Mededeling

Collapse
No announcement yet.

Registerfouten (Gerry)

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Registerfouten (Gerry)

    Aanmelding nieuw topic via Karin Kam

  • #2
    Welkom Gerry op Nucia Security Forum,

    Je mag de log van MBAM hier plaatsen.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scandatum: 11-5-2014
      Scantijd: 17:52:15
      Logbestand: LogboekMBAM.txt
      Beheerder: Ja

      Versie: 2.00.1.1004
      Malwaredatabase: v2014.05.11.05
      Rootkitdatabase: v2014.03.27.01
      Licentie: Proef
      Malwarebescherming: Ingeschakeld
      Kwaadaardige Website Bescherming: Ingeschakeld
      Chameleon: Uitgeschakeld

      Besturingssysteem: Windows 7 Service Pack 1
      Processor: x64
      Bestandssysteem: NTFS
      Gebruiker: Gerry

      Scantype: Bedreigingsscan
      Resultaat: Voltooid
      Objecten Gescand: 264078
      Verstreken Tijd: 1 u, 11 m, 55 s

      Geheugen: Ingeschakeld
      Opstarten: Ingeschakeld
      Bestandssysteem: Ingeschakeld
      Archieven: Ingeschakeld
      Rootkits: Uitgeschakeld
      Shuriken: Ingeschakeld
      POP: Ingeschakeld
      POA: Ingeschakeld

      Processen: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registersleutels: 1
      PUP.Optional.Softonic.A, HKU\S-1-5-21-3379703007-928783620-226221183-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantaine, [40e1f45cc5b6181e62f193f03ec4a858],

      Registerwaardes: 0
      (No malicious items detected)

      Registerdata: 0
      (No malicious items detected)

      Mappen: 0
      (No malicious items detected)

      Bestanden: 24
      PUP.Optional.Softonic.A, C:\Users\Gerry\Downloads\SoftonicDownloader_voor_malwarebytes-anti-malware.exe, In Quarantaine, [5ec3ba9668130630fbcddd418b768080],
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.admin", false), Vervangen,[a8794d03e497b0860b2df7780ff52bd5]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.aflt", "babsst"), Vervangen,[9a875af6a7d49c9adb5da7c8ac5829d7]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"), Vervangen,[af72fb55e4972a0ca593a2cd06fe8e72]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.autoRvrt", "false"), Vervangen,[db46c98785f6ab8b9b9dc5aab74d12ee]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.dfltLng", "en"), Vervangen,[ad7455fb5823da5ceb4d2d4292724cb4]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.excTlbr", false), Vervangen,[98891f319ddeb284380070ff53b1d12f]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.ffxUnstlRst", true), Vervangen,[a08178d874072c0a1e1aa8c733d11be5]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.id", "0a2d208600000000000074e5435d49bf"), Vervangen,[869bbd93b9c2c670cd6b4d22f60e9769]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.instlDay", "15870"), Vervangen,[d44d3020a3d82c0a64d4f07f27dddd23]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.instlRef", "sst"), Vervangen,[60c1c18fd7a4f73ff7418ae5d0344eb2]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.newTab", false), Vervangen,[cb566be5a4d795a12612fd72689cb24e]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.prdct", "delta"), Vervangen,[47da6ee2accf73c342f6620d3dc7fe02]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.prtnrId", "delta"), Vervangen,[35ec0c44bbc0a096fb3dde91cd379d63]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.rvrt", "false"), Vervangen,[b170133da8d3df5765d3bdb23ec67e82]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.smplGrp", "none"), Vervangen,[8b96321e3645e4527fb976f99371a25e]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.tlbrId", "base"), Vervangen,[021fc48c691274c21e1a6609c440bb45]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.tlbrSrchUrl", ""), Vervangen,[1c051b35205b15217eba521de123847c]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsn", "1.8.21.5"), Vervangen,[d150bf910a71ac8ab187a5ca26de03fd]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsnTs", "1.8.21.522:34:47"), Vervangen,[e73ac7892b509d9943f5d6997e86fb05]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta.vrsni", "1.8.21.5"), Vervangen,[c25fd37dec8ff73fd068254a7094619f]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.babExt", ""), Vervangen,[66bb4e02572465d194a49ed1020246ba]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.babTrack", "affID=119556&tt=120613_ctrl"), Vervangen,[1e03c7893a41eb4bfa3e1f506d978080]
      PUP.Optional.Delta.A, C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.delta_i.srcExt", "ss"), Vervangen,[da47fb55bcbf15214bedf57ab2527d83]

      Fysieke Sectoren: 0
      (No malicious items detected)


      (end)
      Last edited by Emphyrio; 11-05-14, 17:05. Reden: Smileys uitgeschakeld.

      Comment


      • #4
        Prima zo
        Alvast een goede raad: Blijf weg van de website Softonic

        We gaan verder...
        .


        Controle op slechte toolbars...

        Download AdwCleaner by Xplode naar je Bureaublad.
        • Sluit alle openstaande vensters
        • Start AdwCleaner
        • Klik op Scan
        • Klik op Clean
        • KLIK HIER voor een vergroting! 

        Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
        Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

        Enkel de log na de "clean" optie heb ik nodig.

        Vergeet niet om je "smileys" uit te schakelen.(http://www.nucia.eu/forum/entries/20...e-Smiley-s-uit)

        Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com
        Last edited by Emphyrio; 11-05-14, 17:06.
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          # AdwCleaner v3.207 - Rapport aangemaakt 11/05/2014 op 18:09:06
          # Laatste Update 05/05/2014 door Xplode
          # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
          # Gebruikersnaam : Gerry - GERRY-COMPUTER
          # Gestart vanuit : C:\Users\Gerry\Downloads\adwcleaner.exe
          # Optie : Verwijderen

          ***** [ Services ] *****


          ***** [ Bestanden / Mappen ] *****

          Map Verwijderd : C:\ProgramData\Babylon
          Map Verwijderd : C:\ProgramData\Partner
          Map Verwijderd : C:\ProgramData\Tarma Installer
          Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
          Map Verwijderd : C:\Program Files (x86)\Betcat
          Map Verwijderd : C:\Program Files (x86)\Delta
          Map Verwijderd : C:\Program Files (x86)\Mobogenie
          Map Verwijderd : C:\Program Files (x86)\WebCake
          Map Verwijderd : C:\Users\Gerry\AppData\Local\genienext
          Map Verwijderd : C:\Users\Gerry\AppData\Local\Mobogenie
          Map Verwijderd : C:\Users\Gerry\AppData\LocalLow\Delta
          Map Verwijderd : C:\Users\Gerry\AppData\Roaming\BabSolution
          Map Verwijderd : C:\Users\Gerry\AppData\Roaming\Babylon
          Map Verwijderd : C:\Users\Gerry\AppData\Roaming\Betcat
          Map Verwijderd : C:\Users\Gerry\AppData\Roaming\Systweak
          Map Verwijderd : C:\Users\Gerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
          Map Verwijderd : C:\Users\Gerry\Documents\Mobogenie
          Bestand Verwijderd : C:\Program Files (x86)\WebCakeLayers.crx
          Bestand Verwijderd : C:\Users\Gerry\daemonprocess.txt
          Bestand Verwijderd : C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\searchplugins\my-web-search.xml
          Bestand Verwijderd : C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\user.js
          Bestand Verwijderd : C:\windows\System32\Tasks\RegClean Pro

          ***** [ Snelkoppelingen ] *****


          ***** [ Register ] *****

          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\*\shell\filescout
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
          Sleutel Verwijderd : HKCU\Software\5b57dc8db63ce447
          Sleutel Verwijderd : HKLM\SOFTWARE\5b57dc8db63ce447
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
          Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
          Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
          Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}
          Sleutel Verwijderd : HKCU\Software\AVG Secure Search
          Sleutel Verwijderd : HKCU\Software\BabSolution
          Sleutel Verwijderd : HKCU\Software\Delta
          Sleutel Verwijderd : HKCU\Software\Softonic
          Sleutel Verwijderd : HKCU\Software\systweak
          Sleutel Verwijderd : HKLM\Software\Babylon
          Sleutel Verwijderd : HKLM\Software\DataMngr
          Sleutel Verwijderd : HKLM\Software\Delta
          Sleutel Verwijderd : HKLM\Software\systweak
          Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer
          Gegevens Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll

          ***** [ Browsers ] *****

          -\\ Internet Explorer v11.0.9600.17041

          Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

          -\\ Mozilla Firefox v28.0 (nl)

          [ Bestand : C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\prefs.js ]

          Regel verwijderd : user_pref("browser.search.defaultenginename", "Delta Search");
          Regel verwijderd : user_pref("browser.search.order.1", "Delta Search");
          Regel verwijderd : user_pref("browser.search.selectedEngine", "Delta Search");
          Regel verwijderd : user_pref("extensions.delta.admin", false);
          Regel verwijderd : user_pref("extensions.delta.aflt", "babsst");
          Regel verwijderd : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
          Regel verwijderd : user_pref("extensions.delta.autoRvrt", "false");
          Regel verwijderd : user_pref("extensions.delta.dfltLng", "en");
          Regel verwijderd : user_pref("extensions.delta.excTlbr", false);
          Regel verwijderd : user_pref("extensions.delta.ffxUnstlRst", true);
          Regel verwijderd : user_pref("extensions.delta.id", "0a2d208600000000000074e5435d49bf");
          Regel verwijderd : user_pref("extensions.delta.instlDay", "15870");
          Regel verwijderd : user_pref("extensions.delta.instlRef", "sst");
          Regel verwijderd : user_pref("extensions.delta.newTab", false);
          Regel verwijderd : user_pref("extensions.delta.prdct", "delta");
          Regel verwijderd : user_pref("extensions.delta.prtnrId", "delta");
          Regel verwijderd : user_pref("extensions.delta.rvrt", "false");
          Regel verwijderd : user_pref("extensions.delta.smplGrp", "none");
          Regel verwijderd : user_pref("extensions.delta.tlbrId", "base");
          Regel verwijderd : user_pref("extensions.delta.tlbrSrchUrl", "");
          Regel verwijderd : user_pref("extensions.delta.vrsn", "1.8.21.5");
          Regel verwijderd : user_pref("extensions.delta.vrsnTs", "1.8.21.522:34:47");
          Regel verwijderd : user_pref("extensions.delta.vrsni", "1.8.21.5");
          Regel verwijderd : user_pref("extensions.delta_i.babExt", "");
          Regel verwijderd : user_pref("extensions.delta_i.babTrack", "affID=119556&tt=120613_ctrl");
          Regel verwijderd : user_pref("extensions.delta_i.srcExt", "ss");
          Regel verwijderd : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
          Regel verwijderd : user_pref("extentions.webcake.installId", "e5093b8e-ea47-4523-9a31-1bc7d50b8b40");

          -\\ Google Chrome v34.0.1847.131

          [ Bestand : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\preferences ]

          Verwijderd [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&tt=120613_ctrl&babsrc=SP_ss&mntrId=0A2D74E5435D49BF
          Verwijderd [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=119556&tt=120613_ctrl&babsrc=SP_ss_din2g&mntrId=0A2D74E5435D49BF
          Verwijderd [Search Provider] : hxxp://nl.softonic.com/s/{searchTerms}

          *************************

          AdwCleaner[R0].txt - [8155 octets] - [11/05/2014 18:07:53]
          AdwCleaner[S0].txt - [7773 octets] - [11/05/2014 18:09:06]

          ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7833 octets] ##########

          Comment


          • #6
            Mooi zo, we gaan de goede richting uit

            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Op de vraag of je een backup wil maken van het register, klik je "Ja".
            • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



            Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


            DDS is een diagnosetool en maakt gebruik van scripts.
            Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


            Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
            Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
            Beide logfiles sla je op je bureaublad.

            Post de inhoud van DDS.txt.

            De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              DDS (Ver_2012-11-20.01) - NTFS_AMD64
              Internet Explorer: 11.0.9600.17041
              Run by Gerry at 18:38:20 on 2014-05-11
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3986.2121 [GMT 2:00]
              .
              AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
              SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
              .
              ============== Running Processes ===============
              .
              c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
              C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
              C:\windows\system32\lsm.exe
              C:\windows\system32\svchost.exe -k DcomLaunch
              C:\windows\system32\svchost.exe -k RPCSS
              C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
              C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
              C:\windows\system32\svchost.exe -k LocalService
              C:\windows\system32\svchost.exe -k netsvcs
              C:\windows\system32\svchost.exe -k NetworkService
              C:\Windows\System32\GFNEXSrv.exe
              C:\windows\System32\spoolsv.exe
              C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
              C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
              C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
              C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
              C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
              C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
              C:\Program Files\Intel\iCLS Client\HeciServer.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
              C:\windows\System32\svchost.exe -k HPZ12
              C:\windows\System32\svchost.exe -k HPZ12
              C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
              C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
              C:\windows\system32\svchost.exe -k imgsvc
              C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
              C:\windows\system32\TODDSrv.exe
              C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
              C:\Program Files\TOSHIBA\TECO\TecoService.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              C:\windows\system32\wbem\wmiprvse.exe
              C:\windows\system32\wbem\unsecapp.exe
              C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
              C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
              C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
              C:\windows\system32\SearchIndexer.exe
              C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
              C:\windows\system32\taskhost.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
              C:\windows\system32\Dwm.exe
              C:\windows\Explorer.EXE
              C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
              C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
              C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
              C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
              C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
              C:\Program Files\TOSHIBA\TECO\Teco.exe
              C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
              C:\Windows\System32\igfxtray.exe
              C:\Windows\System32\hkcmd.exe
              C:\Windows\System32\igfxpers.exe
              C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
              C:\Program Files (x86)\Google\Drive\googledrivesync.exe
              C:\Program Files (x86)\Skype\Phone\Skype.exe
              C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
              C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
              C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
              C:\Program Files (x86)\AVG\AVG2014\avgui.exe
              C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
              C:\Program Files (x86)\Google\Drive\googledrivesync.exe
              C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
              C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
              C:\windows\SysWOW64\ctfmon.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              C:\Program Files\Windows Media Player\wmpnetwk.exe
              C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
              C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
              C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
              C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
              C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
              C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
              C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              C:\windows\system32\SearchProtocolHost.exe
              C:\windows\system32\SearchFilterHost.exe
              C:\windows\system32\wbem\wmiprvse.exe
              C:\windows\System32\cscript.exe
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.google.com
              uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
              mWinlogon: Userinit = userinit.exe,
              BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
              BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
              BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
              BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
              BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
              EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
              EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
              uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP
              uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
              uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
              mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
              mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
              mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
              mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
              mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
              dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
              StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
              mPolicies-Explorer: NoActiveDesktop = dword:1
              mPolicies-Explorer: NoActiveDesktopChanges = dword:1
              mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
              mPolicies-System: ConsentPromptBehaviorUser = dword:3
              mPolicies-System: EnableUIADesktopToggle = dword:0
              IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
              IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
              IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
              IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
              IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
              IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
              IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
              .
              INFO: HKCU has more than 50 listed domains.
              If you wish to scan all of them, select the 'Force scan all domains' option.
              .
              DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
              DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
              DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
              TCP: NameServer = 62.179.104.196 213.46.228.196
              TCP: Interfaces\{229C1F75-5005-4EFA-8E30-18F96B2B75AF} : DHCPNameServer = 62.179.104.196 213.46.228.196
              TCP: Interfaces\{229C1F75-5005-4EFA-8E30-18F96B2B75AF}\64259445A51224F6870264F6E60275C414E402731373030214E6E656870214 : DHCPNameServer = 192.168.178.1
              TCP: Interfaces\{229C1F75-5005-4EFA-8E30-18F96B2B75AF}\F44545F4026514E4026554C43554E4 : DHCPNameServer = 192.168.0.1
              Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
              Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
              Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
              Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
              SSODL: WebCheck - <orphaned>
              mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
              x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
              x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
              x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
              x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
              x64-Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
              x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
              x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
              x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
              x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
              x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
              x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
              x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
              x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
              x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
              x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
              x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
              x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
              x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
              x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
              x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
              x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
              x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
              x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
              x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
              x64-Notify: igfxcui - igfxdev.dll
              x64-SSODL: WebCheck - <orphaned>
              .
              ================= FIREFOX ===================
              .
              FF - ProfilePath - C:\Users\Gerry\AppData\Roaming\Mozilla\Firefox\Profiles\w164i83d.default\
              FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
              FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
              FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
              FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
              FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
              FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
              FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
              FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
              FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
              FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
              FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
              FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
              .
              ============= SERVICES / DRIVERS ===============
              .
              R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2014-3-27 192792]
              R0 Avgloga;AVG Logging Driver;C:\windows\System32\drivers\avgloga.sys [2014-3-27 324376]
              R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2014-3-31 130840]
              R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2014-3-27 32536]
              R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-1-5 16152]
              R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2012-5-10 72240]
              R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2012-5-10 15920]
              R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-25 482384]
              R1 Avgdiska;AVG Disk Driver;C:\windows\System32\drivers\avgdiska.sys [2014-3-27 153368]
              R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2014-4-18 237336]
              R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2014-3-27 236824]
              R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2014-3-31 274200]
              R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-4-18 3645456]
              R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-3-27 291912]
              R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
              R2 GFNEXSrv;GFNEX Service;C:\windows\System32\GFNEXSrv.exe [2012-6-23 162824]
              R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
              R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-6-23 128280]
              R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-23 161560]
              R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-11 1809720]
              R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-11 857912]
              R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
              R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
              R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-8-23 2673064]
              R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-11-24 294848]
              R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
              R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-23 363800]
              R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
              R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-1-5 355096]
              R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-1-5 786200]
              R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-5-11 25816]
              R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-5-10 119512]
              R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-5-11 63192]
              R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-6-23 38096]
              R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-23 251496]
              R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-23 565352]
              R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtwlane.sys [2012-6-23 1082472]
              R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
              R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
              R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
              R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
              R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
              R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-26 138152]
              R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-15 833976]
              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
              S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
              S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
              S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
              S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-14 111616]
              S3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\drivers\RtkBtfilter.sys [2012-1-5 21096]
              S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
              S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-6-23 57216]
              S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
              S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
              S3 WatAdminSvc;Windows Activation Technologies-service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-24 1255736]
              S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
              .
              =============== Created Last 30 ================
              .
              2014-05-11 16:08:16 536576 ----a-w- C:\windows\SysWow64\sqlite3.dll
              2014-05-11 16:07:46 -------- d-----w- C:\AdwCleaner
              2014-05-11 14:38:36 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
              2014-05-11 14:38:36 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
              2014-05-11 14:38:36 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
              2014-05-11 14:38:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
              2014-05-10 16:59:05 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
              2014-05-10 16:58:50 -------- d-----w- C:\ProgramData\Malwarebytes
              2014-05-10 16:58:08 -------- d-----w- C:\Users\Gerry\AppData\Local\Programs
              2014-05-10 16:44:53 -------- d-sh--w- C:\Users\Gerry\AppData\Local\EmieUserList
              2014-05-10 16:44:53 -------- d-sh--w- C:\Users\Gerry\AppData\Local\EmieSiteList
              2014-05-10 15:29:46 -------- d--h--w- C:\$AVG
              2014-05-10 15:29:45 -------- d-----w- C:\ProgramData\AVG2014
              2014-05-10 15:27:58 -------- d-----w- C:\Users\Gerry\AppData\Local\Avg2014
              2014-05-10 15:18:44 -------- d-----w- C:\ProgramData\Licenses
              2014-05-10 15:18:42 129872 ----a-w- C:\windows\SysWow64\MSSTDFMT.DLL
              2014-05-10 15:18:42 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
              2014-05-10 15:11:51 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{45994069-F853-4E60-A924-F691F4A13636}\mpengine.dll
              2014-05-10 15:10:03 -------- d-s---w- C:\windows\System32\CompatTel
              2014-05-10 15:09:47 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
              2014-05-07 20:01:32 -------- d-----w- C:\ProgramData\WEBREG
              2014-05-07 19:47:55 -------- d-----w- C:\Program Files (x86)\Common Files\HP
              2014-05-07 19:47:43 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
              2014-05-07 19:47:03 -------- d-----w- C:\Program Files (x86)\HP
              2014-05-07 19:45:52 938496 ----a-w- C:\windows\System32\hpowiax8.dll
              2014-05-07 19:45:52 642360 ----a-w- C:\windows\System32\hpzids40.dll
              2014-05-07 19:45:52 551424 ----a-w- C:\windows\System32\hppldcoi.dll
              2014-05-07 19:45:52 505344 ----a-w- C:\windows\System32\hpovst14.dll
              2014-05-07 19:45:52 1406464 ----a-w- C:\windows\System32\hpotiop6.dll
              2014-05-07 18:06:30 465408 ----a-w- C:\windows\System32\aepdu.dll
              2014-05-07 18:06:30 424448 ----a-w- C:\windows\System32\aeinv.dll
              2014-05-07 18:02:58 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
              2014-05-07 18:02:58 2724864 ----a-w- C:\windows\System32\mshtml.tlb
              2014-04-18 13:01:30 237336 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys
              .
              ==================== Find3M ====================
              .
              2014-04-28 21:01:20 70832 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
              2014-04-28 21:01:20 692400 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
              2014-03-31 14:20:54 274200 ----a-w- C:\windows\System32\drivers\avgtdia.sys
              2014-03-31 14:06:26 130840 ----a-w- C:\windows\System32\drivers\avgmfx64.sys
              2014-03-31 07:35:08 270496 ------w- C:\windows\System32\MpSigStub.exe
              2014-03-27 20:14:26 192792 ----a-w- C:\windows\System32\drivers\avgidsha.sys
              2014-03-27 20:14:24 153368 ----a-w- C:\windows\System32\drivers\avgdiska.sys
              2014-03-27 20:07:10 236824 ----a-w- C:\windows\System32\drivers\avgldx64.sys
              2014-03-27 20:05:02 324376 ----a-w- C:\windows\System32\drivers\avgloga.sys
              2014-03-27 20:03:16 32536 ----a-w- C:\windows\System32\drivers\avgrkx64.sys
              2014-03-06 09:31:33 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
              2014-03-06 08:59:04 66048 ----a-w- C:\windows\System32\iesetup.dll
              2014-03-06 08:57:34 548352 ----a-w- C:\windows\System32\vbscript.dll
              2014-03-06 08:57:20 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
              2014-03-06 08:29:40 139264 ----a-w- C:\windows\System32\ieUnatt.exe
              2014-03-06 08:29:14 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
              2014-03-06 08:28:15 752640 ----a-w- C:\windows\System32\jscript9diag.dll
              2014-03-06 08:15:54 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
              2014-03-06 08:11:41 5784064 ----a-w- C:\windows\System32\jscript9.dll
              2014-03-06 08:02:34 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
              2014-03-06 08:02:33 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
              2014-03-06 08:01:01 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
              2014-03-06 07:56:43 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
              2014-03-06 07:46:36 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll
              2014-03-06 07:38:13 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
              2014-03-06 07:36:40 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
              2014-03-06 07:13:43 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
              2014-03-06 07:11:15 2043904 ----a-w- C:\windows\System32\inetcpl.cpl
              2014-03-06 06:40:39 1967104 ----a-w- C:\windows\SysWow64\inetcpl.cpl
              2014-03-06 06:22:40 2260480 ----a-w- C:\windows\System32\wininet.dll
              2014-03-06 05:41:49 1789440 ----a-w- C:\windows\SysWow64\wininet.dll
              2014-03-04 09:44:21 362496 ----a-w- C:\windows\System32\wow64win.dll
              2014-03-04 09:44:21 243712 ----a-w- C:\windows\System32\wow64.dll
              2014-03-04 09:44:21 13312 ----a-w- C:\windows\System32\wow64cpu.dll
              2014-03-04 09:44:03 16384 ----a-w- C:\windows\System32\ntvdm64.dll
              2014-03-04 09:17:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
              2014-03-04 09:17:05 44032 ----a-w- C:\windows\apppatch\acwow64.dll
              2014-03-04 09:16:54 25600 ----a-w- C:\windows\SysWow64\setup16.exe
              2014-03-04 09:16:18 5120 ----a-w- C:\windows\SysWow64\wow32.dll
              2014-03-04 08:09:30 7680 ----a-w- C:\windows\SysWow64\instnm.exe
              2014-03-04 08:09:29 2048 ----a-w- C:\windows\SysWow64\user.exe
              .
              ============= FINISH: 18:38:57,54 ===============

              Comment


              • #8
                ZIjn er nog problemen?
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Nou.... volgens mij is ie weer razendsnel...... Ik denk dat ik (Karin) van de week mijn eigen Labtopje ook op ziekenzaal leg.... volg ik gewoon deze procedure... met een eigen topicje in virusscanner, oké?

                  Nog vraagje.. wat adviseer jij qua browser... Chrome of Firefox? Let me know please...

                  Alvast weer E.N.O.R.M bedankt voor je hulp! Nice evening en sweet dreams,

                  roeten namens Gerry,


                  Karin

                  Comment


                  • #10
                    Je mag steeds een nieuw topic starten met je andere laptop, alleen de procedure is niet steeds dezelfde.
                    Dit hangt af van de situatie.

                    Vergewis je er echter van dat je het in de Hulp bij Virusinfectie post

                    Qua browser geef ik de voorkeur aan Firefox boven Google Chrome omdat Google het niet al te nauw neemt met privacy.

                    1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                    2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                    Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                    3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                    4) Allerlei tips en hints kan je hier raadplegen.


                    Ik zet het topic op opgelost.

                    Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                    naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                    Dit is gedaan om het forum netjes en overzichtelijk te houden.

                    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                    Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Ik zal de zaken weer eens goed doornemen maar vooral zorgen dat ook Gerry dit leest!!!

                      Heb vorig jaar 50 euro gedoneerd, doe ik dit jaar weer.

                      Nogmaals dank een fijne avond,

                      Karin

                      Comment


                      • #12
                        Graag gedaan
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X