Mededeling

Collapse
No announcement yet.

PC traag en pop-ups

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • PC traag en pop-ups

    Hoi,

    ik volgde de instructies 'PC opschonen' maar ondervind nog steeds hinder.

    Hierbij volgende logjes.

    Malwarebytes:

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2014.03.18.10

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16521
    Pieter Klingels :: PIETER [administrator]

    19/03/2014 0:50:39
    mbam-log-2014-03-19 (00-50-39).txt

    Scan type: Volledige scan (C:\|)
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 432022
    Verstreken tijd: 1 uur/uren, 19 minuut/minuten, 17 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 18
    HKCR\CLSID\{78690ef9-61f0-4e9f-8b69-eb18cf8ddb1b} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{1a0dadda-c58e-40c3-b314-62d279456199} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{74AC9E4C-CFF2-4269-8160-04D6ADBA8BC7} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78690EF9-61F0-4E9F-8B69-EB18CF8DDB1B} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{fd935d65-174f-4789-8ef7-22a1b5efad0b} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{1b9a01f4-ef87-4e63-8fa7-8cf7ee0b532d} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{9D8DDF55-B843-46CF-A221-F28490B8A806} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD935D65-174F-4789-8EF7-22A1B5EFAD0B} (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaViewV1alpha2046 (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaViewV1alpha4613 (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\MediaViewV1alpha2046 (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\MediaViewV1alpha4613 (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 3
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pieter Klingels\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions|[email protected] (PUP.Optional.MediaView.A) -> Data: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Mozilla\Firefox\Extensions|[email protected] (PUP.Optional.MediaView.A) -> Data: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerdata gedetecteerd: 1
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Slecht: (http://search.conduit.com/?ctid=CT33...E243A5D9&SSPV=) Goed: (http://www.google.com) -> Succesvol in quarantaine geplaatst en gerepareerd.

    Mappen gedetecteerd: 21
    C:\Users\Pieter Klingels\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\OpenCandy\CA1512AB3DB644BE908578BAE202C0E4 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\OpenCandy\FFD41B3B2AC943AEB8F6D5E5055E5E7D (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046 (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ch (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\icons (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\icons\default (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ie (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613 (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ch (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\icons (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\icons\default (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ie (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 35
    C:\Users\Pieter Klingels\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ie\MediaViewV1alpha4613.dll (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ie\MediaViewV1alpha2046.dll (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\uninstall.exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\uninstall.exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\OpenCandy\FFD41B3B2AC943AEB8F6D5E5055E5E7D\SSStub_SearchProtect_p1v0.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\Documents\Setups\frostwire-4.21.5.windows.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\Downloads\SoftonicDownloader_voor_windows-media-player.exe (PUP.Optional.Softonic.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\Downloads\vlc-32-2.1.2.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\Downloads\VLCSetup.exe (PUP.Optional.BundleInstaller.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\Downloads\Windows Media Player.exe (PUP.Optional.Solimba) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\OpenCandy\CA1512AB3DB644BE908578BAE202C0E4\avg_tuht_stf_nl_2014_214_BEL-15day.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Pieter Klingels\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ch\MediaViewV1alpha2046.crx (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome.manifest (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\install.rdf (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\ffMediaViewV1alpha2046.js (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\ffMediaViewV1alpha2046ffaction.js (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\overlay.xul (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ff\chrome\content\icons\default\MediaViewV1alpha2046_32.png (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ch\MediaViewV1alpha4613.crx (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome.manifest (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\install.rdf (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\ffMediaViewV1alpha4613.js (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\ffMediaViewV1alpha4613ffaction.js (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\overlay.xul (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ff\chrome\content\icons\default\MediaViewV1alpha4613_32.png (PUP.Optional.MediaView.A) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)



    DDS-log:


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2
    Run by Pieter Klingels at 9:11:27 on 2014-03-19
    Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.3959.2363 [GMT 1:00]
    .
    AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
    SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1583ee0fbe559aff\STacSV64.e xe
    C:\Windows\system32\vcsFPService.exe
    C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1583ee0fbe559aff\AESTSr64.e xe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesApp64.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\jre\bin\javaw.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\DigitalPersona\Bin\DPAgent.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
    C:\Windows\splwow64.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\jusched.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mWinlogon: Userinit = userinit.exe,
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll
    BHO: DigitalPersona Fingerprint Software Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [LeyioPSD-2.1.1] "C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\LeyioPSDHelper.exe"
    uRun: [Google+ Auto Backup] "C:\Users\Pieter Klingels\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    mRun: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpnua1.ua.ac.be/CACHE/stc/1/binaries/vpnweb.cab
    TCP: NameServer = 195.130.131.132 195.130.130.4
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D} : DHCPNameServer = 195.130.131.132 195.130.130.4
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\45F6E6976265562716 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\5514D27657563747 : DHCPNameServer = 143.169.245.67 143.169.254.101 143.169.245.68 143.169.254.100
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\75966696F534F627269656 : DHCPNameServer = 192.168.11.1
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\94D6D6F665C4D234963736F6 : DHCPNameServer = 192.168.1.1 192.168.1.100
    TCP: Interfaces\{27F07789-2BDD-4878-B2F6-157E7ABB481D}\B4C494E47454C4350284559435 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{9EE3FFB8-9138-4310-B1A4-8B77BC873079} : DHCPNameServer = 192.168.1.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    LSA: Notification Packages = scecli DPPWDFLT
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    IFEO: bitguard.exe - tasklist.exe
    IFEO: bprotect.exe - tasklist.exe
    IFEO: bpsvc.exe - tasklist.exe
    IFEO: browserdefender.exe - tasklist.exe
    IFEO: browserprotect.exe - tasklist.exe
    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1077\TmIEPlg.dll
    x64-BHO: {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - <orphaned>
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
    x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
    x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start
    x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
    x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1077\TmIEPlg.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-IFEO: bitguard.exe - tasklist.exe
    x64-IFEO: bprotect.exe - tasklist.exe
    x64-IFEO: bpsvc.exe - tasklist.exe
    x64-IFEO: browserdefender.exe - tasklist.exe
    x64-IFEO: browserprotect.exe - tasklist.exe
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Pieter Klingels\AppData\Roaming\Mozilla\Firefox\Profiles\k2olw2bm.default\
    FF - prefs.js: browser.search.selectedEngine - Conduit Search
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - component: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension\components\TmFFExt.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
    FF - ExtSQL: !HIDDEN! 2010-04-03 04:08; [email protected]; C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-4-3 55280]
    R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdflt.sys [2010-4-3 19504]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1583ee0fbe559aff\AE STSr64.exe [2010-1-29 89600]
    R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-3-1 267480]
    R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-4-3 59904]
    R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-1-29 60416]
    R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2010-1-29 80896]
    R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2010-1-29 55808]
    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2013-3-1 69392]
    R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2013-10-12 2099000]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-13 1924400]
    R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
    R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2010-1-29 25136]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-4-3 35104]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-4-3 172704]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-1-29 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-1-29 151936]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-1-29 291328]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-14 111616]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-21 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-8 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-03-18 23:47:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-03-18 23:36:37 -------- d-----w- C:\Program Files\CCleaner
    2014-03-10 20:03:35 -------- d-----w- C:\Program Files (x86)\MediaViewV1
    2014-03-04 19:05:39 -------- d-----r- C:\Program Files (x86)\Skype
    2014-03-02 20:26:13 -------- d-----w- C:\Windows\Migration
    2014-02-27 22:55:51 -------- d-----w- C:\79fe19b696952267b5de
    2014-02-27 22:27:27 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\Programs
    2014-02-27 22:11:32 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\{5360A474-A655-42B7-B4D3-59C2A5877AA4}
    2014-02-26 13:01:59 -------- d-----w- C:\8b034ac3d769f230645e755d
    2014-02-20 16:52:42 40248 ----a-w- C:\Windows\System32\TURegOpt.exe
    2014-02-20 16:52:42 29496 ----a-w- C:\Windows\System32\authuitu.dll
    2014-02-20 16:52:42 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll
    2014-02-20 16:52:22 -------- d-----w- C:\Users\Pieter Klingels\AppData\Roaming\AVG
    2014-02-20 16:52:07 -------- d-----w- C:\Program Files (x86)\VideoLAN
    2014-02-20 16:52:06 -------- d-----w- C:\Program Files (x86)\AVG PC TuneUp 2014
    2014-02-20 16:52:00 -------- d-----w- C:\ProgramData\AVG
    2014-02-20 16:51:56 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-02-20 16:51:56 -------- d--h--w- C:\ProgramData\Common Files
    2014-02-20 16:51:20 -------- d-----w- C:\Users\Pieter Klingels\AppData\Roaming\rmi
    2014-02-20 16:48:43 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\Lollipop
    2014-02-20 16:46:45 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\SwvUpdater
    2014-02-20 16:46:42 -------- d-----w- C:\Users\Pieter Klingels\.android
    2014-02-20 16:46:40 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\Mobogenie
    2014-02-20 16:46:40 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\genienext
    2014-02-20 16:46:40 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\cache
    2014-02-20 16:34:40 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\{1F5C6BA9-1BCD-4CF5-A728-8FCEA7AFEDC0}
    .
    ==================== Find3M ====================
    .
    2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
    2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
    2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
    2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
    2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
    2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
    2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
    2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
    2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
    2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
    2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
    2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
    .
    ============= FINISH: 9:12:09,74 ===============


    ATTACH-log:


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/04/2010 20:22:05
    System Uptime: 19/03/2014 8:47:02 (1 hours ago)
    .
    Motherboard: Dell Inc. | | 07VWR8
    Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz | CPU 1 | 1176/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 283 GiB total, 109,358 GiB free.
    D: is CDROM (UDF)
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
    Device ID: ROOT\NET\0000
    Manufacturer: Cisco Systems
    Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
    PNP Device ID: ROOT\NET\0000
    Service: vpnva
    .
    ==== System Restore Points ===================
    .
    RP196: 19/03/2014 3:00:12 - Windows Update
    .
    ==== Image File Execution Options =============
    .
    IFEO: bitguard.exe - tasklist.exe
    IFEO: bprotect.exe - tasklist.exe
    IFEO: bpsvc.exe - tasklist.exe
    IFEO: browserdefender.exe - tasklist.exe
    IFEO: browserprotect.exe - tasklist.exe
    IFEO: browsersafeguard.exe - tasklist.exe
    IFEO: dprotectsvc.exe - tasklist.exe
    IFEO: protectedsearch.exe - tasklist.exe
    IFEO: searchprotection.exe - tasklist.exe
    IFEO: searchprotector.exe - tasklist.exe
    IFEO: snapdo.exe - tasklist.exe
    IFEO: stinst32.exe - tasklist.exe
    IFEO: stinst64.exe - tasklist.exe
    IFEO: utiljumpflip.exe - tasklist.exe
    x64-IFEO: bitguard.exe - tasklist.exe
    x64-IFEO: bprotect.exe - tasklist.exe
    x64-IFEO: bpsvc.exe - tasklist.exe
    x64-IFEO: browserdefender.exe - tasklist.exe
    x64-IFEO: browserprotect.exe - tasklist.exe
    x64-IFEO: browsersafeguard.exe - tasklist.exe
    x64-IFEO: dprotectsvc.exe - tasklist.exe
    x64-IFEO: protectedsearch.exe - tasklist.exe
    x64-IFEO: searchprotection.exe - tasklist.exe
    x64-IFEO: searchprotector.exe - tasklist.exe
    x64-IFEO: snapdo.exe - tasklist.exe
    x64-IFEO: stinst32.exe - tasklist.exe
    x64-IFEO: stinst64.exe - tasklist.exe
    x64-IFEO: utiljumpflip.exe - tasklist.exe
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Accelerometer
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.5.5 - Nederlands
    Adobe Shockwave Player 12.0
    Advanced Audio FX Engine
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG PC TuneUp 2014
    AVG PC TuneUp 2014 (nl-NL)
    Bonjour
    BS.Player FREE
    CCleaner
    Cisco AnyConnect VPN Client
    Compatibiliteitspakket voor het 2007 Microsoft Office system
    Counter-Strike
    D3DX10
    Dell Backup and Recovery Manager
    Dell Edoc Viewer
    Dell Touchpad
    Dell Webcam Central
    DigitalPersona Personal 4.01
    DW WLAN Card
    Easy Video Splitter 1.28
    FIFA 13
    FrostWire 4.21.5
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google+ Auto Backup
    HiJackThis
    iTunes
    Java 7 Update 51
    Java Auto Updater
    Java(TM) 6 Update 17 (64-bit)
    Junk Mail filter update
    LeyioPSD (2.1.1)
    Live! Cam Avatar Creator
    Malwarebytes Anti-Malware versie 1.75.0.1300
    McAfee Security Scan Plus
    Microsoft .NET Framework 4.5.1
    Microsoft .NET Framework 4.5.1 (Nederlands)
    Microsoft .NET Framework 4.5.1 (NLD)
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office PowerPoint Viewer 2007 (Dutch)
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Shared 64-bit MUI (Dutch) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    Mozilla Firefox 27.0.1 (x86 nl)
    Mozilla Maintenance Service
    MSVC80_x64
    MSVC80_x86
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NVIDIA Drivers
    Origin
    Picasa 3
    Pixum Fotoboek
    PowerDVD DX
    Pro Evolution Soccer 2009
    Quickset64
    QuickTime
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator DE 10.3
    Roxio Creator Tools
    Roxio Express Labeler 3
    Roxio Update Manager
    SAMSUNG Mobile Composite Device Software
    SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Drive Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Samsung PC Studio 3
    SamsungConnectivityCableDriver
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
    Skype™ 6.11
    Spelling Dictionaries Support For Adobe Reader 9
    Steam
    swMSM
    TrackMania Nations Forever
    Trend Micro Titanium Internet Security
    Trend Micro™ Titanium™ Internet Security
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    Validity Sensors DDK
    VLC media player 2.1.2
    WHISE Online Management
    WIDCOMM Bluetooth Software
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR
    .
    ==== End Of File ===========================


    GMER-log:

    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-03-19 09:30:41
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932042 rev.D004 298,09GB
    Running: bxxflfum.exe; Driver: C:\Users\PIETER~1\AppData\Local\Temp\ufldapow.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031ec000 63 bytes [00, 00, 08, 02, 45, 76, 65, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff800031ec042 4 bytes [00, 00, 00, 00]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000760a1465 2 bytes [0A, 76]
    .text C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760a14bb 2 bytes [0A, 76]
    .text ... * 2
    .text C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\jre\bin\javaw.exe[3648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000760a1465 2 bytes [0A, 76]
    .text C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\jre\bin\javaw.exe[3648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760a14bb 2 bytes [0A, 76]
    .text ... * 2
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000760a1465 2 bytes [0A, 76]
    .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000760a14bb 2 bytes [0A, 76]
    .text ... * 2

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\5063138c32c7
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x07 0xB4 0x9B 0x4A ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0xAF 0x16 0x35 0x39 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\5063138c32c7 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x07 0xB4 0x9B 0x4A ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0xAF 0x16 0x35 0x39 ...

    ---- EOF - GMER 2.1 ----



    Alvast dank voor de hulp of instructies!

    GizmO

  • #2
    Download Zoek.zip naar het bureaublad.
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


    Antivirussoftware uitschakelen
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

    Zoek.exe uitvoeren
    Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Klik nu op de knop "Run script".
    • Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
    • Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.


    Zoek.exe logbestand plaatsen
    • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht.
      (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Quick-scan en herstellen of Deep-scan en herstellen?

      Comment


      • #4
        resultaat quick-scan:


        Zoek.exe v5.0.0.0 Updated 07-March-2014
        Tool run by Pieter Klingels on za 22/03/2014 at 11:30:14,91.
        Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
        Running in: Normal Mode Internet Access Detected
        Launched: C:\Users\Pieter Klingels\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

        ==== System Restore Info ======================

        22/03/2014 11:32:00 Zoek.exe System Restore Point Created Succesfully.

        ==== Empty Folders Check ======================

        C:\PROGRA~2\MediaViewV1 deleted successfully
        C:\PROGRA~2\MSXML 4.0 deleted successfully
        C:\Program Files\Google deleted successfully
        C:\PROGRA~3\Oracle deleted successfully
        C:\PROGRA~3\Roxio deleted successfully
        C:\Users\Pieter Klingels\AppData\Local\cache deleted successfully
        C:\Users\Pieter Klingels\AppData\Local\genienext deleted successfully
        C:\Users\Pieter Klingels\AppData\Local\Lollipop deleted successfully
        C:\Users\Pieter Klingels\AppData\Local\MigWiz deleted successfully

        ==== Deleting CLSID Registry Keys ======================

        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B435522A-0364-4BCE-8E08-FBE601938896} deleted successfully

        ==== Deleting CLSID Registry Values ======================

        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

        ==== Deleting Services ======================


        ==== FireFox Fix ======================

        ProfilePath: C:\Users\PIETER~1\AppData\Roaming\Mozilla\Firefox\Profiles\k2olw2bm.default

        ---- Lines conduit removed from prefs.js ----
        user_pref("browser.search.defaultenginename", "Conduit Search");
        user_pref("browser.search.selectedEngine", "Conduit Search");
        ---- Lines ask.com removed from prefs.js ----
        user_pref("browser.search.defaultengine", "Ask.com");
        user_pref("browser.search.order.1", "Ask.com");
        ---- FireFox user.js and prefs.js backups ----

        user_20142203_1141_.backup
        prefs_20142203_1141_.backup

        ProfilePath: C:\Users\PIETER~1\AppData\Roaming\Mozilla\Firefox\Profiles\oar0sy9i.default

        ---- FireFox user.js and prefs.js backups ----

        user_20142203_1141_.backup
        prefs_20142203_1141_.backup

        ==== Deleting Files \ Folders ======================

        C:\Users\Pieter Klingels\daemonprocess.txt deleted
        C:\Users\Pieter Klingels\.android deleted
        C:\PROGRA~3\Ask deleted
        C:\PROGRA~3\APN deleted
        C:\Users\Pieter Klingels\AppData\Local\Mobogenie deleted
        C:\Users\Pieter Klingels\AppData\Local\SwvUpdater deleted
        C:\END deleted
        C:\Users\Pieter Klingels\Documents\Mobogenie deleted

        ==== Files Recently Created / Modified ======================

        ====== C:\Windows ====
        2014-03-19 08:33:43 7A3DFB10F736774F0AB459B50D20A314 637915121 ----a-w- C:\Windows\MEMORY.DMP
        2014-03-08 19:48:35 304C2EA4A6385FAA51D5B3359F9302B6 425 ----a-w- C:\Windows\BRWMARK.INI
        ====== C:\Users\PIETER~1\AppData\Local\Temp ====
        ====== Java Cache =====
        2014-03-08 14:32:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Pieter Klingels\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-702821dd
        ====== C:\Windows\SysWOW64 =====
        2014-03-14 17:23:57 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\SysWOW64\wer.dll
        2014-03-14 17:23:56 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll
        2014-03-14 17:23:56 8B521873651E62EF5868DC7B339959DB 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll
        2014-03-14 17:23:55 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
        2014-03-14 17:23:55 7EDA015D4E74177A1B187326EDB14670 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
        2014-03-14 17:23:55 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\Windows\SysWOW64\mshtml.dll
        2014-03-14 17:23:55 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll
        2014-03-14 17:23:54 E84073A2F2D3A9448CA02F48B0360490 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll
        2014-03-14 17:23:54 E23497E11866154A97BA9877656113FE 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
        2014-03-14 17:23:54 B0CBC5A7D9278DCD5B230E1E50CCA5F6 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll
        2014-03-14 17:23:54 2CF6CF90BF7FE0E616C363343FFA686B 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
        2014-03-14 17:23:54 1CEE521E90703BB8A01211C77747E727 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
        2014-03-14 17:23:53 5C207FABA707CE496E1E0A304925D1E5 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
        2014-03-14 17:23:53 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll
        2014-03-14 17:23:52 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll
        2014-03-14 17:23:52 C8DBE0B5297FD85D7311E4791103517B 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
        2014-03-14 17:23:52 B61F47EB8CACBE09C8117E4FF7D9656D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll
        2014-03-14 17:23:52 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll
        2014-03-14 17:23:52 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
        2014-03-14 17:23:35 B0BE998802DEDEE1FD8F5E5F9F207A30 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll
        2014-03-14 17:23:35 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
        2014-03-08 19:48:34 1F64114D83017768A02BF1008E5A5D6F 34 ----a-w- C:\Windows\SysWOW64\BD2150N.DAT
        ====== C:\Windows\SysWOW64\drivers =====
        ====== C:\Windows\Sysnative =====
        2014-03-14 17:23:57 E918C0DE5CF2AE6BEDBF387C09627D93 3156480 ----a-w- C:\Windows\Sysnative\win32k.sys
        2014-03-14 17:23:57 1075AB2C077B415760C0E948856B5126 484864 ----a-w- C:\Windows\Sysnative\wer.dll
        2014-03-14 17:23:57 04F82965C09CBDF646B487E145060301 228864 ----a-w- C:\Windows\Sysnative\wwansvc.dll
        2014-03-14 17:23:56 76862AAF77C049EC20217FDC209F7F13 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll
        2014-03-14 17:23:56 10B2786774CC43D835FE8303D1970874 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
        2014-03-14 17:23:54 F6BA9A0266DA93AFB8EA9BA12BF81367 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll
        2014-03-14 17:23:54 BA0A21F761CE5001DF712C51BF11F953 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll
        2014-03-14 17:23:54 8BA97E7747A53F80873431178889911A 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
        2014-03-14 17:23:54 0A5996995F33967A46E3D5A3D9F1433D 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
        2014-03-14 17:23:53 E6ACA421DA3E50D7F0A31228F0C547B0 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll
        2014-03-14 17:23:53 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
        2014-03-14 17:23:53 8EA01E83528503D312224FC63D40BC2B 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll
        2014-03-14 17:23:52 B3DFA392735A5FBE2896BAB67950123A 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
        2014-03-14 17:23:52 A0B690402E33DC9C78F22CB41F4FDC09 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
        2014-03-14 17:23:52 4F131DB206096854505AFEDD2153FD83 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
        2014-03-14 17:23:51 D3CAA61DE060BC74B4EFC638679DFE7A 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
        2014-03-14 17:23:51 9C5ADB26632D46919ABB231CF7DE98B9 13051904 ----a-w- C:\Windows\Sysnative\ieframe.dll
        2014-03-14 17:23:51 8D46ACDFA065C423BED405702F075B54 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
        2014-03-14 17:23:51 422106B7565350885D0930DFA5BA21A1 574976 ----a-w- C:\Windows\Sysnative\ieui.dll
        2014-03-14 17:23:50 DF79CE9B950C62677D232154E93A81C7 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll
        2014-03-14 17:23:50 CF1C73DE1FADE3D3C44FCAF254F57DB2 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll
        2014-03-14 17:23:50 48ED94DA88F65684B28FCD87C01288A7 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
        2014-03-14 17:23:50 262B8883ECFD0C7CB303B56F9D9F210E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll
        2014-03-14 17:23:49 E97FFE2D37F01DD8B52BE81E1B91A7C0 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
        2014-03-14 17:23:49 4E0709D9BB951AD1C22E4FF519B90839 23133696 ----a-w- C:\Windows\Sysnative\mshtml.dll
        2014-03-14 17:23:35 AFCA5C1ECEAF948FC815178BC077680E 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
        2014-03-14 17:23:35 2C619F6023E3F7A3ABF3475ED2223359 624128 ----a-w- C:\Windows\Sysnative\qedit.dll
        ====== C:\Windows\Sysnative\drivers =====
        ====== C:\Windows\Tasks ======
        ====== C:\Windows\Temp ======
        ======= C:\Program Files =====
        ======= C:\PROGRA~2 =====
        2014-03-19 08:40:18 -------- d-----w- C:\PROGRA~2\Kaspersky Lab
        2014-03-04 19:05:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
        2014-03-04 19:05:39 -------- d-----r- C:\PROGRA~2\Skype
        2014-02-20 16:52:07 -------- d-----w- C:\PROGRA~2\VideoLAN
        ======= C: =====
        ====== C:\Users\Pieter Klingels\AppData\Roaming ======
        2014-03-19 19:57:10 -------- d-----w- C:\Users\Pieter Klingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-apparaten
        2014-02-27 22:27:27 -------- d-----w- C:\Users\Pieter Klingels\AppData\Local\Programs
        2014-02-20 16:57:49 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG
        2014-02-20 16:52:22 -------- d-----w- C:\Users\Pieter Klingels\AppData\Roaming\AVG
        2014-02-20 16:51:20 -------- d-----w- C:\Users\Pieter Klingels\AppData\Roaming\rmi
        ====== C:\Users\Pieter Klingels ======
        2014-03-19 08:40:18 -------- d-----w- C:\ProgramData\Kaspersky Lab
        2014-03-18 23:45:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Pieter Klingels\defogger_reenable
        2014-03-10 20:04:22 108BA7365460228FE558C25DB124E60B 674 --sha-r- C:\ProgramData\ntuser.pol
        2014-03-04 19:05:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
        2014-02-20 16:52:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
        2014-02-20 16:52:00 -------- d-----w- C:\ProgramData\AVG
        2014-02-20 16:51:56 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
        2014-02-20 16:51:56 -------- d--h--w- C:\ProgramData\Common Files

        ====== C: exe-files ==
        2014-03-19 08:38:43 436372F287FD2DB452832F4DB7139FB7 185424 ----a-w- C:\Users\Pieter Klingels\Documents\Setups\kss12.0.1.117abRU_EN_DE_FR_ES_IT_JA_PT_ZH_4296.exe
        2014-03-19 00:02:02 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Users\Pieter Klingels\Desktop\ANTI-VIRUS\Defogger.exe
        2014-03-18 23:54:28 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\Pieter Klingels\Desktop\ANTI-VIRUS\bxxflfum.exe
        2014-03-18 23:46:56 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Pieter Klingels\Documents\Setups\mbam-setup-1.75.0.1300.exe
        2014-03-18 23:44:40 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Users\Pieter Klingels\Documents\Setups\Defogger.exe
        2014-03-18 23:35:45 2A5989EBFF9D3DCE16EE9CAD2C478AB1 3690256 ----a-w- C:\Users\Pieter Klingels\Documents\Setups\ccsetup411_slim.exe
        2014-03-16 14:39:16 E677174AA15D1B9D9E0B0F1C8DB8CC56 892120 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe
        === C: other files ==
        2014-03-18 23:52:04 8B968045D75783A09592C3105F2865DA 688992 ----a-r- C:\Users\Pieter Klingels\Desktop\ANTI-VIRUS\dds.com

        ==== Startup Registry Enabled ======================

        [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
        "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

        [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
        "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

        [HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Windows\CurrentVersion\Run]
        "LeyioPSD-2.1.1"="C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\LeyioPSDHelper.exe"
        "Google+ Auto Backup"="C:\Users\Pieter Klingels\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart"
        "KSS"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe /autorun"

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
        "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

        [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
        "mctadmin"="C:\Windows\System32\mctadmin.exe"

        [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
        "mctadmin"="C:\Windows\System32\mctadmin.exe"

        [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
        "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
        "Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
        "DpAgent"="C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe"
        "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
        "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
        "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
        "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
        "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
        "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
        "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

        [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
        "LeyioPSD-2.1.1"="C:\Program Files (x86)\Leyio\LeyioPSD-2.1.1\LeyioPSDHelper.exe"
        "Google+ Auto Backup"="C:\Users\Pieter Klingels\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart"
        "KSS"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe /autorun"

        ==== Startup Registry Enabled x64 ======================

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
        "NVHotkey"="rundll32.exe C:\Windows\system32\nvHotkey.dll,Start"
        "QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe"
        "FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe"
        "Trend Micro Client Framework"="C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
        "Trend Micro Titanium"="C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent 1 SplashURL "
        "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
        "SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray64.exe "

        [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
        "AppInit_DLLs"="C:\\PROGRA~2\\Linkey\\IEEXTE~1\\iedll64.dll "

        ==== Startup Folders ======================

        2010-04-03 01:59:37 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
        2013-02-25 20:01:28 1933 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

        ==== Task Scheduler Jobs ======================

        C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/10/2013 13:50]
        C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe

        ==== Other Scheduled Tasks ======================

        "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
        "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
        "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
        "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
        "C:\Windows\SysNative\tasks\JavaUpdateSched" [%WINDIR%\System32\jusched.exe]
        "C:\Windows\SysNative\tasks\{A72D61E1-D5FE-43F0-8109-C02114537954}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
        "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

        ==== Firefox Extensions Registry ======================

        [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
        "{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension" [01/03/2013 22:02]
        [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
        "[email protected]"="C:\Program Files (x86)\DigitalPersona\Bin\firefoxext" [03/04/2010 03:08]

        ==== Firefox Extensions ======================

        AppDir: C:\Program Files (x86)\Mozilla Firefox
        - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

        ==== Firefox Plugins ======================

        Profilepath: C:\Users\Pieter Klingels\AppData\Roaming\Mozilla\Firefox\Profiles\k2olw2bm.default
        63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +
        E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
        0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director


        ==== Chrome Look ======================

        HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
        bopakagnckmlgajfccecajhnimjiiedh - No path found
        decgbgncambmjikeiclgnhaggoedbdhc - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4613\ch\MediaViewV1alpha4613.crx
        eigejondkkppikocfabhalbmjpclehnn - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2046\ch\MediaViewV1alpha2046.crx

        Google Docs - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
        Google Drive - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
        YouTube - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
        Google Search - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
        Google Wallet - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
        Gmail - Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

        ==== Set IE to Default ======================

        Old Values:
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
        "Start Page"="http://www.google.com"
        "Search Page"="http://www.google.com"
        "Search Bar"="http://www.google.com/ie"
        "Default_Search_URL"="http://www.google.com/ie"
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
        @="http://www.google.com/search?q=%s"
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
        "SearchAssistant"="http://www.google.com/ie"
        "Default_Search_URL"="http://www.google.com/ie"
        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
        "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

        New Values:
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
        "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
        "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
        "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
        "Start Page"="http://www.google.com"
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
        "(Default)"="http://search.msn.com/results.asp?q=%s"
        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
        "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
        "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
        "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

        ==== All HKCU SearchScopes ======================

        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
        {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
        {0C9FD779-5897-4BFE-987D-D6DBF180262E} Unknown Url="Not_Found"
        {3F8C4482-C23E-4213-A351-C1C537735218} Unknown Url="Not_Found"
        {4FE21EB5-8E0A-47E3-B619-A935B6AAC50B} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
        {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

        ==== Deleting CLSID Registry Keys ======================

        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0C9FD779-5897-4BFE-987D-D6DBF180262E} deleted successfully
        HKEY_USERS\S-1-5-21-1882520765-3323825473-2521235458-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3F8C4482-C23E-4213-A351-C1C537735218} deleted successfully

        ==== Deleting CLSID Registry Values ======================


        ==== Deleting Registry Keys ======================

        HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
        HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
        HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\decgbgncambmjikeiclgnhaggoedbdhc deleted successfully
        HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eigejondkkppikocfabhalbmjpclehnn deleted successfully

        ==== Empty IE Cache ======================

        C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Users\Pieter Klingels\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Users\Pieter Klingels\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
        C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
        C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
        C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

        ==== Empty FireFox Cache ======================

        C:\Users\Pieter Klingels\AppData\Local\Mozilla\Firefox\Profiles\k2olw2bm.default\Cache emptied successfully

        ==== Empty Chrome Cache ======================

        C:\Users\Pieter Klingels\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

        ==== Empty All Flash Cache ======================

        Flash Cache Emptied Successfully

        ==== Empty All Java Cache ======================

        Java Cache cleared successfully

        ==== C:\zoek_backup content ======================

        C:\zoek_backup (files=1252 folders=110 64311248 bytes)

        ==== Empty Temp Folders ======================

        C:\Users\Default\AppData\Local\Temp emptied successfully
        C:\Users\Default User\AppData\Local\Temp emptied successfully
        C:\Users\Pieter Klingels\AppData\Local\Temp will be emptied at reboot
        C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
        C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
        C:\Windows\Temp will be emptied at reboot

        ==== After Reboot ======================

        ==== Empty Temp Folders ======================

        C:\Windows\Temp successfully emptied
        C:\Users\PIETER~1\AppData\Local\Temp successfully emptied

        ==== Empty Recycle Bin ======================

        C:\$RECYCLE.BIN successfully emptied

        ==== EOF on za 22/03/2014 at 12:29:45,06 ======================

        Comment


        • #5
          En hoe gaat het nu?

          Windows 10 opstarten in Veilige Modus

          Comment


          • #6
            Enige verbetering ?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Hoi Juisterr,

              de problemen waarvan sprake lijken voorlopig allemaal verholpen.

              De pop-ups en het verspringen van de webpagina's in mijn browsers komt niet meer voor.

              Ik heb ook de indruk dat hij terug iets sneller is.


              Alvast hartelijk dank!

              Comment


              • #8
                Download Delfix by Xplode naar het bureaublad.

                KLIK HIER voor een vergroting!
                (Klik bovenstaande afbeelding aan voor een vergroting!)

                Dubbelklik op Delfix.exe om de tool te starten.
                Zet nu vinkjes voor de volgende items:
                • Remove disinfection tools
                • Purge System Restore
                • Reset system settings

                Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                Windows 10 opstarten in Veilige Modus

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X