FtControl fffffa800a7ba2c0
    Device \Driver\volmgr \Device\VolMgrControl fffffa800a7ba2c0
    Device \Driver\volmgr \Device\HarddiskVolume2 fffffa800a7ba2c0
    Device \Driver\volmgr \Device\HarddiskVolume3 fffffa800a7ba2c0
    Device \Driver\volmgr \Device\HarddiskVolume4 fffffa800a7ba2c0
    Device \Driver\volmgr \Device\HarddiskVolume5 fffffa800a7ba2c0
    Device \Driver\volmgr \Device\HarddiskVolume6 fffffa800a7ba2c0
    Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa800ae9d2c0
    Device \Driver\adlmud68 \Device\ScsiPort1 fffffa800d9b82c0
    Device \Driver\usbehci \Device\USBPDO-0 fffffa800d8ff2c0
    Device \Driver\NetBT \Device\NetBT_Tcpip_{11F15C91-0712-42B9-9C4D-48FD007C2632} fffffa800ae9d2c0

    ---- Modules - GMER 2.1 ----

    Module \SystemRoot\System32\Drivers\adlmud68.SYS fffff88005b8e000-fffff88005bd1000 (274432 bytes)
    ---- Processes - GMER 2.1 ----

    Process C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent\ uTorrent.exe (*** suspicious ***) @ C:\Users\Kristof&Melissa\AppData\Roaming\uTorrent\ uTorrent.exe [7860] (µTorrent/BitTorrent Inc.)(2013-09-10 19:43:01) 0000000000400000

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----

  3. #3
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Download MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

    • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
    • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.


    • Klik vervolgens bovenin het scherm op Scan.
    • Kies vervolgens de Aangepaste scan en klik op Scan nu.
      • Plaats vervolgens een vinkje bij de optie Scan naar rootkits.
      • Selecteer in het rechter venster alle aanwezige harde schijven en partities.
    • Klik vervolgens op de knop Start scan om de aangepaste uit te voeren.
    • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
    • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
    • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
      • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
      • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
      • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
      • Dit bestand zal standaard op uw bureaublad worden opgeslagen.



    MalwareBytes' Anti-Malware logbestand plaatsen
    [list][*] Voeg het logbestand wat u zojuist heeft opgeslagen toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)

  4. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    liejp ( 7 September 2014)

  5. #4
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 6/09/2014
    Scantijd: 15:53:19
    Logbestand: mbm.txt
    Beheerder: Ja

    Versie: 2.00.2.1012
    Malwaredatabase: v2014.09.06.02
    Rootkitdatabase: v2014.08.21.01
    Licentie: Premium
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Self-protection: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Kristof&Melissa

    Scantype: Aangepaste Scan
    Resultaat: Voltooid
    Objecten Gescand: 658974
    Verstreken Tijd: 4 u, 18 m, 34 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Diepgewortelde-Rootkit Scan: Ingeschakeld
    Heuristics: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registersleutels: 0
    (No malicious items detected)

    Registerwaardes: 0
    (No malicious items detected)

    Registerdata: 0
    (No malicious items detected)

    Mappen: 0
    (No malicious items detected)

    Bestanden: 33
    PUP.Optional.ClientConnect, C:\Users\Kristof&Melissa\AppData\Local\Google\Chro me\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafj ahijbb\10.31.4.510_0\APISupport\APISupport.dll, In Quarantaine, [25744c7dde9d7db9af0e3875f40d9d63],
    PUP.Optional.ClientConnect, C:\Users\Kristof&Melissa\AppData\Local\Google\Chro me\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafj ahijbb\10.31.4.510_0\nativeMessaging\TBMessagingHo st.exe, In Quarantaine, [4455725786f5191dad10efbef809ce32],
    PUP.Optional.ClientConnect, C:\Users\Kristof&Melissa\AppData\Local\Google\Chro me\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafj ahijbb\10.31.4.510_0\plugins\ChromeApiPlugin.dll, In Quarantaine, [b4e5c801ef8c92a45f5ee0cd768ba060],
    Hacktool.Agent, D:\Windows 7 Ultimate SP1 (64 Bit)\Windows 7 Activation.zip, In Quarantaine, [badfccfd84f738feb872471155acfc04],
    PUP.Optional.Trovi, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("browser.search.defaultenginename", "Trovi search"), Vervangen,[386184457ffc1620d832b76b7194a25e]
    PUP.Optional.Trovi, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("browser.search.selectedEngine", "Trovi search"), Vervangen,[455403c6eb909a9c42c948da798ce41c]
    PUP.Optional.Trovi.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("browser.startup.homepage", "http://www.trovi.com/?gd=&ctid=CT3330789&octid=EB_ORIGINAL_CTID&ISID=ME F17E71B-454C-4DDD-B00E-0EDC366A5AFE&SearchSource=55&CUI=&UM=6&UP=SPD03F8C 90-9E46-4EEA-8860-876F7A2E14B1&SSPV=&SSPV=&SSPV="), Vervangen,[1881e1e8621984b25f39071ba75e9a66]
    PUP.Optional.Babylon.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.BabylonToolbar.prtkDS", 0), Vervangen,[02971bae5823a59114f5859e7c893bc5]
    PUP.Optional.Babylon.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0), Vervangen,[e7b249807803e3534ebba97a62a309f7]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.admin", false), Vervangen,[7b1efdccbfbcd75f6ca4a28109fc3ec2]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.aflt", "babsst"), Vervangen,[b1e8b712f4877abc3ed2dd4617eeff01]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"), Vervangen,[bddca52435462e08da36cf5446bfca36]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.autoRvrt", "false"), Vervangen,[0a8f94356714b5819a765ac950b560a0]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.dfltLng", "nl"), Vervangen,[910875541a618fa722eeae7507fe6a96]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.excTlbr", false), Vervangen,[68315f6a4635d2648c84c55e3acbd12f]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.ffxUnstlRst", true), Vervangen,[4a4f428782f941f5fb15051ee61fe51b]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.id", "247367ff0000000000009cb70d80d2f4"), Vervangen,[7a1f5178b2c96fc7858bc45ff1141ae6]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.instlDay", "15961"), Vervangen,[94058346245756e046ca45dec5406b95]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.instlRef", "sst"), Vervangen,[b0e9dced601bf44236daa281c342ec14]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.newTab", false), Vervangen,[4851a2276d0e60d666aae93aa65f1ee2]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.prdct", "delta"), Vervangen,[a0f96b5e522953e3050b26fdc342c838]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.prtnrId", "delta"), Vervangen,[475298315e1dbb7b7f9144dfa164e21e]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.rvrt", "false"), Vervangen,[fc9d3693423963d3ee226eb5e520b44c]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.smplGrp", "none"), Vervangen,[2178fccd7dfe2313070947dca16456aa]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.tlbrId", "base"), Vervangen,[f6a37a4f6e0d4de9848cef34e4213ac6]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.tlbrSrchUrl", ""), Vervangen,[8f0ad4f5fa8137ffa56b47dc28dd619f]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsn", "1.8.24.6"), Vervangen,[3a5fffcac4b76dc99b755cc75ca9ff01]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsnTs", "1.8.24.619:19:55"), Vervangen,[6633c2072c4f2e08d13fc55e44c17c84]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsni", "1.8.24.6"), Vervangen,[0594e6e384f7f34328e8bb681ce9728e]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.babExt", ""), Vervangen,[fd9c53767605280e41cf49daaf567888]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.babTrack", "affID=119293&tsp=5004"), Vervangen,[fa9fd3f6d1aa6bcbff1175ae6f962dd3]
    PUP.Optional.Delta.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.srcExt", "ss"), Vervangen,[b4e54980f38873c3bc544fd4f015a759]
    PUP.Optional.Conduit.A, C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSourc e=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPC4A398D6-11F2-4F14-8904-781F33ADDD7C"), Vervangen,[7d1c92374635ff3724338b981ce9fe02]

    Fysieke Sectoren: 0
    (No malicious items detected)


    (end)

  6. #5
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Hey,

    MBAM heeft al heel wat verwijderd zie ik. Nu gaan we nog even checken:

    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Download AdwCleaner by Xplode naar het bureaublad.




    • Sluit alle openstaande vensters.
    • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
    • Voor XP: Gewoon dubbelklikken op AdwCleaner.
    • Klik vervolgens op Verwijderen.
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK



    Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
    Nadat de PC opnieuw is opgestart, opent een logfile.
    Post aansluitend de inhoud van dit log in je volgende bericht.

  7. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    liejp ( 7 September 2014)

  8. #6
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts
    Fantastisch toch, pro's zoals jullie!!!!

    # AdwCleaner v3.309 - Rapport aangemaakt 07/09/2014 op 08:15:47
    # Laatste Update 02/09/2014 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruikersnaam : Kristof&Melissa - KRISTOF_MELISSA
    # Gestart vanuit : C:\Users\Kristof&Melissa\Desktop\adwcleaner_3.309. exe
    # Optie : Verwijderen

    ***** [ Services ] *****

    [#] Service Verwijderd : BrowserProtect

    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\Babylon
    Map Verwijderd : C:\ProgramData\BetterSoft
    Map Verwijderd : C:\ProgramData\BrowserProtect
    Map Verwijderd : C:\ProgramData\continuetosave
    Map Verwijderd : C:\ProgramData\Premium
    Map Verwijderd : C:\ProgramData\SoftSafe
    Map Verwijderd : C:\ProgramData\StarApp
    Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
    Map Verwijderd : C:\Program Files (x86)\Claro LTD
    Map Verwijderd : C:\Program Files (x86)\Conduit
    Map Verwijderd : C:\Program Files (x86)\EasyLife
    Map Verwijderd : C:\Program Files (x86)\mixidj
    Map Verwijderd : C:\Program Files (x86)\Mobogenie
    Map Verwijderd : C:\Program Files (x86)\SimilarSites
    Map Verwijderd : C:\Program Files (x86)\SimpleSpeedy
    Map Verwijderd : C:\Windows\SysWOW64\SearchProtect
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Local\Conduit
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Local\genienext
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Local\Mobogenie
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\LocalLow\Claro LTD
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\LocalLow\Conduit
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\LocalLow\continue tosave
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\LocalLow\Delta
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\LocalLow\mixidj
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\CRMixiDJT B
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\goforfile s
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\Systweak
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Mobogenie
    Map Verwijderd : C:\Users\Kristof&Melissa\Documents\Mobogenie
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\Extensions\50e1a5 3e3f9d5@50e1a53e3fa0e.com
    Map Verwijderd : C:\Users\Kristof&Melissa\AppData\Local\Google\Chro me\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafj ahijbb
    Bestand Verwijderd : C:\Users\Kristof&Melissa\AppData\Local\CRE\cjofdnh dkbflacojpfpkchgafjahijbb.crx
    Bestand Verwijderd : C:\Windows\System32\roboot64.exe
    Bestand Verwijderd : C:\Users\Kristof&Melissa\daemonprocess.txt
    Bestand Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\searchplugins\Eas yLife.xml
    Bestand Verwijderd : C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\user.js

    ***** [ Taken ] *****

    Taak Verwijderd : BackgroundContainer Startup Task
    Taak Verwijderd : GoforFilesUpdate

    ***** [ Snelkoppelingen ] *****

    Snelkoppeling Gedesinfecteerd : C:\Users\Kristof&Melissa\Desktop\Search.lnk

    ***** [ Register ] *****

    Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbf lacojpfpkchgafjahijbb
    Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbf lacojpfpkchgafjahijbb
    Sleutel Verwijderd : HKCU\Software\Classes\pokki
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\*\shell\filescout
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.claroappCore
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.claroappCore.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.clarodskBnd
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.clarodskBnd.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.claroHlpr
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\claro.claroHlpr.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.claroESrvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI 32
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMAN CS
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
    Sleutel Verwijderd : HKCU\Software\592d9dab23bba17
    Sleutel Verwijderd : HKLM\SOFTWARE\592d9dab23bba17
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\SP_a8235b05
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\SP_ccfde35c
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\SP_e14dcdfa
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_vlc-media-player_RASAPI32
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_vlc-media-player_RASMANCS
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C07E348-8E94-4BF5-B776-CBDD989AE572}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25351791-8786-4227-83B8-CAFF0DF63B5F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
    Sleutel Verwijderd : HKCU\Software\BABSOLUTION
    Sleutel Verwijderd : HKCU\Software\Claro LTD
    Sleutel Verwijderd : HKCU\Software\Delta
    Sleutel Verwijderd : HKCU\Software\filescout
    Sleutel Verwijderd : HKCU\Software\GoforFiles
    Sleutel Verwijderd : HKCU\Software\InstallCore
    Sleutel Verwijderd : HKCU\Software\mixidj
    Sleutel Verwijderd : HKCU\Software\Softonic
    Sleutel Verwijderd : HKCU\Software\systweak
    Sleutel Verwijderd : HKCU\Software\uTorrentBar_NL
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\BackgroundContai ner
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchSco pes
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\uTorrentBar_NL
    Sleutel Verwijderd : HKLM\SOFTWARE\AVG Secure Search
    Sleutel Verwijderd : HKLM\SOFTWARE\Babylon
    Sleutel Verwijderd : HKLM\SOFTWARE\Claro LTD
    Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
    Sleutel Verwijderd : HKLM\SOFTWARE\Delta
    Sleutel Verwijderd : HKLM\SOFTWARE\GoforFiles
    Sleutel Verwijderd : HKLM\SOFTWARE\mixidj
    Sleutel Verwijderd : HKLM\SOFTWARE\SP Global
    Sleutel Verwijderd : HKLM\SOFTWARE\SProtector
    Sleutel Verwijderd : HKLM\SOFTWARE\uTorrentBar_NL
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\claro
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\mixidj
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Mobogenie
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\continuetosave
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17239

    Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v31.0 (x86 nl)

    [ Bestand : C:\Users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\prefs.js ]

    Regel verwijderd : user_pref("aol_toolbar.default.homepage.check", false);
    Regel verwijderd : user_pref("aol_toolbar.default.search.check", false);
    Regel verwijderd : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSourc e=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPC4A398D6-11F2-4F14-8904-781F33ADDD7C");
    Regel verwijderd : user_pref("browser.search.defaultenginename", "Trovi search");
    Regel verwijderd : user_pref("browser.search.selectedEngine", "Trovi search");
    Regel verwijderd : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3330789&octid=EB_ORIGINAL_CTID&ISID=ME F17E71B-454C-4DDD-B00E-0EDC366A5AFE&SearchSource=55&CUI=&UM=6&UP=SPD03F8C 90-9E46-4EEA-8860[...]
    Regel verwijderd : user_pref("extensions.5095691e0567c.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"su[...]
    Regel verwijderd : user_pref("extensions.50e1a53e3fa81.scode", "(function(){if(window.self.location.hostname.inde xOf(\"acebook.co\")>-1){return};if(window.top==window.self){new function(){if(!document.getElementById(\"_[...]
    Regel verwijderd : user_pref("extensions.BabylonToolbar.prtkDS", 0);
    Regel verwijderd : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Regel verwijderd : user_pref("extensions.delta.admin", false);
    Regel verwijderd : user_pref("extensions.delta.aflt", "babsst");
    Regel verwijderd : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
    Regel verwijderd : user_pref("extensions.delta.autoRvrt", "false");
    Regel verwijderd : user_pref("extensions.delta.dfltLng", "nl");
    Regel verwijderd : user_pref("extensions.delta.excTlbr", false);
    Regel verwijderd : user_pref("extensions.delta.ffxUnstlRst", true);
    Regel verwijderd : user_pref("extensions.delta.id", "247367ff0000000000009cb70d80d2f4");
    Regel verwijderd : user_pref("extensions.delta.instlDay", "15961");
    Regel verwijderd : user_pref("extensions.delta.instlRef", "sst");
    Regel verwijderd : user_pref("extensions.delta.newTab", false);
    Regel verwijderd : user_pref("extensions.delta.prdct", "delta");
    Regel verwijderd : user_pref("extensions.delta.prtnrId", "delta");
    Regel verwijderd : user_pref("extensions.delta.rvrt", "false");
    Regel verwijderd : user_pref("extensions.delta.smplGrp", "none");
    Regel verwijderd : user_pref("extensions.delta.tlbrId", "base");
    Regel verwijderd : user_pref("extensions.delta.tlbrSrchUrl", "");
    Regel verwijderd : user_pref("extensions.delta.vrsn", "1.8.24.6");
    Regel verwijderd : user_pref("extensions.delta.vrsnTs", "1.8.24.619:19:55");
    Regel verwijderd : user_pref("extensions.delta.vrsni", "1.8.24.6");
    Regel verwijderd : user_pref("extensions.delta_i.babExt", "");
    Regel verwijderd : user_pref("extensions.delta_i.babTrack", "affID=119293&tsp=5004");
    Regel verwijderd : user_pref("extensions.delta_i.srcExt", "ss");
    Regel verwijderd : user_pref("sweetim.toolbar.previous.browser.startu p.homepage", "");
    Regel verwijderd : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
    Regel verwijderd : user_pref("sweetim.toolbar.searchguard.UserRejecte dGuard_DS", "");
    Regel verwijderd : user_pref("sweetim.toolbar.searchguard.UserRejecte dGuard_HP", "");
    Regel verwijderd : user_pref("sweetim.toolbar.searchguard.enable", "");

