Weergegeven resultaten: 1 t/m 8 van 8

Discussie: traag internet

Hybrid View

  1. #1
    Erelid   woepi's schermafbeelding
    Geregistreerd
    3 May 2005
    Locatie
    Peer
    Berichten
    4.099
    Bedankjes
    8.099
    Bedankt
    7.847 keer in 2.789 posts

    traag internet

    Denk dat mijn vrouw haar Facebook is gehackt, worden berichten gestuurd die zij niet aanmaakt.
    En internet is zeer traag sindsdien.

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Scandatum: 11/09/2016
    Scantijd: 9:56
    Logboekbestand:
    Beheerder: Ja


    Versie: 2.2.1.1043
    Malware-database: v2016.09.11.04
    Rootkit-database: v2016.08.15.01
    Licentie: Proef
    Malware-bescherming: Ingeschakeld
    Bescherming tegen kwaadaardige websites: Ingeschakeld
    Zelfbescherming: Uitgeschakeld


    Besturingssysteem: Windows 10
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Hugo


    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten gescand: 315966
    Verstreken tijd: 3 min, 35 sec


    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld


    Processen: 0
    (Geen kwaadaardige items gedetecteerd)


    Modules: 0
    (Geen kwaadaardige items gedetecteerd)


    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)


    Registerwaarden: 0
    (Geen kwaadaardige items gedetecteerd)


    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)


    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)


    Bestanden: 0
    (Geen kwaadaardige items gedetecteerd)


    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)



    (end)

    GMER 2.2.19882 - http://www.gmer.net
    Rootkit scan 2016-09-11 10:50:05
    Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c SAMSUNG_MZ7LF128HCHP-00000 rev.FXT0101Q 119,24GB
    Running: hj3rusqr.exe; Driver: C:\Users\Hugo\AppData\Local\Temp\fwedapow.sys



    ---- User code sections - GMER 2.2 ----


    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!Ext ractEmailAddress + 4 000000005af10632 2 bytes JMP 120d0026
    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!OAu th2 + 4 000000005af10642 2 bytes JMP 120d0046
    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!Get Token + 4 000000005af10652 2 bytes JMP 120d0066
    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!Dec odeBase64 + 4 000000005af10662 2 bytes JMP 120d0086
    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!WCG etChoise + 4 000000005af10672 2 bytes JMP 120d00a6
    .text C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe[8056] C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll!WCG etToken + 4 000000005af10682 2 bytes JMP 120d00c6


    ---- Threads - GMER 2.2 ----


    Thread C:\WINDOWS\system32\csrss.exe [576:636] fffff96140d14030


    ---- Registry - GMER 2.2 ----


    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1247922525
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 5348
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 15036
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 80
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 820
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 10865
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 46
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 86
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 356
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 10998
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 187
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 157
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeMapTime 13
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAllocateTime 1
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 11686
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 11708
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 14372
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 11703
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 15033
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 15004
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 19
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 17906
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 1916
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 7
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 2
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 633
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 31
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 498367
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0xF8 0x09 0x03 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 36875
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0x51 0x41 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 56
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 409
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 124
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumTime 161
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberChecksumIoTime 20
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumTime 124
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelChecksumIoTime 9
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 294
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 8317
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0x44 0x68 0x47 0x05 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Pa rameters\Isatap\{46D3AFD2-FC90-4782-A7EA-ACEBB9FF2C5C}@DefunctTimestamp 0x00 0xFC 0xD4 0x57 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Te redo\PreviousState\5c-35-3b-7a-76-7c@AddressCreationTimestamp 0x69 0x8D 0xE5 0x0D ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Epoch@Epoch 38755
    Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Epoch2@Epoch 5547
    Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules@{716EA47 5-1836-4C32-A142-CC6FCE55607A} v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=58| ICMP6=128:*|App=System|Name=@IpHlpSvc.dll,-502|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
    Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules@{B42760A 9-4218-447B-B6A2-920DBC1F397D} v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=58 |ICMP6=128:*|Name=@IpHlpSvc.dll,-503|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
    Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{668f750d-9918-4831-90db-41528105942a}@LeaseObtainedTime 1473581102
    Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{668f750d-9918-4831-90db-41528105942a}@T1 1473582684
    Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{668f750d-9918-4831-90db-41528105942a}@T2 1473584034
    Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{668f750d-9918-4831-90db-41528105942a}@LeaseTerminatesTime 1473584702
    Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Para meters\Interfaces\{668f750d-9918-4831-90db-41528105942a}@Dhcpv6InformationObtainedTime 1473576036
    Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Sec ureTimeLimits@SecureTimeConfidence 6
    Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Sec ureTimeLimits@SecureTimeEstimated 0xA5 0x6D 0x97 0x17 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Sec ureTimeLimits@SecureTimeHigh 0xA5 0xD5 0x5B 0x79 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Sec ureTimeLimits@SecureTimeLow 0xA5 0x05 0xD3 0xB5 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Sec ureTimeLimits@SecureTimeTickCount 0x5B 0x4E 0x60 0x00 ...
    Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw 0x64 0x62 0x03 0x00 ...
    Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw Mask 0x64 0x62 0x03 0x00 ...
    Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Count 4
    Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Sea rch@JumpListChangedAppIds Chrome?


    ---- Disk sectors - GMER 2.2 ----


    Disk \Device\Harddisk0\DR0 unknown MBR code


    ---- EOF - GMER 2.2 ----

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.10586.545
    Run by Hugo at 10:52:11 on 2016-09-11
    Microsoft Windows 10 Home 10.0.10586.0.1252.32.1043.18.8129.5000 [GMT 2:00]
    .
    AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\system32\dwm.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\WINDOWS\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\Antivirus\sched.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
    C:\WINDOWS\System32\svchost.exe -k utcsvc
    C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    C:\Program Files (x86)\Online Games Manager\ogmservice.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\WINDOWS\system32\svchost.exe -k appmodel
    C:\WINDOWS\system32\dashost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    C:\WINDOWS\system32\sihost.exe
    C:\Windows\System32\RuntimeBroker.exe
    D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0 _x86__8wekyb3d8bbwe\SkypeHost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe
    C:\Program Files\CCleaner\CCleaner64.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\WINDOWS\system32\taskhostw.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\WINDOWS\system32\fontdrvhost.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    C:\WINDOWS\system32\ApplicationFrameHost.exe
    C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722. 10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    C:\Program Files (x86)\BlueStacks\HD-Service.exe
    C:\Program Files (x86)\BlueStacks\HD-Network.exe
    C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
    C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\MicrosoftEdge.exe
    C:\WINDOWS\system32\browser_broker.exe
    C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\microsoftedgecp.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\Program Files\Windows Defender\MpCmdRun.exe
    C:\Program Files\Windows Defender\MpCmdRun.exe
    C:\Program Files\Windows Defender\MpCmdRun.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\SoftwareDistribution\Download\Install\N IS_Delta_Patch.exe
    C:\WINDOWS\system32\MpSigStub.exe
    C:\WINDOWS\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uLocal Page = %11%\blank.htm
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    uRun: [OneDrive] "C:\Users\Hugo\AppData\Local\Microsoft\OneDrive\On eDrive.exe" /background
    uRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
    mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe "
    mRun: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    StartupFolder: C:\Users\Hugo\AppData\Roaming\MICROS~1\Windows\STA RTM~1\Programs\Startup\MAILWA~1.LNK - C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe
    StartupFolder: C:\Users\Hugo\AppData\Roaming\MICROS~1\Windows\STA RTM~1\Programs\Startup\MAILWA~2.LNK - C:\Program Files (x86)\Firetrust\MailWasher\MailWasher.exe
    StartupFolder: C:\Users\Hugo\AppData\Roaming\MICROS~1\Windows\STA RTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    StartupFolder: C:\Users\Hugo\AppData\Roaming\MICROS~1\Windows\STA RTM~1\Programs\Startup\ROLLER~1.LNK - C:\Users\Hugo\AppData\Local\Temp\{84AC93D5-431F-42C0-ABF6-2FC82792D583}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
    mPolicies-Explorer: ConfirmFileDelete = dword:1
    mPolicies-System: DSCAutomationHostEnabled = dword:2
    IE: &Verzenden naar OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    TCP: NameServer = 195.130.130.3 195.130.131.3
    TCP: Interfaces\{668f750d-9918-4831-90db-41528105942a} : DHCPNameServer = 195.130.130.3 195.130.131.3
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    LSA: Security Packages = ""
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
    x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [Corel Update Helper] "d:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe" /t
    x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSyst emStart
    x64-mPolicies-Explorer: ConfirmFileDelete = dword:1
    x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
    x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
    x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
    x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
    x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStor A.sys [2015-6-24 1455552]
    R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrust edRT.sys [2015-10-30 106520]
    R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrusted RTProxy.sys [2015-10-30 17944]
    R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
    R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
    R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.s ys [2015-12-11 35488]
    R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\ drivers\CLVirtualDrive.sys [2015-7-21 91912]
    R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\fi lecrypt.sys [2016-5-11 87552]
    R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sy s [2015-10-30 8192]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-12-11 470600]
    R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-12-11 470600]
    R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgn tflt.sys [2015-12-11 144664]
    R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-8-4 320672]
    R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avne tflt.sys [2015-12-11 78208]
    R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2016-3-22 154680]
    R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2016-3-22 417304]
    R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2016-3-22 917016]
    R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-6-23 2267352]
    R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\Sy stem32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
    R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
    R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-21 1163200]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-24 18856]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
    R2 MBAMScheduler;MBAMScheduler;D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-9-2 1514464]
    R2 MBAMService;MBAMService;D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-9-2 1136608]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-21 1879488]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-21 4812736]
    R2 ogmservice;Online Games Manager;C:\Program Files (x86)\Online Games Manager\ogmservice.exe [2016-7-13 582544]
    R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-4-30 337776]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-9-5 426040]
    R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
    R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
    R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    R3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2016-3-22 437784]
    R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    R3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
    R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\dr ivers\mbam.sys [2016-9-2 27008]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\dr ivers\MBAMSwissArmy.sys [2016-9-2 192216]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDO WS\System32\drivers\mwac.sys [2016-9-2 65408]
    R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtual Bus.sys [2015-10-30 20480]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-21 26560]
    R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-21 6308288]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2016-9-5 47760]
    R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-21 886528]
    R3 RtlWlanu;Realtek draadloze LAN 802.11n USB 2.0-netwerkadapter;C:\WINDOWS\System32\drivers\rtwlanu .sys [2015-10-30 3764736]
    R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
    R3 UEFI;Microsoft UEFI-stuurprogramma;C:\WINDOWS\System32\drivers\uefi.sy s [2015-10-30 28512]
    R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
    R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\ WUDFRd.sys [2015-10-30 216064]
    S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-12-11 989696]
    S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-12-11 1454720]
    S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
    S2 KMService;KMService;C:\WINDOWS\System32\srvany.exe --> C:\WINDOWS\System32\srvany.exe [?]
    S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
    S3 A38CCID;CCID USB Smart Card Reader;C:\WINDOWS\System32\drivers\a38ccid.sys [2015-8-19 82480]
    S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80x x.sys [2015-10-30 1135456]
    S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
    S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
    S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
    S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
    S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
    S3 buttonconverter;Service voor Portable Device Control-apparaten;C:\WINDOWS\System32\drivers\buttonconver ter.sys [2015-10-30 37376]
    S3 CapImg;HID-stuurprogramma voor CapImg-touchscreen;C:\WINDOWS\System32\drivers\capimg.sys [2016-1-21 117248]
    S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
    S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\ System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2015-12-8 122160]
    S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector-service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHu b.StandardCollector.Service.exe [2015-10-30 31744]
    S3 DmEnrollmentSvc;Registratieservice voor Apparaatbeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\ svchost.exe -k netsvcs [2015-10-30 43944]
    S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svch ost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
    S3 genericusbfn;Algemene USB-functieklasse;C:\WINDOWS\System32\drivers\genericu sbfn.sys [2015-10-30 20992]
    S3 hidinterrupt;Algemeen stuurprogramma voor HID-knoppen waarvoor interrupts zijn geïmplementeerd;C:\WINDOWS\System32\drivers\hidin terrupt.sys [2015-10-30 50016]
    S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
    S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
    S3 iaLPSSi_GPIO;Stuurprogramma van Intel(R) Serial IO GPIO-controller;C:\WINDOWS\System32\drivers\iaLPSSi_GPI O.sys [2015-10-30 38128]
    S3 iaLPSSi_I2C;Stuurprogramma voor Intel(R) Serial IO I2C-controller;C:\WINDOWS\System32\drivers\iaLPSSi_I2C .sys [2015-10-30 113152]
    S3 iaStorAV;Intel(R) SATA RAID-controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
    S3 ibbus;Mellanox InfiniBand Bus/AL (filterstuurprogramma);C:\WINDOWS\System32\drivers \ibbus.sys [2015-10-30 424800]
    S3 icssvc;Windows Mobiele hotspotservice;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
    S3 intelpep;Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing ;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
    S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
    S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\ls i_sas2i.sys [2015-10-30 104800]
    S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\ls i_sas3i.sys [2015-10-30 99168]
    S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sy s [2015-10-30 705376]
    S3 ndfltr;NetworkDirect-service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
    S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
    S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\pe rcsas2i.sys [2015-10-30 58208]
    S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\pe rcsas3i.sys [2015-10-30 58720]
    S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.s ys [2015-10-30 930656]
    S3 RetailDemo;Retaildemoservice;C:\WINDOWS\System32\s vchost.exe -k netsvcs [2015-10-30 43944]
    S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
    S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
    S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
    S3 SmsRouter;Microsoft Windows SMS Router-service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-12-8 214832]
    S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
    S3 storufs;Microsoft Universal Flash Storage (UFS)-stuurprogramma;C:\WINDOWS\System32\drivers\storufs .sys [2015-10-30 34144]
    S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineServic e.exe [2015-10-30 290304]
    S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488]
    S3 UcmUcsi;UCSI-client van USB-connectorbeheer;C:\WINDOWS\System32\drivers\UcmUcs i.sys [2015-10-30 46592]
    S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
    S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-6-15 258912]
    S3 UfxChipidea;Chipidea USB-controller;C:\WINDOWS\System32\drivers\UfxChipidea .sys [2015-10-30 94048]
    S3 ufxsynopsys;Synopsys USB-controller;C:\WINDOWS\System32\drivers\ufxsynopsys .sys [2016-5-11 131424]
    S3 UrsChipidea;Stuurprogramma voor Chipidea USB Role-Switch;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
    S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
    S3 UrsSynopsys;Stuurprogramma voor Synopsys USB Role-Switch;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
    S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 vhf;Virtual HID Framework (VHF)-stuurprogramma;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
    S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
    S3 WalletService;WalletService;C:\WINDOWS\System32\sv chost.exe -k appmodel [2015-10-30 43944]
    S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-13 694784]
    S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
    S3 WinMad;WinMad-service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
    S3 WinVerbs;WinVerbs-service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
    S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
    S3 XblAuthManager;Xbox Live-verificatiebeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 XblGameSave;Games opslaan op Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-2 238592]
    S3 XboxNetApiSvc;Netwerkservice van Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
    S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-13 26112]
    S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    S4 tzautoupdate;Updater van automatische tijdzone;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2016-09-11 08:52:12 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7CA7AED3-D031-4848-88E4-1FBAD53F3F84}\gapaengine.dll
    2016-09-09 19:13:13 -------- d-----w- C:\Users\Hugo\AppData\Roaming\ZHP
    2016-09-05 08:40:42 134712 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
    2016-09-05 08:40:32 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
    2016-09-05 08:40:32 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
    2016-09-05 08:40:32 130848 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
    2016-09-05 08:40:32 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
    2016-09-05 08:40:28 -------- d-----w- C:\Program Files (x86)\VulkanRT
    2016-09-05 08:40:09 213952 ----a-w- C:\WINDOWS\System32\OpenCL.dll
    2016-09-05 08:40:09 203320 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
    2016-09-05 08:39:44 -------- d-----w- C:\WINDOWS\LastGood.Tmp
    2016-09-05 08:34:58 99472 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
    2016-09-05 08:34:58 90768 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
    2016-09-05 08:34:58 47760 ----a-w- C:\WINDOWS\System32\drivers\nvvad64v.sys
    2016-09-02 06:09:20 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    2016-09-02 06:09:02 65408 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
    2016-09-02 06:09:02 140672 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
    2016-09-02 06:09:01 27008 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2016-09-02 06:09:01 -------- d-----w- C:\ProgramData\Malwarebytes
    2016-09-01 13:03:24 -------- d---a-w- C:\Program Files\CCleaner
    2016-08-30 09:38:51 -------- d-----w- C:\AdwCleaner
    2016-08-17 18:01:29 -------- d-----w- C:\Users\Hugo\AppData\Roaming\Atari
    2016-08-17 17:59:52 197120 ----a-w- C:\WINDOWS\patchw32.dll
    2016-08-17 17:59:52 -------- d-----w- C:\Program Files (x86)\Common Files\PocketSoft
    2016-08-17 17:57:07 692224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\iKernel.dll
    2016-08-17 17:57:07 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\ctor.dll
    2016-08-17 17:57:07 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\DotNetInstaller.exe
    2016-08-17 17:57:07 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps. dll
    2016-08-17 17:57:07 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\iscript.dll
    2016-08-17 17:57:07 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\iuser.dll
    2016-08-17 17:57:06 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\setup.dll
    2016-08-17 17:57:06 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\iGdi.dll
    .
    ==================== Find3M ====================
    .
    2016-08-27 19:52:16 14216760 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
    2016-08-25 21:12:08 6384064 ----a-w- C:\WINDOWS\System32\nvcpl.dll
    2016-08-25 21:12:08 2475064 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
    2016-08-25 21:12:07 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
    2016-08-25 21:12:07 71224 ----a-w- C:\WINDOWS\System32\nvshext.dll
    2016-08-25 21:12:07 548408 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
    2016-08-25 21:12:07 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
    2016-08-25 21:12:07 1764408 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
    2016-08-25 21:12:07 1362368 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
    2016-08-22 15:17:41 7320235 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
    2016-08-03 11:14:47 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
    2016-08-03 11:14:47 50368 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
    2016-08-03 11:14:47 1505984 ----a-w- C:\WINDOWS\System32\appraiser.dll
    2016-08-03 10:36:39 7469408 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
    2016-08-03 10:36:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
    2016-08-03 10:36:30 37744 ----a-w- C:\WINDOWS\System32\wldp.dll
    2016-08-03 10:23:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
    2016-08-03 10:23:42 693600 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
    2016-08-03 10:22:59 58408 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
    2016-08-03 10:22:53 465248 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
    2016-08-03 10:22:39 331616 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
    2016-08-03 10:22:10 808288 ----a-w- C:\WINDOWS\System32\WWAHost.exe
    2016-08-03 10:22:08 1322760 ----a-w- C:\WINDOWS\System32\ole32.dll
    2016-08-03 10:21:07 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
    2016-08-03 10:21:01 566112 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
    2016-08-03 10:20:08 1540224 ----a-w- C:\WINDOWS\System32\sppobjs.dll
    2016-08-03 10:20:04 692136 ----a-w- C:\WINDOWS\System32\sppwinob.dll
    2016-08-03 10:19:37 604928 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
    2016-08-03 10:19:36 161632 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
    2016-08-03 10:13:17 1988448 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
    2016-08-03 10:13:11 576864 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
    2016-08-03 10:13:10 393056 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
    2016-08-03 10:11:09 422744 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys
    2016-08-03 09:51:14 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
    2016-08-03 09:51:00 123392 ----a-w- C:\WINDOWS\System32\tdlrecover.exe
    2016-08-03 09:46:24 22384128 ----a-w- C:\WINDOWS\System32\edgehtml.dll
    2016-08-03 09:44:39 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
    2016-08-03 09:44:23 44544 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
    2016-08-03 09:44:03 189952 ----a-w- C:\WINDOWS\System32\MusNotification.exe
    2016-08-03 09:43:07 16985088 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
    2016-08-03 09:41:27 64000 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryClient. dll
    2016-08-03 09:41:25 59904 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryBroker. dll
    2016-08-03 09:40:54 58880 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
    2016-08-03 09:40:48 47616 ----a-w- C:\WINDOWS\System32\TpmTasks.dll
    2016-08-03 09:40:16 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
    2016-08-03 09:40:09 91136 ----a-w- C:\WINDOWS\System32\bthserv.dll
    2016-08-03 09:39:55 218624 ----a-w- C:\WINDOWS\System32\cdd.dll
    2016-08-03 09:39:43 104448 ----a-w- C:\WINDOWS\System32\BluetoothApis.dll
    2016-08-03 09:38:23 379392 ----a-w- C:\WINDOWS\System32\usocore.dll
    2016-08-03 09:38:22 412160 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
    2016-08-03 09:37:22 110080 ----a-w- C:\WINDOWS\System32\IdCtrls.dll
    2016-08-03 09:36:49 211456 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
    2016-08-03 09:36:28 198144 ----a-w- C:\WINDOWS\System32\winsrv.dll
    2016-08-03 09:35:56 200192 ----a-w- C:\WINDOWS\System32\WUDFPlatform.dll
    2016-08-03 09:35:15 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
    2016-08-03 09:33:57 339968 ----a-w- C:\WINDOWS\System32\SensorService.dll
    2016-08-03 09:33:37 285184 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
    2016-08-03 09:31:59 359936 ----a-w- C:\WINDOWS\System32\SensorsApi.dll
    2016-08-03 09:31:54 247296 ----a-w- C:\WINDOWS\System32\wevtutil.exe
    2016-08-03 09:31:38 506880 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
    2016-08-03 09:30:28 515072 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dl l
    2016-08-03 09:30:09 970752 ----a-w- C:\WINDOWS\System32\kerberos.dll
    2016-08-03 09:29:36 2127360 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
    2016-08-03 09:29:15 1500160 ----a-w- C:\WINDOWS\System32\RecoveryDrive.exe
    2016-08-03 09:29:09 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
    2016-08-03 09:28:40 529920 ----a-w- C:\WINDOWS\System32\LogonController.dll
    2016-08-03 09:28:22 1213440 ----a-w- C:\WINDOWS\System32\wwansvc.dll
    2016-08-03 09:27:58 1717760 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
    2016-08-03 09:27:45 7536640 ----a-w- C:\WINDOWS\System32\mstscax.dll
    2016-08-03 09:27:29 381952 ----a-w- C:\WINDOWS\System32\wuuhext.dll
    2016-08-03 09:18:57 6974464 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
    2016-08-03 09:18:20 1388032 ----a-w- C:\WINDOWS\System32\lsasrv.dll
    2016-08-03 09:18:16 2067968 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
    2016-08-03 09:17:10 2175488 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
    2016-08-03 09:16:43 2635776 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
    2016-08-03 09:16:30 3589120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
    2016-08-03 09:16:25 5123072 ----a-w- C:\WINDOWS\System32\dbgeng.dll
    2016-08-03 09:15:20 7833088 ----a-w- C:\WINDOWS\System32\Chakra.dll
    2016-08-03 09:14:04 1997824 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
    2016-08-03 09:14:02 4895232 ----a-w- C:\WINDOWS\System32\jscript9.dll
    2016-08-03 09:13:59 3025920 ----a-w- C:\WINDOWS\System32\wininet.dll
    2016-08-03 09:12:25 2746368 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll
    2016-08-03 09:11:25 4171264 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
    2016-08-03 05:52:28 34088 ----a-w- C:\WINDOWS\SysWow64\wldp.dll
    2016-08-03 05:34:16 501592 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
    2016-08-03 05:34:13 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
    2016-08-03 05:33:08 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
    2016-08-03 05:31:51 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
    2016-08-03 05:31:38 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
    2016-08-03 05:30:12 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
    2016-08-03 05:30:07 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
    2016-08-03 04:57:44 91648 ----a-w- C:\WINDOWS\SysWow64\tdlrecover.exe
    2016-08-03 04:48:25 51712 ----a-w- C:\WINDOWS\SysWow64\wshbth.dll
    2016-08-03 04:47:48 13018112 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
    2016-08-03 04:44:46 48128 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker. dll
    2016-08-03 04:44:45 48640 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient. dll
    2016-08-03 04:42:54 80896 ----a-w- C:\WINDOWS\SysWow64\BluetoothApis.dll
    2016-08-03 04:40:45 92160 ----a-w- C:\WINDOWS\SysWow64\IdCtrls.dll
    2016-08-03 04:37:22 219136 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
    2016-08-03 04:35:37 178688 ----a-w- C:\WINDOWS\SysWow64\wevtutil.exe
    .
    ============= FINISH: 10:52:25,62 ===============


  2. De volgende gebruiker bedankt woepi voor deze nuttige post:

    Obsessed (12 September 2016)

  3. #2
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Dag Woepie,

    probeer eens in FB via je activiteitenlogboek alles wissen dat je ziet staan van de laatste 48u.
    Daarna nog eens MBAM late runnen.
    Heeft ze een link van een video geopend die ze kreeg via Messenger op FB?

  4. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    woepi (11 September 2016)

  5. #3
    Erelid   woepi's schermafbeelding
    Geregistreerd
    3 May 2005
    Locatie
    Peer
    Berichten
    4.099
    Bedankjes
    8.099
    Bedankt
    7.847 keer in 2.789 posts
    Dag Rosty,

    Ze heeft inderdaad op een link geklikt.
    heb de activiteitenlogboek reeds gewist.
    Nadien MBAM laten scannen, niks gevonden.
    Zit nu op Edge en daar krijgt ze het niet voor, maar zodra dat we via chrome op Facebook gaan, worden er weer mails gestuurd met de virus link in.


  6. #4
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Dan zit er niets anders op dan chrome volledig te verwijderen, ook in het register, Woepie. Het virus heeft zich genesteld in chrome en telkens ze op FB gaat via Chrome gaat ze ongewild berichten versturen. Voorlopig is dit de beste oplossing. Zorg dat je alles wat je wil bijhouden van bladwijzers een link hebt.

    PS: waarom geen Firefox ipv Edge?
    Laatst gewijzigd door Rosty; 12 September 2016 om 17:37 Reden: PS

  7. De volgende 3 gebruikers bedanken Rosty voor deze nuttige post:

    falco (18 September 2016), Vincent ( 1 November 2016), woepi (12 September 2016)

  8. #5
    Erelid   woepi's schermafbeelding
    Geregistreerd
    3 May 2005
    Locatie
    Peer
    Berichten
    4.099
    Bedankjes
    8.099
    Bedankt
    7.847 keer in 2.789 posts
    Citaat Oorspronkelijk geplaatst door Rosty Bekijk bericht

    PS: waarom geen Firefox ipv Edge?
    Op Firefox hebben we sinds Windows 7 last met adobe flash player.

    Ga chrome verwijderen dank u voor de snelle hulp.


  9. #6
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Opgelost nu, woepi?

  10. #7
    Erelid   woepi's schermafbeelding
    Geregistreerd
    3 May 2005
    Locatie
    Peer
    Berichten
    4.099
    Bedankjes
    8.099
    Bedankt
    7.847 keer in 2.789 posts
    Ja is opgelost Rosty Thx


  11. #8
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Sorry voor de late reactie : graag gedaan! Hier gaat een slotje op.

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Traag internet
    Door MartijnVDD in forum Internet
    Reacties: 4
    Laatste bericht: 6 August 2006, 09:39
  2. Trage pc, traag internet. *zucht*
    Door Nikolas in forum HijackThis
    Reacties: 2
    Laatste bericht: 24 June 2006, 15:59
  3. traag internet
    Door elmago in forum HijackThis
    Reacties: 1
    Laatste bericht: 31 May 2006, 19:50
  4. traag internet
    Door andy vg in forum Internet
    Reacties: 3
    Laatste bericht: 10 December 2005, 22:54
  5. traag internet (versatel)
    Door Maxvg in forum Netwerken en internetproviders
    Reacties: 2
    Laatste bericht: 18 November 2005, 19:01

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •