Mededeling

Collapse
No announcement yet.

Telkens naar site na afsluiten Skype

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Telkens naar site na afsluiten Skype

    Telkens als ik mijn Skype afsluit, kom ik terecht (van zelf) naar de volgende webadres:
    hxxp://webafan.com/landingmarketingglobal/

    En dit gebeurt letterlijk elke keer! Ik heb op het net gezocht en ik kwam er achter dat het mogelijk spyware is.

    Wat kan ik er tegen doen?
    Last edited by Emphyrio; 25-06-14, 22:26. Reden: link aangepast

  • #2
    Hoi yass en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download Malwarebytes Anti-Malware naar je bureaublad .

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs. Dus een tweede "snelle scan" log enkel indien de VOLLEDIGE scan "iets" gevonden heeft.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scannen
    • Klik op Verwijderen
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
    Post deze inhoud hier op het Forum.

    Enkel de log na de "Verwijderen" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
    Deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Last edited by Emphyrio; 26-06-14, 10:39.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      MBAM

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scandatum: 26-6-2014
      Scantijd: 13:10:10
      Logbestand: log.txt
      Beheerder: Ja

      Versie: 2.00.2.1012
      Malwaredatabase: v2014.06.26.03
      Rootkitdatabase: v2014.06.23.02
      Licentie: Gratis
      Malwarebescherming: Uitgeschakeld
      Kwaadaardige Website Bescherming: Uitgeschakeld
      Self-protection: Uitgeschakeld

      Besturingssysteem: Windows 7 Service Pack 1
      Processor: x64
      Bestandssysteem: NTFS
      Gebruiker: Yassine

      Scantype: Aangepaste Scan
      Resultaat: Voltooid
      Objecten Gescand: 407536
      Verstreken Tijd: 57 m, 53 s

      Geheugen: Ingeschakeld
      Opstarten: Ingeschakeld
      Bestandssysteem: Ingeschakeld
      Archieven: Ingeschakeld
      Rootkits: Ingeschakeld
      Heuristics: Ingeschakeld
      POP: Ingeschakeld
      POA: Ingeschakeld

      Processen: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registersleutels: 0
      (No malicious items detected)

      Registerwaardes: 0
      (No malicious items detected)

      Registerdata: 0
      (No malicious items detected)

      Mappen: 0
      (No malicious items detected)

      Bestanden: 0
      (No malicious items detected)

      Fysieke Sectoren: 0
      (No malicious items detected)


      (end)

      Comment


      • #4
        AdwCleaner

        # AdwCleaner v3.213 - Report created 26/06/2014 at 14:19:09
        # Updated 23/06/2014 by Xplode
        # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
        # Username : Yassine - YASSINE-PC
        # Running from : C:\Users\Yassine\Desktop\adwcleaner_3.213.exe
        # Option : Clean

        ***** [ Services ] *****


        ***** [ Files / Folders ] *****


        ***** [ Shortcuts ] *****


        ***** [ Registry ] *****

        Key Deleted : HKCU\Software\AVG Secure Search
        Key Deleted : HKCU\Software\Conduit

        ***** [ Browsers ] *****

        -\\ Internet Explorer v11.0.9600.17126


        -\\ Mozilla Firefox v30.0 (nl)

        [ File : C:\Users\Yassine\AppData\Roaming\Mozilla\Firefox\Profiles\1rjur6a8.default\prefs.js ]


        -\\ Google Chrome v18.0.1025.142

        [ File : C:\Users\Yassine\AppData\Local\Google\Chrome\User Data\Default\preferences ]

        Deleted [Search Provider] : hxxp://nl.ask.com/web?q={searchTerms}

        *************************

        AdwCleaner[R0].txt - [1058 octets] - [30/01/2014 21:48:03]
        AdwCleaner[R1].txt - [1264 octets] - [26/06/2014 14:18:20]
        AdwCleaner[S0].txt - [1132 octets] - [30/01/2014 21:48:59]
        AdwCleaner[S1].txt - [1099 octets] - [26/06/2014 14:19:09]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1159 octets] ##########

        Comment


        • #5
          DDS

          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
          Run by Yassine at 14:22:38 on 2014-06-26
          Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.8191.6592 [GMT 2:00]
          .
          AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          .
          ============== Running Processes ===============
          .
          c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
          C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\system32\atiesrxx.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\AUDIODG.EXE
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\atieclxx.exe
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
          C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
          C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
          C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
          C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Windows\system32\taskhost.exe
          C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
          C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\servicing\TrustedInstaller.exe
          C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
          C:\Windows\System32\StikyNot.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
          C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
          C:\Program Files (x86)\AVG\AVG2014\avgui.exe
          C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Windows\SysWOW64\ctfmon.exe
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
          C:\Windows\splwow64.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          mWinlogon: Userinit = userinit.exe,
          BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          uRun: [AdobeBridge] <no file>
          mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
          mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
          mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
          mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
          dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
          IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
          IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          TCP: NameServer = 192.168.2.254 195.121.1.34 195.121.1.66
          TCP: Interfaces\{81E87CAA-10B8-4B4A-89AD-D32ADE477C5C} : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
          Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
          Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
          Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
          Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
          SSODL: WebCheck - <orphaned>
          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
          x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
          x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
          x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
          x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
          x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
          x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
          x64-SSODL: WebCheck - <orphaned>
          .
          ================= FIREFOX ===================
          .
          FF - ProfilePath - C:\Users\Yassine\AppData\Roaming\Mozilla\Firefox\Profiles\1rjur6a8.default\
          FF - prefs.js: browser.search.selectedEngine - Google
          FF - prefs.js: browser.startup.homepage - google.nl
          FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
          FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
          FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npURLInterceptorPlugin.dll
          FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
          FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
          FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
          FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
          FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
          FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-7-18 49048]
          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-5-13 191768]
          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-5-13 323352]
          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-5-13 130328]
          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-5-13 31512]
          R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-5-13 152344]
          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-5-13 236312]
          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-5-13 235800]
          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-5-13 273176]
          R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2013-9-24 97768]
          R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
          R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
          R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-20 59648]
          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-5-13 3644432]
          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-5-13 292424]
          R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2014-1-29 161776]
          R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2014-1-31 117552]
          R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
          R3 Blackberry Device Manager;BlackBerry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-1-18 577536]
          R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2014-1-29 13368]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-30 849992]
          R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2011-11-21 101376]
          R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2011-11-21 217088]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
          S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
          S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]
          S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2014-1-30 14136]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-30 19456]
          S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-30 57856]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-21 1255736]
          SUnknown tsusbhub;tsusbhub; [x]
          .
          =============== Created Last 30 ================
          .
          2014-06-26 12:18:41 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
          2014-06-26 11:05:25 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
          2014-06-26 11:05:07 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
          2014-06-26 11:05:07 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
          2014-06-26 11:05:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
          2014-06-26 11:03:26 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2014-06-18 07:12:57 -------- d-----w- C:\Users\Yassine\AppData\Local\Adobe
          2014-06-16 13:42:51 -------- d-----r- C:\Users\Yassine\Dropbox
          2014-06-16 13:41:35 -------- d-----w- C:\Users\Yassine\AppData\Roaming\DropboxMaster
          2014-06-16 13:40:10 -------- d-----w- C:\Users\Yassine\AppData\Roaming\Dropbox
          2014-06-16 12:49:00 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
          2014-06-16 12:49:00 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
          2014-06-16 12:48:26 -------- d-----w- C:\Users\Yassine\AppData\Roaming\DVDVideoSoft
          2014-05-31 15:05:42 -------- d-----w- C:\Games
          .
          ==================== Find3M ====================
          .
          2014-06-17 19:45:05 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2014-06-17 19:45:05 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
          2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
          2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
          2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
          2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
          2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
          2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
          2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
          2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
          2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
          2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
          2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
          2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
          2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
          2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
          2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
          2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
          2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
          2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
          2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
          2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
          2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
          2014-05-13 12:20:26 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
          2014-05-13 12:20:06 273176 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
          2014-05-13 12:06:06 323352 ----a-w- C:\Windows\System32\drivers\avgloga.sys
          2014-05-13 12:05:40 191768 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
          2014-05-13 12:05:08 152344 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
          2014-05-13 12:05:06 130328 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
          2014-05-13 12:04:56 236312 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
          2014-05-13 12:04:30 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
          2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
          2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
          2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
          2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
          2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
          2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
          2014-04-14 18:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
          2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
          2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
          2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
          2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
          2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
          2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
          2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
          2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
          2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
          2014-04-07 18:04:18 24064 ----a-w- C:\Windows\zoek-delete.exe
          2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
          2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
          2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
          2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
          .
          ============= FINISH: 14:23:34,85 ===============

          Comment


          • #6
            Checkup

            Results of screen317's Security Check version 0.99.85
            Windows 7 Service Pack 1 x64 (UAC is enabled)
            Internet Explorer 11
            ``````````````Antivirus/Firewall Check:``````````````
            AVG AntiVirus Free Edition 2014
            Antivirus up to date!
            `````````Anti-malware/Other Utilities Check:`````````
            Java 7 Update 55
            Java version out of Date!
            Adobe Flash Player 14.0.0.125
            Adobe Reader XI
            Mozilla Firefox (30.0)
            Google Chrome 18.0.1025.142
            ````````Process Check: objlist.exe by Laurent````````
            AVG avgwdsvc.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: 0%
            ````````````````````End of Log``````````````````````

            Comment


            • #7
              Jammer genoeg kom ik weer daarop (hxxp://webafan.com/landingmarketingglobal/) nadat ik op mijn Skype aanmeld of als ik het afsluit..

              Link aangepast.
              Wil je deze link niet meer posten aub?
              Last edited by Emphyrio; 26-06-14, 13:51.

              Comment


              • #8
                Oorspronkelijk geplaatst door yass Bekijk Berichten
                Jammer genoeg kom ik weer daarop (hxxp://webafan.com/landingmarketingglobal/) nadat ik op mijn Skype aanmeld of als ik het afsluit..
                Even geduld yass, we zijn nog volop in de analyse fase.
                Ik ben me bewust van het probleem, het is echter niet in 1-2-3 opgelost.

                Wilt ge tevens uitvoeren wat er gevraagd geweest is aub?
                Je kan perfect MBAM 1.75 naast MBAM 2.0 hebben op je pc.

                Ik verwacht stap 1 dus nog.
                Last edited by Emphyrio; 26-06-14, 13:58.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
                  Even geduld yass, we zijn nog volop in de analyse fase.
                  Ik ben me bewust van het probleem, het is echter niet in 1-2-3 opgelost.

                  Wilt ge tevens uitvoeren wat er gevraagd geweest is aub?
                  Je kan perfect MBAM 1.75 naast MBAM 2.0 hebben op je pc.

                  Ik verwacht stap 1 dus nog.
                  Sorry!

                  Gek genoeg lukt het niet bij mij.. ik krijg steeds de nieuwe versie van MBAM...

                  Comment


                  • #10
                    Oorspronkelijk geplaatst door yass Bekijk Berichten
                    Sorry!

                    Gek genoeg lukt het niet bij mij.. ik krijg steeds de nieuwe versie van MBAM...
                    Dat kan niet, yass, de link is een directe naar 1.75
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Malwarebytes Anti-Malware 1.75.0.1300
                      www.malwarebytes.org

                      Databaseversie: v2013.04.04.07

                      Windows 7 Service Pack 1 x64 NTFS
                      Internet Explorer 11.0.9600.17126
                      Yassine :: YASSINE-PC [administrator]

                      26-6-2014 15:34:26
                      mbam-log-2014-06-26 (15-34-26).txt

                      Scan type: Volledige scan (C:\|)
                      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
                      Uitgeschakelde scan opties: P2P
                      Objecten gescand: 342023
                      Verstreken tijd: 30 minuut/minuten, 57 seconde(n)

                      Geheugenprocessen gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Geheugenmodulen gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Registersleutels gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Registerwaarden gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Registerdata gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Mappen gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      Bestanden gedetecteerd: 0
                      (Geen kwaadaardige objecten gedetecteerd)

                      (einde)

                      Comment


                      • #12
                        Verwijder Java 7 Update 55 van je pc via software.
                        PC herstarten.

                        ---------------------------------------------------------------------------

                        • Download PC Info naar je bureaublad.
                        • Unzip en klik op SetupPC Info.
                        • Doorloop het installatieproces.

                        .
                        Dubbelklik op PC Info.
                        De scanning wordt nu ingezet...
                        Na de scanning selecteer je de tab: Logs
                        Vervolgens check je uitsluitend deze items:
                        .
                        • Software
                        • Hardware
                        • Software Installed List
                        • Startup List
                        • Running Processes
                        • Expert Mode
                        • Registry Scan

                        .
                        Klik nu op 'Create a log' kopieer en plak deze in je volgende posting.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          PC Info vers © 2011-2014 Onsia Patrick (Emphyrio)
                          26-6-2014 16:24:12
                          Boot Status: Normal boot
                          ==================== OS INFO ====================================

                          OS Versions
                          Editieed
                          Service Packsp
                          Build: label8
                          Windows OS Bitslabel9

                          Update detected : 2014-06-26 10:36:10
                          Update downloaded : 2014-06-12 05:11:36
                          Update installed : 2014-06-12 05:27:45
                          ==================== GENERAL INFO ===============================

                          Windows dirlabel7
                          User Profilelabel7
                          Java Versionlabel7
                          Antivirus : : AVG AntiVirus Free Edition 2014 [Updated - Running ]
                          Antispyware : : AVG AntiVirus Free Edition 2014 [Updated - Running ]
                          Firewall : : Windows Firewall
                          ==================== HARDWARE ===================================

                          AuthenticAMD AMD64 Family 21 Model 2 Stepping 0
                          AMD FX(tm)-6300 Six-Core Processor

                          Mainboard : MSI

                          Model : MS-7699

                          Bios Version : V1.2 (American Megatrends Inc.)

                          RAMlabel12
                          RAM Freelabel13

                          Videokaart Name
                          vidMaxMem
                          Driver Version
                          ==================== APP LIST ===================================

                          C:\ Fixed - - NTFS - 465 Gb (Free : 415878 Mb / 406 Gb )
                          ==================== INSTALLED SOFTWARE LIST ====================


                          ACP Application 1.00.0000
                          Adobe Flash Player 13 ActiveX 13.0.0.214
                          Adobe Flash Player 14 Plugin 14.0.0.125
                          Adobe Photoshop CS6 13.0
                          Adobe Reader XI (11.0.07) - Nederlands 11.0.07
                          AMD Accelerated Video Transcoding 13.20.100.31206
                          AMD Catalyst Control Center 2013.1206.1603.28764
                          AMD Catalyst Install Manager 8.0.915.0
                          AMD Drag and Drop Transcoding 2.00.0000
                          AMD Fuel 2013.1206.1603.28764
                          AMD Media Foundation Decoders 1.0.81206.1620
                          AMD Steady Video Plug-In 2.06.0000
                          AMD Wireless Display v3.0 1.0.0.14
                          Asmedia ASM106x SATA Host Controller Driver 1.3.8.000
                          AVG 2014 14.0.3986
                          AVG 2014 14.0.4592
                          AVG 2014 2014.0.4592
                          BlackBerry Desktop Software 7.1 7.1.0.41
                          Catalyst Control Center - Branding 1.00.0000
                          Catalyst Control Center Graphics Previews Common 2013.1206.1603.28764
                          Catalyst Control Center InstallProxy 2013.1206.1603.28764
                          Catalyst Control Center Localization All 2013.1206.1603.28764
                          ccc-utility64 2013.1206.1603.28764
                          CCC Help Chinese Standard 2013.1206.1602.28764
                          CCC Help Chinese Traditional 2013.1206.1602.28764
                          CCC Help Czech 2013.1206.1602.28764
                          CCC Help Danish 2013.1206.1602.28764
                          CCC Help Dutch 2013.1206.1602.28764
                          CCC Help English 2013.1206.1602.28764
                          CCC Help Finnish 2013.1206.1602.28764
                          CCC Help French 2013.1206.1602.28764
                          CCC Help German 2013.1206.1602.28764
                          CCC Help Greek 2013.1206.1602.28764
                          CCC Help Hungarian 2013.1206.1602.28764
                          CCC Help Italian 2013.1206.1602.28764
                          CCC Help Japanese 2013.1206.1602.28764
                          CCC Help Korean 2013.1206.1602.28764
                          CCC Help Norwegian 2013.1206.1602.28764
                          CCC Help Polish 2013.1206.1602.28764
                          CCC Help Portuguese 2013.1206.1602.28764
                          CCC Help Russian 2013.1206.1602.28764
                          CCC Help Spanish 2013.1206.1602.28764
                          CCC Help Swedish 2013.1206.1602.28764
                          CCC Help Thai 2013.1206.1602.28764
                          CCC Help Turkish 2013.1206.1602.28764
                          CCleaner 4.10
                          Citrix Authentication Manager 5.1.0.62606
                          Citrix online plug-in (Web) 12.0.0.6410
                          Citrix Receiver 14.1.0.0
                          Citrix Receiver (HDX Flash Redirection) 14.1.0.0
                          Citrix Receiver Inside 4.1.0.56471
                          Citrix Receiver Updater 4.1.0.56461
                          Citrix Receiver(Aero) 14.1.0.0
                          Citrix Receiver(DV) 14.1.0.0
                          Citrix Receiver(USB) 14.1.0.0
                          EasyViewer 1.3.0.9
                          Free YouTube Download version 3.2.39.604 3.2.39.604
                          Google Chrome 18.0.1025.142
                          Google Update Helper 1.3.21.99
                          Live Update 5 5.0.112
                          Malwarebytes Anti-Malware versie 1.75.0.1300 1.75.0.1300
                          Malwarebytes Anti-Malware versie 2.0.2.1012 2.0.2.1012
                          Microsoft .NET Framework 4.5.1 4.5.50938
                          Microsoft Games for Windows - LIVE Redistributable 2.0.672.0
                          Microsoft Office 2007 Service Pack 3 (SP3)
                          Microsoft Office Access MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Access MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Access Setup Metadata MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Enterprise 2007 12.0.6612.1000
                          Microsoft Office Excel MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Excel MUI (English) 2007 12.0.6612.1000
                          Microsoft Office File Validation Add-In 14.0.5130.5003
                          Microsoft Office Groove MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Groove MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Groove Setup Metadata MUI (English) 2007 12.0.6612.1000
                          Microsoft Office InfoPath MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office InfoPath MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Language Pack 2007 - Dutch/Nederlands 12.0.6612.1000
                          Microsoft Office O MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Office 64-bit Components 2007 12.0.6612.1000
                          Microsoft Office OneNote MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office OneNote MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Outlook MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Outlook MUI (English) 2007 12.0.6612.1000
                          Microsoft Office PowerPoint MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office PowerPoint MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Proof (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Proof (English) 2007 12.0.6612.1000
                          Microsoft Office Proof (French) 2007 12.0.6612.1000
                          Microsoft Office Proof (German) 2007 12.0.6612.1000
                          Microsoft Office Proof (Spanish) 2007 12.0.6612.1000
                          Microsoft Office Proofing (Dutch) 2007 12.0.4518.1017
                          Microsoft Office Proofing (English) 2007 12.0.4518.1014
                          Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
                          Microsoft Office Publisher MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Publisher MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Shared 64-bit MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Shared 64-bit MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Shared MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Shared MUI (English) 2007 12.0.6612.1000
                          Microsoft Office Shared Setup Metadata MUI (English) 2007 12.0.6612.1000
                          Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
                          Microsoft Office SharePoint Designer MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Word MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Office Word MUI (English) 2007 12.0.6612.1000
                          Microsoft Office X MUI (Dutch) 2007 12.0.6612.1000
                          Microsoft Silverlight 5.1.30214.0
                          Microsoft Visual C++ 2005 Redistributable 8.0.61001
                          Microsoft Visual C++ 2005 Redistributable (x64) 8.0.61000
                          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 9.0.30729.4148
                          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 9.0.30729.6161
                          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
                          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148
                          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161
                          Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 10.0.40219
                          Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 10.0.40219
                          Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 11.0.60610.1
                          Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 11.0.60610.1
                          Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 11.0.60610
                          Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 11.0.60610
                          Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 11.0.60610
                          Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 11.0.60610
                          Microsoft_VC80_CRT_x86 8.0.50727.4053
                          Microsoft_VC90_CRT_x86 1.00.0000
                          Mozilla Firefox 30.0 (x86 nl) 30.0
                          Mozilla Maintenance Service 29.0.1
                          Online Plug-in 14.1.0.0
                          Paltalk Messenger 11.4 11.4.559.15882
                          PC Info 2.2.0
                          PDF Settings CS6 11.0
                          Pivot Pro Plugin 9.50.110
                          PowerISO 5.8
                          Realtek Ethernet Controller Driver 7.72.410.2013
                          Realtek High Definition Audio Driver 6.0.1.7069
                          Renesas Electronics USB 3.0 Host Controller Driver 3.0.12.0
                          SDK 2.31.009
                          Security Update for CAPICOM (KB931906) 2.1.0.2
                          Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) 1
                          Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) 1
                          Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) 1
                          Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
                          Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
                          Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
                          Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
                          Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
                          Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
                          Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
                          Self-service Plug-in 4.1.0.41738
                          Skype™ 6.16 6.16.105
                          SmartControl 2.23.002
                          Super-Charger 1.2.019
                          System Requirements Lab CYRI 6.0.8.0
                          Update for 2007 Microsoft Office System (KB967642)
                          Update for Microsoft Office 2007 Help for Common Features (KB963673)
                          Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
                          Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
                          Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
                          Update for Microsoft Office Access 2007 Help (KB963663)
                          Update for Microsoft Office Excel 2007 Help (KB963678)
                          Update for Microsoft Office Infopath 2007 Help (KB963662)
                          Update for Microsoft Office OneNote 2007 Help (KB963670)
                          Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
                          Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
                          Update for Microsoft Office Outlook 2007 Help (KB963677)
                          Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
                          Update for Microsoft Office Powerpoint 2007 Help (KB963669)
                          Update for Microsoft Office Publisher 2007 Help (KB963667)
                          Update for Microsoft Office Script Editor Help (KB963671)
                          Update for Microsoft Office Word 2007 Help (KB963665)
                          Update voor Microsoft Office Excel 2007 Help (KB963678)
                          Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
                          Update voor Microsoft Office Word 2007 Help (KB963665)
                          VideoGenie 1.0.0.12
                          Visual Studio 2012 x64 Redistributables 14.0.0.1
                          Visual Studio 2012 x86 Redistributables 14.0.0.1
                          VLC media player 2.1.3 2.1.3
                          Winki 3.2.125
                          WinRAR 5.01 (64-bit) 5.01.0
                          ==================== STARTUP LIST Enabled========================

                          ------- Local 32/64 HKLM Yassine------------

                          RUSB3MON : "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
                          GrooveMonitor : "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
                          RIMBBLaunchAgent.exe : C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
                          AVG_UI : "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
                          StartCCC : "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

                          ------- Local [HKLM] Yassine------------

                          RTHDVCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
                          Logitech Download Assistant : C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

                          ------- Current User [HKCU] Yassine------------

                          AdobeBridge :
                          RESTART_STICKY_NOTES : C:\Windows\System32\StikyNot.exe

                          ==================== RUNNING PROCESSES ==========================

                          PC Info ID = 5508 Path: C:\Program Files (x86)\E Dev\PC Info\PC Info.exe
                          StikyNot ID = 3928 Path: C:\Windows\System32\StikyNot.exe
                          atieclxx ID = 1760 Path: C:\Windows\system32\atieclxx.exe
                          csrss ID = 968 Path: C:\Windows\system32\csrss.exe
                          dwm ID = 1948 Path: C:\Windows\system32\Dwm.exe
                          RtkNGUI64 ID = 3908 Path: C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
                          MOM ID = 2096 Path: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                          explorer ID = 3080 Path: C:\Windows\Explorer.EXE
                          avgui ID = 3276 Path: C:\Program Files (x86)\AVG\AVG2014\avgui.exe
                          rusb3mon ID = 4060 Path: C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
                          winlogon ID = 1220 Path: C:\Windows\system32\winlogon.exe
                          RIMBBLaunchAgent ID = 3268 Path: C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
                          ctfmon ID = 3452 Path: C:\Windows\SysWOW64\ctfmon.exe
                          firefox ID = 5796 Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                          taskhost ID = 1844 Path: C:\Windows\system32\taskhost.exe
                          SearchProtocolHost ID = 3396 Path: C:\Windows\system32\SearchProtocolHost.exe
                          CCC ID = 3760 Path: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                          ==================== REG SCAN ===================================

                          Empthy keys and/or values aren't logged !

                          ==================== SESSION MANAGER ============================

                          HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
                          BootExecute = autocheck autochk *
                          ==================== WINLOGON ===================================

                          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

                          Userinit = C:\Windows\system32\userinit.exe,
                          Shell = explorer.exe

                          ==================== ShellServiceObjectDelayLoad ================

                          HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

                          WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
                          File in HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32\

                          ==================== Shell Extensions\Approved ==================

                          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

                          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck
                          {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                          File in HKCR\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32\ = C:\Windows\System32\webcheck.dll

                          ==================== Shell Extensions\Approved WOW 6432 =========

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
                          {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck

                          ==================== SharedTaskScheduler ========================

                          HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\



                          File in HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32\ = C:\Windows\system32\explorerframe.dll

                          ==================== RUN KEYS====================================

                          HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                          HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
                          HKCU\Software\Microsoft\Windows\CurrentVersion\Run


                          RESTART_STICKY_NOTES = C:\Windows\System32\StikyNot.exe
                          HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                          HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
                          HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
                          HKLM\Software\Microsoft\Windows\CurrentVersion\Run

                          Logitech Download Assistant = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
                          RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

                          AVG_UI = "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
                          GrooveMonitor = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
                          RIMBBLaunchAgent.exe = C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
                          RUSB3MON = "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
                          StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRunHKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
                          HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

                          ==================== vVv Krepper Trojan Pointers vVv ============

                          HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run

                          ==================== RUN SERVICES ===============================

                          HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
                          HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                          HKU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                          HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
                          HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

                          Sidebar = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRunHKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

                          Sidebar = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
                          ==================== Shell Folder ===============================

                          HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                          Startup = C:\Users\Yassine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

                          HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

                          ==================== DLL Loaded =================================

                          HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows


                          ( 0x0 – Load any DLLs. 0x1 – Load only code-signed DLLs.)



                          HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load


                          ==================== ShellExecuteHooks ==========================

                          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks

                          ==================== Command Processor ==========================

                          HKLM\Software\Microsoft\Command Processor
                          HKCU\Software\Microsoft\Command Processor

                          ==================== BROWSER HELPER OBJECTS =====================

                          HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

                          {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} = SteadyVideoBHO Class
                          File in HKCR\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\InProcServer32\
                          = C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
                          --------------------------------------------------------------------
                          ==================== BHO - CLSID Wow6432Node ====================

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

                          {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} = SteadyVideoBHO Class
                          File in HKCR\Wow6432Node\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\InProcServer32\
                          = C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

                          --------------------------------------------------------------------
                          {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper
                          File in HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32\
                          = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

                          --------------------------------------------------------------------
                          ==================== TOOLBAR ====================================

                          HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

                          # Not exist #

                          ==================== TOOLBAR - Wow6432Node ======================

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

                          # Not exist #

                          ==================== URL SEARCH HOOKS ===========================

                          HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks

                          HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks

                          HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks

                          ==================== SAFE BOOT ==================================

                          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

                          AlternateShell = cmd.exe
                          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

                          {533C5B84-EC70-11D2-9505-00C04F79DEAF}
                          = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                          = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                          = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                          = SecurityDevices

                          HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

                          {50DD5230-BA8A-11D1-BF5D-0000F805F530}
                          = Smart card readers{533C5B84-EC70-11D2-9505-00C04F79DEAF}
                          = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                          = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                          = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                          = SecurityDevicesDnsCache
                          = ServiceWudfPf
                          = DriverWudfRd
                          = DriverWudfSvc
                          = ServiceWudfUsbccidDriver
                          = Driver
                          ==================== DESKTOP ====================================

                          HKCU\Control Panel\Desktop

                          ScreenSaveActive = 1
                          HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE
                          ==================== SECURITYPROVIDERS ==========================

                          HKLM\system\currentcontrolset\control\securityproviders

                          SecurityProviders = credssp.dll
                          File in C:\Windows\System32\credssp.dll 22016 bytes [ 14-5-2014 10:23:56 ]
                          ==================== SVCHOST (White Listed) ==================

                          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

                          LocalService => FontCache
                          SYSTEM\CurrentControlSet\Services\FontCache\Parameters
                          ServiceDll = C:\Windows\system32\FntCache.dll
                          GPSvcGroup => GPSvc
                          SYSTEM\CurrentControlSet\Services\GPSvc\Parameters
                          ServiceDll = C:\Windows\System32\gpsvc.dll

                          ==================== WOW-SVCHOST ================================

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost

                          All ok==================== INTERFACES =================================

                          HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

                          {81E87CAA-10B8-4B4A-89AD-D32ADE477C5C}
                          {846ee342-7039-11de-9d20-806e6f6e6963}

                          ==================== SEARCHSCOPES ===============================

                          HKCU\Software\Microsoft\Internet Explorer\SearchScopes

                          DefaultScope :

                          {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                          URL : http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

                          {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
                          URL : http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}


                          HKLM\Software\Microsoft\Internet Explorer\SearchScopes

                          DefaultScope : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

                          {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                          URL : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


                          ==================== Job files ==================================

                          There are no .job files found.
                          =================================================================

                          Log finished at 26-6-2014 16:24:13
                          Thanks for using PC Info...
                          ==================== END ========================================

                          Comment


                          • #14
                            Er is iets niet juist gegaan bij het runnen van PC Info.

                            Zet je beveiligingssoftware tijdelijk uit.
                            Rechtsklik erop en "Uitvoeren als admin" kiezen.
                            En voer terufg de eerdere richtlijnen ivm PC Info uit.
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Ik krijg de volgende melding:

                              ----------------------------------------
                              System.Core
                              Assembly-versie: 3.5.0.0
                              Win32-versie: 3.5.30729.5420 built by: Win7SP1
                              CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Core/3.5.0.0__b77a5c561934e089/System.Core.dll
                              ----------------------------------------
                              mscorlib.resources
                              Assembly-versie: 2.0.0.0
                              Win32-versie: 2.0.50727.5477 (Win7SP1GDR.050727-5400)
                              CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v2.0.50727/mscorlib.dll
                              ----------------------------------------
                              System.Windows.Forms.resources
                              Assembly-versie: 2.0.0.0
                              Win32-versie: 2.0.50727.5420 (Win7SP1.050727-5400)
                              CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms.resources/2.0.0.0_nl_b77a5c561934e089/System.Windows.Forms.resources.dll
                              ----------------------------------------

                              ************** JIT-foutopsporing **************
                              Als u JIT-foutopsporing wilt inschakelen, moet in het configuratiebestand voor deze
                              toepassing of computer (machine.config) de waarde
                              jitDebugging in het gedeelte system.windows.forms zijn ingesteld.
                              De toepassing moet ook zijn gecompileerd terwijl foutopsporing
                              was ingeschakeld.

                              Bijvoorbeeld:

                              <configuration>
                              <system.windows.forms jitDebugging="true" />
                              </configuration>

                              Wanneer JIT-foutopsporing is ingeschakeld, worden onverwerkte uitzonderingen
                              naar het JIT-foutopsporingsprogramma gestuurd dat op de computer is geregistreerd
                              en worden niet door dit dialoogvenster verwerkt.

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X