    -\\ Google Chrome v37.0.2062.103

    [ Bestand : C:\Users\Kristof&Melissa\AppData\Local\Google\Chro me\User Data\Default\preferences ]

    Verwijderd [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID &SearchSource=58&CUI=&UM=2&UP=SPC4A398D6-11F2-4F14-8904-781F33ADDD7C&q={searchTerms}
    Verwijderd [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=24739CB70D80D 2F4&affID=119293&tsp=5004

    *************************

    AdwCleaner[R0].txt - [17549 octets] - [07/09/2014 08:11:53]
    AdwCleaner[S0].txt - [16952 octets] - [07/09/2014 08:15:47]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17013 octets] ##########

  9. #7
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Nog problemen nu?

  10. #8
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts
    ja ik krijg pop-up schermen int russisch die een zogezegd bericht van een website weergeven. In de stijl van www.XXXX sent you this message: (en dan nen hoop russische tekens). Er staat een ok knop onder, maar daar blijf ik wijselijk af, ik klik gewoon op pagina terug en dan ist weg voor een tijdje.

  11. #9
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Daar vreesde ik al voor!

    Download ComboFix van één van deze locaties:
    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op
    • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
      Klik hier
      Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
    • Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.
    • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
      **Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.
    • Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.



    Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:



    Klik op Ja om verder te gaan met het scannen naar malware.

    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

  12. #10
    Up-to-date  
    Geregistreerd
    9 June 2006
    Berichten
    70
    Bedankjes
    9
    Bedankt
    2 keer in 2 posts
    ComboFix 14-09-05.01 - Kristof&Melissa 07/09/2014 9:30.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.12174.8661 [GMT 2:00]
    Gestart vanuit: c:\users\Kristof&Melissa\Desktop\ComboFix.exe
    AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    D:\install.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2014-08-07 to 2014-09-07 ))))))))))))))))))))))))))))))
    .
    .
    2014-09-07 07:42 . 2014-09-07 07:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2014-09-07 07:42 . 2014-09-07 07:42 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-09-07 06:13 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
    2014-09-07 06:11 . 2014-09-07 06:16 -------- d-----w- C:\AdwCleaner
    2014-09-06 06:59 . 2014-09-06 06:59 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C73C0B4B-FC24-4320-A946-76779809552D}\offreg.dll
    2014-09-06 06:52 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C73C0B4B-FC24-4320-A946-76779809552D}\mpengine.dll
    2014-09-05 08:32 . 2014-09-07 06:21 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-09-05 08:32 . 2014-09-06 13:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
    2014-09-05 08:32 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-09-05 08:32 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-09-05 06:31 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2014-08-29 06:28 . 2014-08-21 13:29 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3AED265A-44DA-4C35-9BE8-9011A2E925A6}\gapaengine.dll
    2014-08-28 01:27 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
    2014-08-28 01:27 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
    2014-08-28 01:27 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
    2014-08-26 12:21 . 2014-08-26 15:48 -------- d-----w- c:\windows\xxclone.arc
    2014-08-26 12:21 . 2014-08-26 12:21 -------- d-----w- c:\program files\XXCLONE
    2014-08-26 11:34 . 2014-08-26 11:34 -------- d-----w- c:\users\Kristof&Melissa\AppData\Roaming\Genie-Soft
    2014-08-26 11:33 . 2014-08-26 11:33 -------- d-----w- c:\program files\Genie9
    2014-08-26 11:22 . 2014-08-26 11:22 -------- d-----w- c:\program files (x86)\Common Files\Memeo
    2014-08-26 11:21 . 2014-08-26 11:21 -------- d-----w- c:\program files (x86)\Memeo
    2014-08-26 10:35 . 2013-03-16 10:52 189000 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys
    2014-08-26 10:35 . 2013-03-16 10:49 48200 ----a-w- c:\windows\system32\drivers\EUBKMON.sys
    2014-08-26 10:35 . 2013-03-16 10:43 18504 ----a-w- c:\windows\system32\drivers\eudskacs.sys
    2014-08-26 10:35 . 2013-03-16 10:40 58952 ----a-w- c:\windows\system32\drivers\eubakup.sys
    2014-08-26 10:24 . 2013-03-16 10:58 24136 ----a-w- c:\windows\system32\fbnative.exe
    2014-08-26 10:15 . 2014-08-26 10:15 -------- d-----w- c:\windows\Downloaded Installations
    2014-08-26 10:14 . 2014-08-26 10:14 -------- d-----w- c:\windows\SysWow64\URTTEMP
    2014-08-26 09:38 . 2014-08-26 09:38 367200 ----a-w- c:\windows\system32\drivers\afcdp.sys
    2014-08-26 09:38 . 2014-08-26 09:38 1464096 ----a-w- c:\windows\system32\drivers\tdrpman.sys
    2014-08-26 09:38 . 2014-08-26 09:38 198432 ----a-w- c:\windows\system32\drivers\tib_mounter.sys
    2014-08-26 09:38 . 2014-08-26 09:38 1120032 ----a-w- c:\windows\system32\drivers\tib.sys
    2014-08-26 09:38 . 2014-08-26 09:38 161568 ----a-w- c:\windows\system32\drivers\vididr.sys
    2014-08-26 09:38 . 2014-08-26 09:38 117024 ----a-w- c:\windows\system32\drivers\vidsflt.sys
    2014-08-26 09:38 . 2014-08-26 09:38 269600 ----a-w- c:\windows\system32\drivers\snapman.sys
    2014-08-26 09:38 . 2014-08-26 09:38 116000 ----a-w- c:\windows\system32\drivers\fltsrv.sys
    2014-08-26 09:37 . 2014-08-26 09:38 -------- d-----w- c:\program files (x86)\Common Files\Acronis
    2014-08-26 09:37 . 2014-08-26 09:37 -------- d-----w- c:\program files (x86)\Acronis
    2014-08-26 09:22 . 2014-08-26 09:22 -------- d-----w- c:\users\Kristof&Melissa\AppData\Roaming\Leadertec h
    2014-08-22 10:00 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
    2014-08-22 10:00 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
    2014-08-22 10:00 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
    2014-08-22 10:00 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
    2014-08-22 10:00 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
    2014-08-22 10:00 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
    2014-08-22 10:00 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
    2014-08-22 10:00 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
    2014-08-22 10:00 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
    2014-08-22 10:00 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
    2014-08-22 09:59 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
    2014-08-22 09:59 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
    2014-08-22 09:59 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
    2014-08-22 09:59 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
    2014-08-21 18:03 . 2014-08-21 18:03 -------- d-sh--w- c:\users\Kristof&Melissa\AppData\Local\EmieUserLis t
    2014-08-21 18:03 . 2014-08-21 18:03 -------- d-sh--w- c:\users\Kristof&Melissa\AppData\Local\EmieSiteLis t
    2014-08-21 11:25 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
    2014-08-21 11:25 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
    2014-08-21 11:25 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
    2014-08-21 11:25 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
    2014-08-21 11:25 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
    2014-08-21 11:25 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
    2014-08-21 11:24 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
    2014-08-21 11:24 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2014-08-17 18:36 . 2014-07-25 13:49 10747904 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
    2014-08-17 18:36 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
    2014-08-17 18:36 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
    2014-08-17 18:36 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
    2014-08-17 18:36 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
    2014-08-12 23:00 . 2014-08-12 23:00 4575232 ----a-w- c:\windows\SysWow64\GPhotos.scr
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2014-09-07 06:18 . 2012-10-30 15:13 380 ----a-w- c:\users\Kristof&Melissa\AppData\Roaming\sp_data.s ys
    2014-08-29 06:41 . 2011-03-29 01:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\pp crlconfig600.dll
    2014-08-21 13:29 . 2014-04-05 08:31 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2014-08-21 12:31 . 2012-11-02 09:28 99218768 ----a-w- c:\windows\system32\MRT.exe
    2014-07-09 15:51 . 2012-10-31 18:05 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-09 15:51 . 2012-10-31 18:05 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-07-01 23:29 . 2014-07-12 08:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2014-06-18 02:18 . 2014-07-09 15:55 692736 ----a-w- c:\windows\system32\osk.exe
    2014-06-18 01:51 . 2014-07-09 15:55 646144 ----a-w- c:\windows\SysWow64\osk.exe
    2014-06-17 14:21 . 2014-06-17 14:21 235800 ----a-w- c:\windows\system32\drivers\avgldx64.sys
    2014-06-17 14:07 . 2014-06-17 14:07 328984 ----a-w- c:\windows\system32\drivers\avgloga.sys
    2014-06-17 14:06 . 2014-06-17 14:06 269080 ----a-w- c:\windows\system32\drivers\avgtdia.sys
    2014-06-17 14:06 . 2014-06-17 14:06 190744 ----a-w- c:\windows\system32\drivers\avgidsha.sys
    2014-06-17 14:06 . 2014-06-17 14:06 242968 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
    2014-06-17 14:06 . 2014-06-17 14:06 153368 ----a-w- c:\windows\system32\drivers\avgdiska.sys
    2014-06-17 14:06 . 2014-06-17 14:06 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
    2014-06-17 14:06 . 2014-06-17 14:06 31512 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
    2014-06-10 02:00 . 2014-06-10 02:00 2684256 ----a-w- c:\windows\system32\xxclone.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-08-28 1939136]
    "AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-11-15 1326408]
    "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
    "uTorrent"="c:\users\Kristof&Melissa\AppData\Roami ng\uTorrent\uTorrent.exe" [2014-07-22 802136]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-03-12 6563608]
    "GBMPro9Agent"="c:\program files\Genie9\Genie Backup Manager\GBMAgent.exe" [2012-05-29 250456]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
    "Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
    "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-19 3331312]
    "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
    "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2013-07-22 337432]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
    "Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-06-13 1743648]
    "BrowserPlugInHelper"="c:\program files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" [2013-12-09 1962896]
    "Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
    "AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
    "TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2014-02-04 7805936]
    "AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-10-10 1102192]
    "EaseUs Watch"="c:\program files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" [2013-03-16 70728]
    "EaseUs Tray"="c:\program files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" [2013-03-16 1372232]
    "Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2010-07-26 136416]
    .
    c:\users\Kristof&Melissa\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Startup\
    SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe -b0 [2014-1-3 103424]
    Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2013-8-8 641024]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-10-19 549040]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 A38CCID;CCID USB Smart Card Reader;c:\windows\system32\DRIVERS\a38ccid.sys;c:\ windows\SYSNATIVE\DRIVERS\a38ccid.sys [x]
    R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek \Run\cleanhlp64.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\ windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\ windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windo ws\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\ drivers\mwac.sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c :\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
    R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\pro gram files (x86)\Samsung\AllShare\AllShareSlideShowService.ex e;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.ex e [x]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\ windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\ windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c :\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c: \windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c: \windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgi dsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
    S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\ windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
    S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c: \windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c: \windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
    S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubaku p.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
    S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMO N.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
    S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys; c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c: \windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpc iflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\ windows\SYSNATIVE\Drivers\sptd.sys [x]
    S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\win dows\SYSNATIVE\DRIVERS\tib.sys [x]
    S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sy s;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
    S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\win dows\SYSNATIVE\DRIVERS\vididr.sys [x]
    S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\ windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
    S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64 .sys [x]
    S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
    S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c: \windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
    S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIV ERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c: \windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\ windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
    S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\euds kacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
    S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFd Disk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
    S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe; c:\windows\SYSNATIVE\FBAgent.exe [x]
    S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
    S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
    S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
    S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
    S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
    S2 Guard Agent;Guard Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [x]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\progr am files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
    S2 MemeoBackgroundService;MemeoBackgroundService;c:\p rogram files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe; c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
    S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe ;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
    S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [x]
    S2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe;c:\program files\Serviio\bin\ServiioService.exe [x]
    S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\progra m files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
    S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
    S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys; c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
    S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c :\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
    S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\Asus VBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
    S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\ AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVT ouch.sys [x]
    S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c: \windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys; c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
    S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys ;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
    S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\w indows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
    S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys; c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
    S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys ;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
    S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c :\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
    S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfi lter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\wind ows\SYSNATIVE\DRIVERS\ETD.sys [x]
    S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\ windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c: \windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c: \windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c :\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c: \windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-09-03 16:04 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.103\Inst aller\chrmstp.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2014-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2013-10-16 15:51]
    .
    2014-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-18 19:05]
    .
    2014-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-18 19:05]
    .
    2014-09-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    2014-09-06 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Ac ronisSyncError]
    @="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
    [HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
    2013-10-01 08:26 2810968 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Ac ronisSyncInProgress]
    @="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
    [HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
    2013-10-01 08:26 2810968 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Ac ronisSyncOk]
    @="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
    [HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
    2013-10-01 08:26 2810968 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_B]
    @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
    [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
    2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_O]
    @="{64174815-8D98-4CE6-8646-4C039977D808}"
    [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
    2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-12-29 1014432]
    "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-12-29 800416]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-01-08 172016]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-01-08 399856]
    "Persistence"="c:\windows\system32\igfxpers.ex e" [2013-01-08 441840]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
    "Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-07-18 518424]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = www.google.com
    mStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
    TCP: DhcpNameServer = 195.130.130.130 195.130.131.130
    FF - ProfilePath - c:\users\Kristof&Melissa\AppData\Roaming\Mozilla\F irefox\Profiles\z15iu9cw.default\
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-avast5 - c:\program files\Alwil Software\Avast5\avastUI.exe
    Wow6432Node-HKLM-Run-beid - c:\program files (x86)\Belgium Identity Card\beid35gui.exe
    SafeBoot-CleanHlp
    SafeBoot-CleanHlp.sys
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    Toolbar-Locked - (no file)
    HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
    AddRemove-Audio Converter - c:\program files (x86)\AudioConverter\Uninstall\Uninstall.exe
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macrome d\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUt il64_14_0_0_145_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2014-09-07 09:46:03
    ComboFix-quarantined-files.txt 2014-09-07 07:46
    .
    Pre-Run: 174.171.529.216 bytes beschikbaar
    Post-Run: 173.778.309.120 bytes beschikbaar
    .
    - - End Of File - - 9AFF1863A3B5373094F5E4A9D5C30484

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Tv reageert traag bij verbinden met tv dmv hdmi kabel
    Door italianboy in forum Mobiele & Home media
    Reacties: 7
    Laatste bericht: 17 January 2012, 23:27
  2. Vertraagde laptop met popups.
    Door frankie3 in forum HijackThis
    Reacties: 57
    Laatste bericht: 14 September 2010, 22:38
  3. Problemen met popups en algehele traagheid
    Door wout1976 in forum HijackThis
    Reacties: 1
    Laatste bericht: 27 May 2007, 20:37
  4. Probleem met popup
    Door Mulle in forum HijackThis
    Reacties: 1
    Laatste bericht: 18 January 2007, 17:29
  5. Traag en iets met winfixer ???
    Door ghost in forum HijackThis
    Reacties: 12
    Laatste bericht: 3 February 2006, 16:57

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •